From 85c4c91e0eec566acd97a337f2d9240b484031ee Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Thu, 5 Aug 2010 22:47:42 +0100 Subject: [PATCH] IDEA inspection refactorings. --- .../security/acls/AclEntryVoter.java | 8 +--- .../security/acls/AclPermissionEvaluator.java | 4 +- .../afterinvocation/AbstractAclProvider.java | 8 ++-- .../acls/afterinvocation/ArrayFilterer.java | 2 +- .../afterinvocation/CollectionFilterer.java | 11 ++---- .../acls/domain/AbstractPermission.java | 2 +- .../acls/domain/AccessControlEntryImpl.java | 8 ++-- .../domain/AclAuthorizationStrategyImpl.java | 8 ++-- .../security/acls/domain/AclImpl.java | 2 +- .../acls/domain/DefaultPermissionFactory.java | 9 +++-- .../DefaultPermissionGrantingStrategy.java | 2 +- .../acls/domain/EhCacheBasedAclCache.java | 2 +- .../acls/domain/GrantedAuthoritySid.java | 2 +- .../acls/domain/ObjectIdentityImpl.java | 2 +- .../security/acls/domain/PrincipalSid.java | 2 +- .../acls/jdbc/BasicLookupStrategy.java | 14 +++---- .../security/acls/jdbc/JdbcAclService.java | 11 +++--- .../acls/jdbc/JdbcMutableAclService.java | 24 ++++++------ .../CasAuthenticationProvider.java | 4 +- ...AssertionAttributesUserDetailsService.java | 2 +- ...enticationManagerBeanDefinitionParser.java | 2 +- ...nticationProviderBeanDefinitionParser.java | 2 +- .../CachingUserDetailsService.java | 2 +- .../authentication/PasswordEncoderParser.java | 4 +- .../UserServiceBeanDefinitionParser.java | 4 +- .../http/AuthenticationConfigBuilder.java | 18 +++------ .../config/http/ChannelAttributeFactory.java | 4 +- .../http/DefaultFilterChainValidator.java | 2 +- ...FilterChainMapBeanDefinitionDecorator.java | 4 +- .../config/http/HttpConfigurationBuilder.java | 2 +- .../HttpSecurityBeanDefinitionParser.java | 19 +++------ .../http/LogoutBeanDefinitionParser.java | 2 +- .../security/config/http/WebConfigUtils.java | 4 +- .../LdapProviderBeanDefinitionParser.java | 4 +- ...balMethodSecurityBeanDefinitionParser.java | 2 +- ...terceptMethodsBeanDefinitionDecorator.java | 3 +- .../method/ProtectPointcutPostProcessor.java | 12 +++--- .../security/access/SecurityConfig.java | 8 ++-- ...ecurityExpressionRootPropertyAccessor.java | 2 +- ...efaultMethodSecurityExpressionHandler.java | 8 ++-- ...essionBasedAnnotationAttributeFactory.java | 2 +- .../ExpressionBasedPostInvocationAdvice.java | 2 +- .../MethodSecurityEvaluationContext.java | 4 +- .../hierarchicalroles/RoleHierarchyImpl.java | 12 ++---- .../intercept/InterceptorStatusToken.java | 8 ++-- .../RunAsImplAuthenticationProvider.java | 8 +--- .../MethodSecurityInterceptor.java | 2 +- .../MethodSecurityMetadataSourceAdvisor.java | 4 +- .../AspectJAnnotationSecurityInterceptor.java | 2 +- .../aspectj/AspectJSecurityInterceptor.java | 2 +- .../MapBasedMethodSecurityMetadataSource.java | 14 +++---- .../prepost/PostInvocationAdviceProvider.java | 2 +- ...PreInvocationAuthorizationAdviceVoter.java | 2 +- .../vote/AbstractAccessDecisionManager.java | 12 +----- .../access/vote/AbstractAclVoter.java | 8 +--- .../AccountStatusUserDetailsChecker.java | 2 +- .../AnonymousAuthenticationProvider.java | 2 +- .../authentication/AuthenticationDetails.java | 2 +- .../AuthenticationDetailsSourceImpl.java | 6 +-- .../AuthenticationProvider.java | 2 +- .../InsufficientAuthenticationException.java | 5 +-- .../RememberMeAuthenticationProvider.java | 2 +- .../TestingAuthenticationProvider.java | 2 +- .../TestingAuthenticationToken.java | 4 +- ...ractUserDetailsAuthenticationProvider.java | 2 +- .../dao/ReflectionSaltSource.java | 2 +- .../security/authentication/encoding/Md4.java | 4 +- .../AbstractAuthenticationFailureEvent.java | 2 +- ...InteractiveAuthenticationSuccessEvent.java | 2 +- .../jaas/JaasAuthenticationProvider.java | 19 ++++----- .../jaas/JaasGrantedAuthority.java | 2 +- .../jaas/JaasNameCallbackHandler.java | 2 +- .../event/JaasAuthenticationFailedEvent.java | 2 +- .../rcp/RemoteAuthenticationManagerImpl.java | 4 +- .../rcp/RemoteAuthenticationProvider.java | 2 +- .../core/authority/AuthorityUtils.java | 4 +- .../core/authority/GrantedAuthorityImpl.java | 2 +- ...edAttributes2GrantedAuthoritiesMapper.java | 4 +- .../security/core/codec/Base64.java | 11 +++--- ...eadLocalSecurityContextHolderStrategy.java | 1 - .../core/session/SessionInformation.java | 4 +- .../security/core/token/DefaultToken.java | 8 ++-- .../KeyBasedPersistenceTokenService.java | 4 +- .../core/token/Sha512DigestUtils.java | 22 +++-------- .../core/userdetails/jdbc/JdbcDaoImpl.java | 8 ++-- .../userdetails/memory/UserMapEditor.java | 4 +- .../provisioning/JdbcUserDetailsManager.java | 21 +++++----- .../remoting/dns/JndiDnsResolver.java | 8 ++-- .../ContextPropagatingRemoteInvocation.java | 2 +- .../security/util/FieldUtils.java | 5 +-- .../security/util/InMemoryResource.java | 4 +- .../security/util/MethodInvocationUtils.java | 10 +++-- .../AbstractAccessDecisionManagerTests.java | 20 +++------- .../integration/UserDetailsServiceImpl.java | 2 +- .../PythonInterpreterPreInvocationAdvice.java | 2 +- ...thonInterpreterPreInvocationAttribute.java | 2 +- .../ldap/DefaultLdapUsernameToDnMapper.java | 4 +- .../security/ldap/LdapUtils.java | 2 +- .../AbstractLdapAuthenticator.java | 6 +-- .../LdapAuthenticationProvider.java | 2 +- ...etailsServiceLdapAuthoritiesPopulator.java | 2 +- .../ldap/ppolicy/PasswordPolicyControl.java | 2 +- .../ppolicy/PasswordPolicyErrorStatus.java | 4 +- .../ldap/ppolicy/PasswordPolicyException.java | 2 +- .../PasswordPolicyResponseControl.java | 4 +- .../search/FilterBasedLdapUserSearch.java | 6 +-- .../ldap/server/ApacheDSContainer.java | 14 +++---- .../DefaultLdapAuthoritiesPopulator.java | 4 +- .../userdetails/LdapUserDetailsManager.java | 4 +- .../userdetails/LdapUserDetailsMapper.java | 4 +- .../security/openid/OpenID4JavaConsumer.java | 2 +- .../openid/OpenIDAuthenticationProvider.java | 2 +- .../openid/OpenIDAuthenticationStatus.java | 2 +- .../contact/AddDeleteContactController.java | 2 +- .../contact/AdminPermissionController.java | 6 +-- .../sample/contact/ClientApplication.java | 4 +- .../sample/contact/ContactManagerBackend.java | 4 +- .../sample/contact/DataSourcePopulator.java | 6 +-- .../java/samples/gae/security/AppRole.java | 2 +- .../gae/security/GaeAuthenticationFilter.java | 2 +- .../gae/users/InMemoryUserRegistry.java | 2 +- .../openid/CustomUserDetailsService.java | 2 +- .../src/main/java/bigbank/BankDaoStub.java | 12 +++--- .../main/java/bigbank/BankServiceImpl.java | 2 +- .../main/java/bigbank/web/ListAccounts.java | 2 +- .../main/java/bigbank/web/PostAccounts.java | 2 +- .../taglibs/authz/AccessControlListTag.java | 2 +- .../security/taglibs/velocity/AuthzImpl.java | 8 +--- .../security/web/FilterChainProxy.java | 8 ++-- .../security/web/PortMapperImpl.java | 8 +--- ...efaultWebInvocationPrivilegeEvaluator.java | 2 +- .../channel/ChannelDecisionManagerImpl.java | 6 +-- .../channel/InsecureChannelProcessor.java | 8 +--- .../channel/SecureChannelProcessor.java | 8 +--- .../DefaultWebSecurityExpressionHandler.java | 4 +- .../intercept/FilterSecurityInterceptor.java | 2 +- .../web/access/intercept/RequestKey.java | 4 +- ...AuthenticationTargetUrlRequestHandler.java | 2 +- .../DelegatingAuthenticationEntryPoint.java | 2 +- ...onMappingAuthenticationFailureHandler.java | 2 +- .../LoginUrlAuthenticationEntryPoint.java | 2 +- .../WebAuthenticationDetails.java | 4 +- .../authentication/logout/LogoutFilter.java | 4 +- ...tractPreAuthenticatedProcessingFilter.java | 2 +- ...reAuthenticatedAuthenticationProvider.java | 2 +- ...dGrantedAuthoritiesUserDetailsService.java | 3 +- ...edAuthoritiesWebAuthenticationDetails.java | 2 +- .../RequestHeaderAuthenticationFilter.java | 4 +- .../DefaultWASUsernameAndGroupsExtractor.java | 26 +++++++------ ...2SpringSecurityPropagationInterceptor.java | 2 +- .../AbstractRememberMeServices.java | 10 ++--- .../InMemoryTokenRepositoryImpl.java | 8 ++-- .../rememberme/JdbcTokenRepositoryImpl.java | 12 ++---- .../rememberme/PersistentRememberMeToken.java | 8 ++-- ...ersistentTokenBasedRememberMeServices.java | 4 +- .../ConcurrentSessionControlStrategy.java | 6 +-- .../AuthenticationSwitchUserEvent.java | 2 +- .../switchuser/SwitchUserFilter.java | 2 +- .../SwitchUserGrantedAuthority.java | 2 +- .../authentication/www/DigestAuthUtils.java | 15 +++---- .../www/DigestAuthenticationEntryPoint.java | 2 +- .../www/DigestAuthenticationFilter.java | 18 ++++----- .../HttpSessionSecurityContextRepository.java | 14 +++---- ...ContextOnUpdateOrErrorResponseWrapper.java | 2 +- .../web/savedrequest/DefaultSavedRequest.java | 39 +++++++++---------- .../web/savedrequest/FastHttpDateFormat.java | 19 +++++---- .../web/savedrequest/SavedCookie.java | 16 ++++---- .../SavedRequestAwareWrapper.java | 8 ++-- ...urityContextHolderAwareRequestWrapper.java | 4 +- .../web/session/ConcurrentSessionFilter.java | 4 +- .../web/session/SessionManagementFilter.java | 2 +- .../security/web/util/ELRequestMatcher.java | 2 +- .../web/util/ELRequestMatcherContext.java | 4 +- .../security/web/util/TextEscapeUtils.java | 2 +- .../security/web/util/ThrowableAnalyzer.java | 6 +-- 175 files changed, 428 insertions(+), 551 deletions(-) diff --git a/acl/src/main/java/org/springframework/security/acls/AclEntryVoter.java b/acl/src/main/java/org/springframework/security/acls/AclEntryVoter.java index 8b5a4a76f8..f41f902277 100644 --- a/acl/src/main/java/org/springframework/security/acls/AclEntryVoter.java +++ b/acl/src/main/java/org/springframework/security/acls/AclEntryVoter.java @@ -145,11 +145,7 @@ public class AclEntryVoter extends AbstractAclVoter { } public boolean supports(ConfigAttribute attribute) { - if ((attribute.getAttribute() != null) && attribute.getAttribute().equals(getProcessConfigAttribute())) { - return true; - } else { - return false; - } + return (attribute.getAttribute() != null) && attribute.getAttribute().equals(getProcessConfigAttribute()); } public int vote(Authentication authentication, Object object, Collection attributes) { @@ -177,7 +173,7 @@ public class AclEntryVoter extends AbstractAclVoter { try { Class clazz = domainObject.getClass(); Method method = clazz.getMethod(internalMethod, new Class[0]); - domainObject = method.invoke(domainObject, new Object[0]); + domainObject = method.invoke(domainObject); } catch (NoSuchMethodException nsme) { throw new AuthorizationServiceException("Object of class '" + domainObject.getClass() + "' does not provide the requested internalMethod: " + internalMethod); diff --git a/acl/src/main/java/org/springframework/security/acls/AclPermissionEvaluator.java b/acl/src/main/java/org/springframework/security/acls/AclPermissionEvaluator.java index 40af57e0fe..adfddd1c6a 100644 --- a/acl/src/main/java/org/springframework/security/acls/AclPermissionEvaluator.java +++ b/acl/src/main/java/org/springframework/security/acls/AclPermissionEvaluator.java @@ -34,7 +34,7 @@ public class AclPermissionEvaluator implements PermissionEvaluator { private final Log logger = LogFactory.getLog(getClass()); - private AclService aclService; + private final AclService aclService; private ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy = new ObjectIdentityRetrievalStrategyImpl(); private ObjectIdentityGenerator objectIdentityGenerator = new ObjectIdentityRetrievalStrategyImpl(); private SidRetrievalStrategy sidRetrievalStrategy = new SidRetrievalStrategyImpl(); @@ -117,7 +117,7 @@ public class AclPermissionEvaluator implements PermissionEvaluator { if (permission instanceof String) { String permString = (String)permission; - Permission p = null; + Permission p; try { p = permissionFactory.buildFromName(permString); diff --git a/acl/src/main/java/org/springframework/security/acls/afterinvocation/AbstractAclProvider.java b/acl/src/main/java/org/springframework/security/acls/afterinvocation/AbstractAclProvider.java index 6e0f0caaa8..0e54862cb3 100644 --- a/acl/src/main/java/org/springframework/security/acls/afterinvocation/AbstractAclProvider.java +++ b/acl/src/main/java/org/springframework/security/acls/afterinvocation/AbstractAclProvider.java @@ -43,12 +43,12 @@ import org.springframework.util.Assert; public abstract class AbstractAclProvider implements AfterInvocationProvider { //~ Instance fields ================================================================================================ - protected AclService aclService; + protected final AclService aclService; protected Class processDomainObjectClass = Object.class; protected ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy = new ObjectIdentityRetrievalStrategyImpl(); protected SidRetrievalStrategy sidRetrievalStrategy = new SidRetrievalStrategyImpl(); protected String processConfigAttribute; - protected List requirePermission = Arrays.asList(BasePermission.READ); + protected final List requirePermission; //~ Constructors =================================================================================================== @@ -78,11 +78,9 @@ public abstract class AbstractAclProvider implements AfterInvocationProvider { // Obtain the SIDs applicable to the principal List sids = sidRetrievalStrategy.getSids(authentication); - Acl acl = null; - try { // Lookup only ACLs for SIDs we're interested in - acl = aclService.readAclById(objectIdentity, sids); + Acl acl = aclService.readAclById(objectIdentity, sids); return acl.isGranted(requirePermission, sids, false); } catch (NotFoundException ignore) { diff --git a/acl/src/main/java/org/springframework/security/acls/afterinvocation/ArrayFilterer.java b/acl/src/main/java/org/springframework/security/acls/afterinvocation/ArrayFilterer.java index afcd950c71..3cdd3c124d 100644 --- a/acl/src/main/java/org/springframework/security/acls/afterinvocation/ArrayFilterer.java +++ b/acl/src/main/java/org/springframework/security/acls/afterinvocation/ArrayFilterer.java @@ -95,7 +95,7 @@ class ArrayFilterer implements Filterer { } public T next() { - if (hasNext() == false) { + if (!hasNext()) { throw new NoSuchElementException(); } return list[index++]; diff --git a/acl/src/main/java/org/springframework/security/acls/afterinvocation/CollectionFilterer.java b/acl/src/main/java/org/springframework/security/acls/afterinvocation/CollectionFilterer.java index 475b74d0a1..7a01322a49 100644 --- a/acl/src/main/java/org/springframework/security/acls/afterinvocation/CollectionFilterer.java +++ b/acl/src/main/java/org/springframework/security/acls/afterinvocation/CollectionFilterer.java @@ -37,12 +37,9 @@ class CollectionFilterer implements Filterer { //~ Instance fields ================================================================================================ - private Collection collection; + private final Collection collection; - // collectionIter offers significant performance optimisations (as - // per security-developer mailing list conversation 19/5/05) - private Iterator collectionIter; - private Set removeList; + private final Set removeList; //~ Constructors =================================================================================================== @@ -88,9 +85,7 @@ class CollectionFilterer implements Filterer { * @see org.springframework.security.acls.afterinvocation.Filterer#iterator() */ public Iterator iterator() { - collectionIter = collection.iterator(); - - return collectionIter; + return collection.iterator(); } /** diff --git a/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java b/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java index a0d1e2632e..8d55f75fac 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java @@ -12,7 +12,7 @@ public abstract class AbstractPermission implements Permission { //~ Instance fields ================================================================================================ - protected char code; + protected final char code; protected int mask; //~ Constructors =================================================================================================== diff --git a/acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java b/acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java index 0fb3287faa..b19a9f6f2d 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java @@ -33,13 +33,13 @@ import java.io.Serializable; public class AccessControlEntryImpl implements AccessControlEntry, AuditableAccessControlEntry { //~ Instance fields ================================================================================================ - private Acl acl; + private final Acl acl; private Permission permission; - private Serializable id; - private Sid sid; + private final Serializable id; + private final Sid sid; private boolean auditFailure = false; private boolean auditSuccess = false; - private boolean granting; + private final boolean granting; //~ Constructors =================================================================================================== diff --git a/acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java b/acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java index eb06f315d3..e54dccf872 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java @@ -41,9 +41,9 @@ import org.springframework.util.Assert; public class AclAuthorizationStrategyImpl implements AclAuthorizationStrategy { //~ Instance fields ================================================================================================ - private GrantedAuthority gaGeneralChanges; - private GrantedAuthority gaModifyAuditing; - private GrantedAuthority gaTakeOwnership; + private final GrantedAuthority gaGeneralChanges; + private final GrantedAuthority gaModifyAuditing; + private final GrantedAuthority gaTakeOwnership; private SidRetrievalStrategy sidRetrievalStrategy = new SidRetrievalStrategyImpl(); //~ Constructors =================================================================================================== @@ -84,7 +84,7 @@ public class AclAuthorizationStrategyImpl implements AclAuthorizationStrategy { } // Not authorized by ACL ownership; try via adminstrative permissions - GrantedAuthority requiredAuthority = null; + GrantedAuthority requiredAuthority; if (changeType == CHANGE_AUDITING) { requiredAuthority = this.gaModifyAuditing; diff --git a/acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java b/acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java index 61629f463d..947f6014b9 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java @@ -43,7 +43,7 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl { private Acl parentAcl; private transient AclAuthorizationStrategy aclAuthorizationStrategy; private transient PermissionGrantingStrategy permissionGrantingStrategy; - private List aces = new ArrayList(); + private final List aces = new ArrayList(); private ObjectIdentity objectIdentity; private Serializable id; private Sid owner; // OwnershipAcl diff --git a/acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionFactory.java b/acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionFactory.java index a6379e3bff..a6a77aa906 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionFactory.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionFactory.java @@ -64,18 +64,19 @@ public class DefaultPermissionFactory implements PermissionFactory { Field[] fields = clazz.getFields(); - for (int i = 0; i < fields.length; i++) { + for (Field field : fields) { try { - Object fieldValue = fields[i].get(null); + Object fieldValue = field.get(null); if (Permission.class.isAssignableFrom(fieldValue.getClass())) { // Found a Permission static field Permission perm = (Permission) fieldValue; - String permissionName = fields[i].getName(); + String permissionName = field.getName(); registerPermission(perm, permissionName); } - } catch (Exception ignore) {} + } catch (Exception ignore) { + } } } diff --git a/acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionGrantingStrategy.java b/acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionGrantingStrategy.java index 7294d2adeb..915dcde32f 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionGrantingStrategy.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionGrantingStrategy.java @@ -12,7 +12,7 @@ import org.springframework.util.Assert; public class DefaultPermissionGrantingStrategy implements PermissionGrantingStrategy { - private transient AuditLogger auditLogger; + private final transient AuditLogger auditLogger; /** * Creates an instance with the logger which will be used to record granting and denial of requested permissions. diff --git a/acl/src/main/java/org/springframework/security/acls/domain/EhCacheBasedAclCache.java b/acl/src/main/java/org/springframework/security/acls/domain/EhCacheBasedAclCache.java index fba2b52930..d4362bdc14 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/EhCacheBasedAclCache.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/EhCacheBasedAclCache.java @@ -40,7 +40,7 @@ import org.springframework.util.Assert; public class EhCacheBasedAclCache implements AclCache { //~ Instance fields ================================================================================================ - private Ehcache cache; + private final Ehcache cache; private PermissionGrantingStrategy permissionGrantingStrategy; private AclAuthorizationStrategy aclAuthorizationStrategy; diff --git a/acl/src/main/java/org/springframework/security/acls/domain/GrantedAuthoritySid.java b/acl/src/main/java/org/springframework/security/acls/domain/GrantedAuthoritySid.java index 0bb056d182..e31f265c93 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/GrantedAuthoritySid.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/GrantedAuthoritySid.java @@ -30,7 +30,7 @@ import org.springframework.util.Assert; public class GrantedAuthoritySid implements Sid { //~ Instance fields ================================================================================================ - private String grantedAuthority; + private final String grantedAuthority; //~ Constructors =================================================================================================== diff --git a/acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityImpl.java b/acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityImpl.java index f805679c31..9026696325 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityImpl.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityImpl.java @@ -78,7 +78,7 @@ public class ObjectIdentityImpl implements ObjectIdentity { try { Method method = typeClass.getMethod("getId", new Class[] {}); - result = method.invoke(object, new Object[] {}); + result = method.invoke(object); } catch (Exception e) { throw new IdentityUnavailableException("Could not extract identity from object " + object, e); } diff --git a/acl/src/main/java/org/springframework/security/acls/domain/PrincipalSid.java b/acl/src/main/java/org/springframework/security/acls/domain/PrincipalSid.java index db59ac626f..d9253c7302 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/PrincipalSid.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/PrincipalSid.java @@ -32,7 +32,7 @@ import org.springframework.util.Assert; public class PrincipalSid implements Sid { //~ Instance fields ================================================================================================ - private String principal; + private final String principal; //~ Constructors =================================================================================================== diff --git a/acl/src/main/java/org/springframework/security/acls/jdbc/BasicLookupStrategy.java b/acl/src/main/java/org/springframework/security/acls/jdbc/BasicLookupStrategy.java index 1e43244eb6..ab469d10d4 100644 --- a/acl/src/main/java/org/springframework/security/acls/jdbc/BasicLookupStrategy.java +++ b/acl/src/main/java/org/springframework/security/acls/jdbc/BasicLookupStrategy.java @@ -107,11 +107,11 @@ public final class BasicLookupStrategy implements LookupStrategy { //~ Instance fields ================================================================================================ - private AclAuthorizationStrategy aclAuthorizationStrategy; + private final AclAuthorizationStrategy aclAuthorizationStrategy; private PermissionFactory permissionFactory = new DefaultPermissionFactory(); - private AclCache aclCache; - private PermissionGrantingStrategy grantingStrategy; - private JdbcTemplate jdbcTemplate; + private final AclCache aclCache; + private final PermissionGrantingStrategy grantingStrategy; + private final JdbcTemplate jdbcTemplate; private int batchSize = 50; private final Field fieldAces = FieldUtils.getField(AclImpl.class, "aces"); @@ -476,8 +476,8 @@ public final class BasicLookupStrategy implements LookupStrategy { //~ Inner Classes ================================================================================================== private class ProcessResultSet implements ResultSetExtractor> { - private Map acls; - private List sids; + private final Map acls; + private final List sids; public ProcessResultSet(Map acls, List sids) { Assert.notNull(acls, "ACLs cannot be null"); @@ -603,7 +603,7 @@ public final class BasicLookupStrategy implements LookupStrategy { } private class StubAclParent implements Acl { - private Long id; + private final Long id; public StubAclParent(Long id) { this.id = id; diff --git a/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java b/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java index 30ba34fcf5..b94ca9e5ff 100644 --- a/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java +++ b/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java @@ -56,8 +56,8 @@ public class JdbcAclService implements AclService { //~ Instance fields ================================================================================================ - protected JdbcTemplate jdbcTemplate; - private LookupStrategy lookupStrategy; + protected final JdbcTemplate jdbcTemplate; + private final LookupStrategy lookupStrategy; private String findChildrenSql = DEFAULT_SELECT_ACL_WITH_PARENT_SQL; //~ Constructors =================================================================================================== @@ -109,10 +109,9 @@ public class JdbcAclService implements AclService { Map result = lookupStrategy.readAclsById(objects, sids); // Check every requested object identity was found (throw NotFoundException if needed) - for (int i = 0; i < objects.size(); i++) { - if (!result.containsKey(objects.get(i))) { - throw new NotFoundException("Unable to find ACL information for object identity '" - + objects.get(i) + "'"); + for (ObjectIdentity oid : objects) { + if (!result.containsKey(oid)) { + throw new NotFoundException("Unable to find ACL information for object identity '" + oid + "'"); } } diff --git a/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcMutableAclService.java b/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcMutableAclService.java index d7b35aac48..22d86d4cb4 100644 --- a/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcMutableAclService.java +++ b/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcMutableAclService.java @@ -61,7 +61,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS //~ Instance fields ================================================================================================ private boolean foreignKeysInDatabase = true; - private AclCache aclCache; + private final AclCache aclCache; private String deleteEntryByObjectIdentityForeignKey = "delete from acl_entry where acl_object_identity=?"; private String deleteObjectIdentityByPrimaryKey = "delete from acl_object_identity where id=?"; private String classIdentityQuery = "call identity()"; @@ -194,7 +194,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS protected Long createOrRetrieveSidPrimaryKey(Sid sid, boolean allowCreate) { Assert.notNull(sid, "Sid required"); - String sidName = null; + String sidName; boolean sidIsPrincipal = true; if (sid instanceof PrincipalSid) { @@ -214,7 +214,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS } if (allowCreate) { - jdbcTemplate.update(insertSid, new Object[] {Boolean.valueOf(sidIsPrincipal), sidName}); + jdbcTemplate.update(insertSid, Boolean.valueOf(sidIsPrincipal), sidName); Assert.isTrue(TransactionSynchronizationManager.isSynchronizationActive(), "Transaction must be running"); return new Long(jdbcTemplate.queryForLong(sidIdentityQuery)); } @@ -229,8 +229,8 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS if (deleteChildren) { List children = findChildren(objectIdentity); if (children != null) { - for (int i = 0; i < children.size(); i++) { - deleteAcl(children.get(i), true); + for (ObjectIdentity child : children) { + deleteAcl(child, true); } } } else { @@ -263,8 +263,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS * @param oidPrimaryKey the rows in acl_entry to delete */ protected void deleteEntries(Long oidPrimaryKey) { - jdbcTemplate.update(deleteEntryByObjectIdentityForeignKey, - new Object[] {oidPrimaryKey}); + jdbcTemplate.update(deleteEntryByObjectIdentityForeignKey, oidPrimaryKey); } /** @@ -277,7 +276,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS */ protected void deleteObjectIdentity(Long oidPrimaryKey) { // Delete the acl_object_identity row - jdbcTemplate.update(deleteObjectIdentityByPrimaryKey, new Object[] {oidPrimaryKey}); + jdbcTemplate.update(deleteObjectIdentityByPrimaryKey, oidPrimaryKey); } /** @@ -291,8 +290,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS */ protected Long retrieveObjectIdentityPrimaryKey(ObjectIdentity oid) { try { - return new Long(jdbcTemplate.queryForLong(selectObjectIdentityPrimaryKey, - new Object[] {oid.getType(), oid.getIdentifier()})); + return new Long(jdbcTemplate.queryForLong(selectObjectIdentityPrimaryKey, oid.getType(), oid.getIdentifier())); } catch (DataAccessException notFound) { return null; } @@ -326,8 +324,8 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS Assert.notNull(objectIdentity, "ObjectIdentity required"); List children = findChildren(objectIdentity); if (children != null) { - for (int i = 0; i < children.size(); i++) { - clearCacheIncludingChildren(children.get(i)); + for (ObjectIdentity child : children) { + clearCacheIncludingChildren(child); } } aclCache.evictFromCache(objectIdentity); @@ -356,7 +354,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS Long ownerSid = createOrRetrieveSidPrimaryKey(acl.getOwner(), true); int count = jdbcTemplate.update(updateObjectIdentity, - new Object[] {parentId, ownerSid, new Boolean(acl.isEntriesInheriting()), acl.getId()}); + parentId, ownerSid, Boolean.valueOf(acl.isEntriesInheriting()), acl.getId()); if (count != 1) { throw new NotFoundException("Unable to locate ACL to update"); diff --git a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationProvider.java b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationProvider.java index 13bb319c9e..3e3f1ee19f 100644 --- a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationProvider.java +++ b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationProvider.java @@ -53,7 +53,7 @@ public class CasAuthenticationProvider implements AuthenticationProvider, Initia private AuthenticationUserDetailsService authenticationUserDetailsService; - private UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker(); + private final UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker(); protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); private StatelessTicketCache statelessTicketCache = new NullStatelessTicketCache(); private String key; @@ -194,7 +194,7 @@ public class CasAuthenticationProvider implements AuthenticationProvider, Initia this.ticketValidator = ticketValidator; } - public boolean supports(final Class authentication) { + public boolean supports(final Class authentication) { return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication)) || (CasAuthenticationToken.class.isAssignableFrom(authentication)) || (CasAssertionAuthenticationToken.class.isAssignableFrom(authentication)); diff --git a/cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java b/cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java index b6adc850f0..aecd7b4e73 100644 --- a/cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java +++ b/cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java @@ -36,7 +36,7 @@ public final class GrantedAuthorityFromAssertionAttributesUserDetailsService ext private static final String NON_EXISTENT_PASSWORD_VALUE = "NO_PASSWORD"; - private String[] attributes; + private final String[] attributes; private boolean convertToUpperCase = true; diff --git a/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java index 271ef7d090..5042cc9f72 100644 --- a/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java @@ -128,7 +128,7 @@ public class AuthenticationManagerBeanDefinitionParser implements BeanDefinition return null; } - public boolean supports(Class authentication) { + public boolean supports(Class authentication) { return false; } } diff --git a/config/src/main/java/org/springframework/security/config/authentication/AuthenticationProviderBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/authentication/AuthenticationProviderBeanDefinitionParser.java index f354f6ea50..71704bb0d0 100644 --- a/config/src/main/java/org/springframework/security/config/authentication/AuthenticationProviderBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/authentication/AuthenticationProviderBeanDefinitionParser.java @@ -18,7 +18,7 @@ import org.w3c.dom.Element; * @author Luke Taylor */ public class AuthenticationProviderBeanDefinitionParser implements BeanDefinitionParser { - private static String ATT_USER_DETAILS_REF = "user-service-ref"; + private static final String ATT_USER_DETAILS_REF = "user-service-ref"; public BeanDefinition parse(Element element, ParserContext pc) { RootBeanDefinition authProvider = new RootBeanDefinition(DaoAuthenticationProvider.class); diff --git a/config/src/main/java/org/springframework/security/config/authentication/CachingUserDetailsService.java b/config/src/main/java/org/springframework/security/config/authentication/CachingUserDetailsService.java index e72d677875..364f18e8f4 100644 --- a/config/src/main/java/org/springframework/security/config/authentication/CachingUserDetailsService.java +++ b/config/src/main/java/org/springframework/security/config/authentication/CachingUserDetailsService.java @@ -13,7 +13,7 @@ import org.springframework.util.Assert; */ public class CachingUserDetailsService implements UserDetailsService { private UserCache userCache = new NullUserCache(); - private UserDetailsService delegate; + private final UserDetailsService delegate; CachingUserDetailsService(UserDetailsService delegate) { this.delegate = delegate; diff --git a/config/src/main/java/org/springframework/security/config/authentication/PasswordEncoderParser.java b/config/src/main/java/org/springframework/security/config/authentication/PasswordEncoderParser.java index 8af2300363..5f5e0c478f 100644 --- a/config/src/main/java/org/springframework/security/config/authentication/PasswordEncoderParser.java +++ b/config/src/main/java/org/springframework/security/config/authentication/PasswordEncoderParser.java @@ -55,7 +55,7 @@ public class PasswordEncoderParser { ENCODER_CLASSES.put(OPT_HASH_LDAP_SSHA, LdapShaPasswordEncoder.class); } - private static Log logger = LogFactory.getLog(PasswordEncoderParser.class); + private static final Log logger = LogFactory.getLog(PasswordEncoderParser.class); private BeanMetadataElement passwordEncoder; private BeanMetadataElement saltSource; @@ -69,7 +69,7 @@ public class PasswordEncoderParser { boolean useBase64 = false; if (StringUtils.hasText(element.getAttribute(ATT_BASE_64))) { - useBase64 = new Boolean(element.getAttribute(ATT_BASE_64)).booleanValue(); + useBase64 = Boolean.valueOf(element.getAttribute(ATT_BASE_64)).booleanValue(); } String ref = element.getAttribute(ATT_REF); diff --git a/config/src/main/java/org/springframework/security/config/authentication/UserServiceBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/authentication/UserServiceBeanDefinitionParser.java index bbd76a73e5..e83b1d8627 100644 --- a/config/src/main/java/org/springframework/security/config/authentication/UserServiceBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/authentication/UserServiceBeanDefinitionParser.java @@ -65,8 +65,8 @@ public class UserServiceBeanDefinitionParser extends AbstractUserDetailsServiceB ManagedList users = new ManagedList(); - for (Iterator i = userElts.iterator(); i.hasNext();) { - Element userElt = (Element) i.next(); + for (Object elt : userElts) { + Element userElt = (Element) elt; String userName = userElt.getAttribute(ATT_NAME); String password = userElt.getAttribute(ATT_PASSWORD); diff --git a/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java b/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java index 8576ffccff..2b5657aa2b 100644 --- a/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java +++ b/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java @@ -72,8 +72,8 @@ final class AuthenticationConfigBuilder { private static final String ATT_USER_SERVICE_REF = "user-service-ref"; - private Element httpElt; - private ParserContext pc; + private final Element httpElt; + private final ParserContext pc; private final boolean autoConfig; private final boolean allowSessionCreation; @@ -90,21 +90,18 @@ final class AuthenticationConfigBuilder { private RootBeanDefinition openIDFilter; private BeanDefinition openIDEntryPoint; private BeanReference openIDProviderRef; - private String openIDProviderId; private String formFilterId = null; private String openIDFilterId = null; private BeanDefinition x509Filter; private BeanReference x509ProviderRef; - private String x509ProviderId; private BeanDefinition jeeFilter; private BeanReference jeeProviderRef; private RootBeanDefinition preAuthEntryPoint; - private String jeeProviderId; private BeanDefinition logoutFilter; private BeanDefinition loginPageGenerationFilter; private BeanDefinition etf; - private BeanReference requestCache; + private final BeanReference requestCache; final SecureRandom random; @@ -282,8 +279,7 @@ final class AuthenticationConfigBuilder { openIDProviderBuilder.addPropertyValue("authenticationUserDetailsService", uds); BeanDefinition openIDProvider = openIDProviderBuilder.getBeanDefinition(); - openIDProviderId = pc.getReaderContext().registerWithGeneratedName(openIDProvider); - openIDProviderRef = new RuntimeBeanReference(openIDProviderId); + openIDProviderRef = new RuntimeBeanReference(pc.getReaderContext().registerWithGeneratedName(openIDProvider)); } private void injectRememberMeServicesRef(RootBeanDefinition bean, String rememberMeServicesId) { @@ -363,8 +359,7 @@ final class AuthenticationConfigBuilder { provider.getPropertyValues().addPropertyValue("preAuthenticatedUserDetailsService", uds); - x509ProviderId = pc.getReaderContext().registerWithGeneratedName(provider); - x509ProviderRef = new RuntimeBeanReference(x509ProviderId); + x509ProviderRef = new RuntimeBeanReference(pc.getReaderContext().registerWithGeneratedName(provider)); } private void createPrauthEntryPoint(Element source) { @@ -424,8 +419,7 @@ final class AuthenticationConfigBuilder { provider.getPropertyValues().addPropertyValue("preAuthenticatedUserDetailsService", uds); - jeeProviderId = pc.getReaderContext().registerWithGeneratedName(provider); - jeeProviderRef = new RuntimeBeanReference(jeeProviderId); + jeeProviderRef = new RuntimeBeanReference(pc.getReaderContext().registerWithGeneratedName(provider)); } void createLoginPageFilterIfNeeded() { diff --git a/config/src/main/java/org/springframework/security/config/http/ChannelAttributeFactory.java b/config/src/main/java/org/springframework/security/config/http/ChannelAttributeFactory.java index 41af43acc0..66e811f6b1 100644 --- a/config/src/main/java/org/springframework/security/config/http/ChannelAttributeFactory.java +++ b/config/src/main/java/org/springframework/security/config/http/ChannelAttributeFactory.java @@ -18,8 +18,8 @@ public class ChannelAttributeFactory { private static final String OPT_REQUIRES_HTTPS = "https"; private static final String OPT_ANY_CHANNEL = "any"; - public static final List createChannelAttributes(String requiredChannel) { - String channelConfigAttribute = null; + public static List createChannelAttributes(String requiredChannel) { + String channelConfigAttribute; if (requiredChannel.equals(OPT_REQUIRES_HTTPS)) { channelConfigAttribute = "REQUIRES_SECURE_CHANNEL"; diff --git a/config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java b/config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java index d078d73bd1..a1093692fa 100644 --- a/config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java +++ b/config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java @@ -24,7 +24,7 @@ import org.springframework.security.web.servletapi.SecurityContextHolderAwareReq import org.springframework.security.web.session.SessionManagementFilter; public class DefaultFilterChainValidator implements FilterChainProxy.FilterChainValidator { - private Log logger = LogFactory.getLog(getClass()); + private final Log logger = LogFactory.getLog(getClass()); public void validate(FilterChainProxy fcp) { for(List filters : fcp.getFilterChainMap().values()) { diff --git a/config/src/main/java/org/springframework/security/config/http/FilterChainMapBeanDefinitionDecorator.java b/config/src/main/java/org/springframework/security/config/http/FilterChainMapBeanDefinitionDecorator.java index 1b2deadd88..7d8696509f 100644 --- a/config/src/main/java/org/springframework/security/config/http/FilterChainMapBeanDefinitionDecorator.java +++ b/config/src/main/java/org/springframework/security/config/http/FilterChainMapBeanDefinitionDecorator.java @@ -58,8 +58,8 @@ public class FilterChainMapBeanDefinitionDecorator implements BeanDefinitionDeco String[] filterBeanNames = StringUtils.tokenizeToStringArray(filters, ","); ManagedList filterChain = new ManagedList(filterBeanNames.length); - for (int i=0; i < filterBeanNames.length; i++) { - filterChain.add(new RuntimeBeanReference(filterBeanNames[i])); + for (String name : filterBeanNames) { + filterChain.add(new RuntimeBeanReference(name)); } filterChainMap.put(matcher, filterChain); diff --git a/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java b/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java index cc6afb8c6c..e11b52b39b 100644 --- a/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java +++ b/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java @@ -95,7 +95,7 @@ class HttpConfigurationBuilder { private BeanReference sessionStrategyRef; private RootBeanDefinition sfpf; private BeanDefinition servApiFilter; - private String portMapperName; + private final String portMapperName; private BeanReference fsi; private BeanReference requestCache; diff --git a/config/src/main/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParser.java index f43e8422df..fad301d6b6 100644 --- a/config/src/main/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParser.java @@ -54,12 +54,6 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { private static final String ATT_REF = "ref"; private static final String ATT_SECURED = "security"; private static final String OPT_SECURITY_NONE = "none"; - private static final String OPT_SECURITY_CONTEXT_ONLY = "contextOnly"; - - static final String EXPRESSION_FIMDS_CLASS = "org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource"; - static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"; - - static final List NO_FILTERS = Collections.emptyList(); public HttpSecurityBeanDefinitionParser() { } @@ -118,13 +112,13 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { return Collections.emptyList(); } - + } final String portMapperName = createPortMapper(element, pc); ManagedList authenticationProviders = new ManagedList(); - BeanReference authenticationManager = createAuthenticationManager(element, pc, authenticationProviders, null); + BeanReference authenticationManager = createAuthenticationManager(element, pc, authenticationProviders); HttpConfigurationBuilder httpBldr = new HttpConfigurationBuilder(element, pc, matcherType, portMapperName, authenticationManager); @@ -172,7 +166,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { * authentication manager. */ private BeanReference createAuthenticationManager(Element element, ParserContext pc, - ManagedList authenticationProviders, BeanReference concurrencyController) { + ManagedList authenticationProviders) { BeanDefinitionBuilder authManager = BeanDefinitionBuilder.rootBeanDefinition(ProviderManager.class); authManager.addPropertyValue("parent", new RootBeanDefinition(AuthenticationManagerFactoryBean.class)); authManager.addPropertyValue("providers", authenticationProviders); @@ -181,9 +175,6 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { clearCredentials.getPropertyValues().addPropertyValue("targetMethod", "isEraseCredentialsAfterAuthentication"); authManager.addPropertyValue("eraseCredentialsAfterAuthentication", clearCredentials); - if (concurrencyController != null) { - authManager.addPropertyValue("sessionController", concurrencyController); - } authManager.getRawBeanDefinition().setSource(pc.extractSource(element)); BeanDefinition authMgrBean = authManager.getBeanDefinition(); String id = pc.getReaderContext().generateBeanName(authMgrBean); @@ -291,8 +282,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { } class OrderDecorator implements Ordered { - BeanMetadataElement bean; - int order; + final BeanMetadataElement bean; + final int order; public OrderDecorator(BeanMetadataElement bean, SecurityFilters filterOrder) { this.bean = bean; diff --git a/config/src/main/java/org/springframework/security/config/http/LogoutBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/http/LogoutBeanDefinitionParser.java index 4697c56992..6e1de830f9 100644 --- a/config/src/main/java/org/springframework/security/config/http/LogoutBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/http/LogoutBeanDefinitionParser.java @@ -26,7 +26,7 @@ class LogoutBeanDefinitionParser implements BeanDefinitionParser { static final String DEF_LOGOUT_URL = "/j_spring_security_logout"; static final String ATT_LOGOUT_HANDLER = "success-handler-ref"; - String rememberMeServices; + final String rememberMeServices; public LogoutBeanDefinitionParser(String rememberMeServices) { this.rememberMeServices = rememberMeServices; diff --git a/config/src/main/java/org/springframework/security/config/http/WebConfigUtils.java b/config/src/main/java/org/springframework/security/config/http/WebConfigUtils.java index 95d8c95bc9..746c5e4ae4 100644 --- a/config/src/main/java/org/springframework/security/config/http/WebConfigUtils.java +++ b/config/src/main/java/org/springframework/security/config/http/WebConfigUtils.java @@ -15,8 +15,8 @@ abstract class WebConfigUtils { public static int countNonEmpty(String[] objects) { int nonNulls = 0; - for (int i = 0; i < objects.length; i++) { - if (StringUtils.hasText(objects[i])) { + for (String object : objects) { + if (StringUtils.hasText(object)) { nonNulls++; } } diff --git a/config/src/main/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParser.java index 3a6b93dab2..f1b5b9e5e0 100644 --- a/config/src/main/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParser.java @@ -20,7 +20,7 @@ import org.w3c.dom.Element; * @since 2.0 */ public class LdapProviderBeanDefinitionParser implements BeanDefinitionParser { - private Log logger = LogFactory.getLog(getClass()); + private final Log logger = LogFactory.getLog(getClass()); private static final String ATT_USER_DN_PATTERN = "user-dn-pattern"; private static final String ATT_USER_PASSWORD = "password-attribute"; @@ -81,7 +81,7 @@ public class LdapProviderBeanDefinitionParser implements BeanDefinitionParser { parserContext.getReaderContext().warning("Salt source information isn't valid when used with LDAP", passwordEncoderElement); } - } else if (StringUtils.hasText(hash)) {; + } else if (StringUtils.hasText(hash)) { authenticatorBuilder.addPropertyValue("passwordEncoder", PasswordEncoderParser.createPasswordEncoderBeanDefinition(hash, false)); } diff --git a/config/src/main/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParser.java index 7af3ef0ed3..84f81e4df5 100644 --- a/config/src/main/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParser.java @@ -315,7 +315,7 @@ public class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionP } if (!afterInvocationProviders.isEmpty()) { - BeanDefinition afterInvocationManager = null; + BeanDefinition afterInvocationManager; afterInvocationManager = new RootBeanDefinition(AfterInvocationProviderManager.class); afterInvocationManager.getPropertyValues().addPropertyValue("providers", afterInvocationProviders); bldr.addPropertyValue("afterInvocationManager", afterInvocationManager); diff --git a/config/src/main/java/org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecorator.java b/config/src/main/java/org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecorator.java index 0be451b67c..42aeba7851 100644 --- a/config/src/main/java/org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecorator.java +++ b/config/src/main/java/org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecorator.java @@ -29,7 +29,7 @@ import org.w3c.dom.Node; * */ public class InterceptMethodsBeanDefinitionDecorator implements BeanDefinitionDecorator { - private BeanDefinitionDecorator delegate = new InternalInterceptMethodsBeanDefinitionDecorator(); + private final BeanDefinitionDecorator delegate = new InternalInterceptMethodsBeanDefinitionDecorator(); public BeanDefinitionHolder decorate(Node node, BeanDefinitionHolder definition, ParserContext parserContext) { MethodConfigUtils.registerDefaultMethodAccessManagerIfNecessary(parserContext); @@ -66,7 +66,6 @@ class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractIntercepto // Lookup parent bean information Element parent = (Element) node.getParentNode(); String parentBeanClass = parent.getAttribute("class"); - parent = null; // Parse the included methods List methods = DomUtils.getChildElementsByTagName(interceptMethodsElt, Elements.PROTECT); diff --git a/config/src/main/java/org/springframework/security/config/method/ProtectPointcutPostProcessor.java b/config/src/main/java/org/springframework/security/config/method/ProtectPointcutPostProcessor.java index f498e44c4f..98507f06e1 100644 --- a/config/src/main/java/org/springframework/security/config/method/ProtectPointcutPostProcessor.java +++ b/config/src/main/java/org/springframework/security/config/method/ProtectPointcutPostProcessor.java @@ -50,10 +50,10 @@ final class ProtectPointcutPostProcessor implements BeanPostProcessor { private static final Log logger = LogFactory.getLog(ProtectPointcutPostProcessor.class); - private Map> pointcutMap = new LinkedHashMap>(); - private MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource; - private Set pointCutExpressions = new LinkedHashSet(); - private PointcutParser parser; + private final Map> pointcutMap = new LinkedHashMap>(); + private final MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource; + private final Set pointCutExpressions = new LinkedHashSet(); + private final PointcutParser parser; public ProtectPointcutPostProcessor(MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource) { Assert.notNull(mapBasedMethodSecurityMetadataSource, "MapBasedMethodSecurityMetadataSource to populate is required"); @@ -88,10 +88,10 @@ final class ProtectPointcutPostProcessor implements BeanPostProcessor { } // Check to see if any of those methods are compatible with our pointcut expressions - for (int i = 0; i < methods.length; i++) { + for (Method method : methods) { for (PointcutExpression expression : pointCutExpressions) { // Try for the bean class directly - if (attemptMatch(bean.getClass(), methods[i], expression, beanName)) { + if (attemptMatch(bean.getClass(), method, expression, beanName)) { // We've found the first expression that matches this method, so move onto the next method now break; // the "while" loop, not the "for" loop } diff --git a/core/src/main/java/org/springframework/security/access/SecurityConfig.java b/core/src/main/java/org/springframework/security/access/SecurityConfig.java index 2254436f5a..489b08553d 100644 --- a/core/src/main/java/org/springframework/security/access/SecurityConfig.java +++ b/core/src/main/java/org/springframework/security/access/SecurityConfig.java @@ -29,7 +29,7 @@ import org.springframework.util.StringUtils; public class SecurityConfig implements ConfigAttribute { //~ Instance fields ================================================================================================ - private String attrib; + private final String attrib; //~ Constructors =================================================================================================== @@ -62,15 +62,15 @@ public class SecurityConfig implements ConfigAttribute { return this.attrib; } - public final static List createListFromCommaDelimitedString(String access) { + public static List createListFromCommaDelimitedString(String access) { return createList(StringUtils.commaDelimitedListToStringArray(access)); } - public final static List createSingleAttributeList(String access) { + public static List createSingleAttributeList(String access) { return createList(access); } - public final static List createList(String... attributeNames) { + public static List createList(String... attributeNames) { Assert.notNull(attributeNames, "You must supply an array of attribute names"); List attributes = new ArrayList(attributeNames.length); diff --git a/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRootPropertyAccessor.java b/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRootPropertyAccessor.java index 0411469f22..c4e5093733 100644 --- a/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRootPropertyAccessor.java +++ b/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRootPropertyAccessor.java @@ -8,7 +8,7 @@ import org.springframework.expression.TypedValue; @SuppressWarnings("unchecked") public final class SecurityExpressionRootPropertyAccessor implements PropertyAccessor { - public Class[] CLASSES = {SecurityExpressionRoot.class}; + public final Class[] CLASSES = {SecurityExpressionRoot.class}; public boolean canRead(EvaluationContext context, Object target, String name) throws AccessException { ApplicationContext ctx = ((SecurityExpressionRoot)target).getApplicationContext(); diff --git a/core/src/main/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandler.java b/core/src/main/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandler.java index 315f9f003b..e701abe200 100644 --- a/core/src/main/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandler.java +++ b/core/src/main/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandler.java @@ -44,7 +44,7 @@ public class DefaultMethodSecurityExpressionHandler implements MethodSecurityExp private PermissionCacheOptimizer permissionCacheOptimizer = null; private AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl(); private final SecurityExpressionRootPropertyAccessor sxrpa = new SecurityExpressionRootPropertyAccessor(); - private ExpressionParser expressionParser = new SpelExpressionParser(); + private final ExpressionParser expressionParser = new SpelExpressionParser(); private RoleHierarchy roleHierarchy; private ApplicationContext applicationContext; @@ -127,11 +127,11 @@ public class DefaultMethodSecurityExpressionHandler implements MethodSecurityExp permissionCacheOptimizer.cachePermissionsFor(rootObject.getAuthentication(), Arrays.asList(array)); } - for (int i = 0; i < array.length; i++) { - rootObject.setFilterObject(array[i]); + for (Object o : array) { + rootObject.setFilterObject(o); if (ExpressionUtils.evaluateAsBoolean(filterExpression, ctx)) { - retainList.add(array[i]); + retainList.add(o); } } diff --git a/core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedAnnotationAttributeFactory.java b/core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedAnnotationAttributeFactory.java index 48b2c50dc1..81250c04ff 100644 --- a/core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedAnnotationAttributeFactory.java +++ b/core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedAnnotationAttributeFactory.java @@ -22,7 +22,7 @@ import org.springframework.security.access.prepost.PrePostInvocationAttributeFac * @since 3.0 */ public class ExpressionBasedAnnotationAttributeFactory implements PrePostInvocationAttributeFactory { - private ExpressionParser parser; + private final ExpressionParser parser; public ExpressionBasedAnnotationAttributeFactory(MethodSecurityExpressionHandler handler) { parser = handler.getExpressionParser(); diff --git a/core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedPostInvocationAdvice.java b/core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedPostInvocationAdvice.java index ec73a04798..890e1ed278 100644 --- a/core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedPostInvocationAdvice.java +++ b/core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedPostInvocationAdvice.java @@ -19,7 +19,7 @@ import org.springframework.security.core.Authentication; public class ExpressionBasedPostInvocationAdvice implements PostInvocationAuthorizationAdvice{ protected final Log logger = LogFactory.getLog(getClass()); - private MethodSecurityExpressionHandler expressionHandler; + private final MethodSecurityExpressionHandler expressionHandler; public ExpressionBasedPostInvocationAdvice(MethodSecurityExpressionHandler expressionHandler) { this.expressionHandler = expressionHandler; diff --git a/core/src/main/java/org/springframework/security/access/expression/method/MethodSecurityEvaluationContext.java b/core/src/main/java/org/springframework/security/access/expression/method/MethodSecurityEvaluationContext.java index a75256df62..72c0321af6 100644 --- a/core/src/main/java/org/springframework/security/access/expression/method/MethodSecurityEvaluationContext.java +++ b/core/src/main/java/org/springframework/security/access/expression/method/MethodSecurityEvaluationContext.java @@ -23,7 +23,7 @@ import org.springframework.security.core.Authentication; * @since 3.0 */ class MethodSecurityEvaluationContext extends StandardEvaluationContext { - private static Log logger = LogFactory.getLog(MethodSecurityEvaluationContext.class); + private static final Log logger = LogFactory.getLog(MethodSecurityEvaluationContext.class); private ParameterNameDiscoverer parameterNameDiscoverer; private final MethodInvocation mi; @@ -93,7 +93,7 @@ class MethodSecurityEvaluationContext extends StandardEvaluationContext { Class targetClass = AopProxyUtils.ultimateTargetClass(targetObject); if (targetClass == null) { - // TODO: Spring should do this, but there's a bug in ultimateTargetClass() which returns null + // TODO: Spring should do this, but there's a bug in ultimateTargetClass() which returns null targetClass = targetObject.getClass(); } diff --git a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java index 581c6b01c3..00105219fa 100755 --- a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java +++ b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java @@ -135,9 +135,7 @@ public class RoleHierarchyImpl implements RoleHierarchy { private void addReachableRoles(Set reachableRoles, GrantedAuthority authority) { - Iterator iterator = reachableRoles.iterator(); - while (iterator.hasNext()) { - GrantedAuthority testAuthority = iterator.next(); + for (GrantedAuthority testAuthority : reachableRoles) { String testKey = testAuthority.getAuthority(); if ((testKey != null) && (testKey.equals(authority.getAuthority()))) { return; @@ -154,9 +152,7 @@ public class RoleHierarchyImpl implements RoleHierarchy { return null; } - Iterator iterator = rolesReachableInOneOrMoreStepsMap.keySet().iterator(); - while (iterator.hasNext()) { - GrantedAuthority testAuthority = iterator.next(); + for (GrantedAuthority testAuthority : rolesReachableInOneOrMoreStepsMap.keySet()) { String testKey = testAuthority.getAuthority(); if ((testKey != null) && (testKey.equals(authority.getAuthority()))) { return rolesReachableInOneOrMoreStepsMap.get(testAuthority); @@ -171,7 +167,7 @@ public class RoleHierarchyImpl implements RoleHierarchy { * references a set of the reachable lower roles. */ private void buildRolesReachableInOneStepMap() { - Pattern pattern = Pattern.compile("(\\s*([^\\s>]+)\\s*\\>\\s*([^\\s>]+))"); + Pattern pattern = Pattern.compile("(\\s*([^\\s>]+)\\s*>\\s*([^\\s>]+))"); Matcher roleHierarchyMatcher = pattern.matcher(roleHierarchyStringRepresentation); rolesReachableInOneStepMap = new HashMap>(); @@ -179,7 +175,7 @@ public class RoleHierarchyImpl implements RoleHierarchy { while (roleHierarchyMatcher.find()) { GrantedAuthority higherRole = new GrantedAuthorityImpl(roleHierarchyMatcher.group(2)); GrantedAuthority lowerRole = new GrantedAuthorityImpl(roleHierarchyMatcher.group(3)); - Set rolesReachableInOneStepSet = null; + Set rolesReachableInOneStepSet; if (!rolesReachableInOneStepMap.containsKey(higherRole)) { rolesReachableInOneStepSet = new HashSet(); diff --git a/core/src/main/java/org/springframework/security/access/intercept/InterceptorStatusToken.java b/core/src/main/java/org/springframework/security/access/intercept/InterceptorStatusToken.java index eef02d87f1..de6042601c 100644 --- a/core/src/main/java/org/springframework/security/access/intercept/InterceptorStatusToken.java +++ b/core/src/main/java/org/springframework/security/access/intercept/InterceptorStatusToken.java @@ -33,10 +33,10 @@ import org.springframework.security.core.Authentication; public class InterceptorStatusToken { //~ Instance fields ================================================================================================ - private Authentication authentication; - private Collection attr; - private Object secureObject; - private boolean contextHolderRefreshRequired; + private final Authentication authentication; + private final Collection attr; + private final Object secureObject; + private final boolean contextHolderRefreshRequired; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProvider.java b/core/src/main/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProvider.java index 9bd539665c..df4bfda511 100644 --- a/core/src/main/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProvider.java @@ -74,11 +74,7 @@ public class RunAsImplAuthenticationProvider implements InitializingBean, Authen this.messages = new MessageSourceAccessor(messageSource); } - public boolean supports(Class authentication) { - if (RunAsUserToken.class.isAssignableFrom(authentication)) { - return true; - } else { - return false; - } + public boolean supports(Class authentication) { + return RunAsUserToken.class.isAssignableFrom(authentication); } } diff --git a/core/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptor.java b/core/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptor.java index e6eeb20b80..bc5d897d4b 100644 --- a/core/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptor.java @@ -42,7 +42,7 @@ public class MethodSecurityInterceptor extends AbstractSecurityInterceptor imple //~ Methods ======================================================================================================== - public Class getSecureObjectClass() { + public Class getSecureObjectClass() { return MethodInvocation.class; } diff --git a/core/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityMetadataSourceAdvisor.java b/core/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityMetadataSourceAdvisor.java index 488de126ed..9ce083ae34 100644 --- a/core/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityMetadataSourceAdvisor.java +++ b/core/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityMetadataSourceAdvisor.java @@ -54,8 +54,8 @@ public class MethodSecurityMetadataSourceAdvisor extends AbstractPointcutAdvisor private transient MethodSecurityInterceptor interceptor; private final Pointcut pointcut = new MethodSecurityMetadataSourcePointcut(); private BeanFactory beanFactory; - private String adviceBeanName; - private String metadataSourceBeanName; + private final String adviceBeanName; + private final String metadataSourceBeanName; private transient volatile Object adviceMonitor = new Object(); //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJAnnotationSecurityInterceptor.java b/core/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJAnnotationSecurityInterceptor.java index 20018f6dce..ee29425010 100644 --- a/core/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJAnnotationSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJAnnotationSecurityInterceptor.java @@ -25,7 +25,7 @@ public class AspectJAnnotationSecurityInterceptor extends AbstractSecurityInterc return this.securityMetadataSource; } - public Class getSecureObjectClass() { + public Class getSecureObjectClass() { return JoinPoint.class; } diff --git a/core/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJSecurityInterceptor.java b/core/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJSecurityInterceptor.java index 3e23102f2f..76837f8d1d 100644 --- a/core/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJSecurityInterceptor.java @@ -47,7 +47,7 @@ public class AspectJSecurityInterceptor extends AbstractSecurityInterceptor { //~ Methods ======================================================================================================== - public Class getSecureObjectClass() { + public Class getSecureObjectClass() { return JoinPoint.class; } diff --git a/core/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java b/core/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java index ea980a76ca..ea600574f5 100644 --- a/core/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java +++ b/core/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java @@ -48,10 +48,10 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod private ClassLoader beanClassLoader = ClassUtils.getDefaultClassLoader(); /** Map from RegisteredMethod to ConfigAttribute list */ - protected Map> methodMap = new HashMap>(); + protected final Map> methodMap = new HashMap>(); /** Map from RegisteredMethod to name pattern used for registration */ - private Map nameMap = new HashMap(); + private final Map nameMap = new HashMap(); //~ Methods ======================================================================================================== @@ -139,9 +139,9 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod Method[] methods = javaType.getMethods(); List matchingMethods = new ArrayList(); - for (int i = 0; i < methods.length; i++) { - if (methods[i].getName().equals(mappedName) || isMatch(methods[i].getName(), mappedName)) { - matchingMethods.add(methods[i]); + for (Method m : methods) { + if (m.getName().equals(mappedName) || isMatch(m.getName(), mappedName)) { + matchingMethods.add(m); } } @@ -252,8 +252,8 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod * Class will be the Class we're invoking against and the Method will provide details of the declared class. */ private class RegisteredMethod { - private Method method; - private Class registeredJavaType; + private final Method method; + private final Class registeredJavaType; public RegisteredMethod(Method method, Class registeredJavaType) { Assert.notNull(method, "Method required"); diff --git a/core/src/main/java/org/springframework/security/access/prepost/PostInvocationAdviceProvider.java b/core/src/main/java/org/springframework/security/access/prepost/PostInvocationAdviceProvider.java index 88016b28bd..55a6d88e0c 100644 --- a/core/src/main/java/org/springframework/security/access/prepost/PostInvocationAdviceProvider.java +++ b/core/src/main/java/org/springframework/security/access/prepost/PostInvocationAdviceProvider.java @@ -20,7 +20,7 @@ import org.springframework.security.core.Authentication; public class PostInvocationAdviceProvider implements AfterInvocationProvider { protected final Log logger = LogFactory.getLog(getClass()); - private PostInvocationAuthorizationAdvice postAdvice; + private final PostInvocationAuthorizationAdvice postAdvice; public PostInvocationAdviceProvider(PostInvocationAuthorizationAdvice postAdvice) { this.postAdvice = postAdvice; diff --git a/core/src/main/java/org/springframework/security/access/prepost/PreInvocationAuthorizationAdviceVoter.java b/core/src/main/java/org/springframework/security/access/prepost/PreInvocationAuthorizationAdviceVoter.java index 4904e9e46c..b4e5b071b1 100644 --- a/core/src/main/java/org/springframework/security/access/prepost/PreInvocationAuthorizationAdviceVoter.java +++ b/core/src/main/java/org/springframework/security/access/prepost/PreInvocationAuthorizationAdviceVoter.java @@ -24,7 +24,7 @@ import org.springframework.security.core.Authentication; public class PreInvocationAuthorizationAdviceVoter implements AccessDecisionVoter { protected final Log logger = LogFactory.getLog(getClass()); - private PreInvocationAuthorizationAdvice preAdvice; + private final PreInvocationAuthorizationAdvice preAdvice; public PreInvocationAuthorizationAdviceVoter(PreInvocationAuthorizationAdvice pre) { this.preAdvice = pre; diff --git a/core/src/main/java/org/springframework/security/access/vote/AbstractAccessDecisionManager.java b/core/src/main/java/org/springframework/security/access/vote/AbstractAccessDecisionManager.java index 372b753d41..96d54b73bf 100644 --- a/core/src/main/java/org/springframework/security/access/vote/AbstractAccessDecisionManager.java +++ b/core/src/main/java/org/springframework/security/access/vote/AbstractAccessDecisionManager.java @@ -95,11 +95,7 @@ public abstract class AbstractAccessDecisionManager implements AccessDecisionMan } public boolean supports(ConfigAttribute attribute) { - Iterator iter = this.decisionVoters.iterator(); - - while (iter.hasNext()) { - AccessDecisionVoter voter = iter.next(); - + for (AccessDecisionVoter voter : this.decisionVoters) { if (voter.supports(attribute)) { return true; } @@ -118,11 +114,7 @@ public abstract class AbstractAccessDecisionManager implements AccessDecisionMan * @return true if this type is supported */ public boolean supports(Class clazz) { - Iterator iter = this.decisionVoters.iterator(); - - while (iter.hasNext()) { - AccessDecisionVoter voter = iter.next(); - + for (AccessDecisionVoter voter : this.decisionVoters) { if (!voter.supports(clazz)) { return false; } diff --git a/core/src/main/java/org/springframework/security/access/vote/AbstractAclVoter.java b/core/src/main/java/org/springframework/security/access/vote/AbstractAclVoter.java index 16cd0fcacc..f7e734a170 100644 --- a/core/src/main/java/org/springframework/security/access/vote/AbstractAclVoter.java +++ b/core/src/main/java/org/springframework/security/access/vote/AbstractAclVoter.java @@ -80,12 +80,6 @@ public abstract class AbstractAclVoter implements AccessDecisionVoter { * @return true if the secure object is MethodInvocation, false otherwise */ public boolean supports(Class clazz) { - if (MethodInvocation.class.isAssignableFrom(clazz)) { - return true; - } else if (JoinPoint.class.isAssignableFrom(clazz)) { - return true; - } else { - return false; - } + return (MethodInvocation.class.isAssignableFrom(clazz) || JoinPoint.class.isAssignableFrom(clazz)); } } diff --git a/core/src/main/java/org/springframework/security/authentication/AccountStatusUserDetailsChecker.java b/core/src/main/java/org/springframework/security/authentication/AccountStatusUserDetailsChecker.java index 6801edcc7b..380a86647b 100644 --- a/core/src/main/java/org/springframework/security/authentication/AccountStatusUserDetailsChecker.java +++ b/core/src/main/java/org/springframework/security/authentication/AccountStatusUserDetailsChecker.java @@ -10,7 +10,7 @@ import org.springframework.context.support.MessageSourceAccessor; */ public class AccountStatusUserDetailsChecker implements UserDetailsChecker { - protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); + protected final MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); public void check(UserDetails user) { if (!user.isAccountNonLocked()) { diff --git a/core/src/main/java/org/springframework/security/authentication/AnonymousAuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/AnonymousAuthenticationProvider.java index f385bb2aa5..b260602286 100644 --- a/core/src/main/java/org/springframework/security/authentication/AnonymousAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/authentication/AnonymousAuthenticationProvider.java @@ -73,7 +73,7 @@ public class AnonymousAuthenticationProvider implements AuthenticationProvider, this.messages = new MessageSourceAccessor(messageSource); } - public boolean supports(Class authentication) { + public boolean supports(Class authentication) { return (AnonymousAuthenticationToken.class.isAssignableFrom(authentication)); } } diff --git a/core/src/main/java/org/springframework/security/authentication/AuthenticationDetails.java b/core/src/main/java/org/springframework/security/authentication/AuthenticationDetails.java index a910f8b15e..f1fc7f4791 100755 --- a/core/src/main/java/org/springframework/security/authentication/AuthenticationDetails.java +++ b/core/src/main/java/org/springframework/security/authentication/AuthenticationDetails.java @@ -11,7 +11,7 @@ import java.io.Serializable; public class AuthenticationDetails implements Serializable { //~ Instance fields ================================================================================================ - private String context; + private final String context; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/authentication/AuthenticationDetailsSourceImpl.java b/core/src/main/java/org/springframework/security/authentication/AuthenticationDetailsSourceImpl.java index f444b10dca..6e44590d82 100755 --- a/core/src/main/java/org/springframework/security/authentication/AuthenticationDetailsSourceImpl.java +++ b/core/src/main/java/org/springframework/security/authentication/AuthenticationDetailsSourceImpl.java @@ -50,10 +50,10 @@ public class AuthenticationDetailsSourceImpl implements AuthenticationDetailsSou private Constructor getFirstMatchingConstructor(Object object) throws NoSuchMethodException { Constructor[] constructors = clazz.getDeclaredConstructors(); Constructor constructor = null; - for (int i = 0; i < constructors.length; i++) { - Class[] parameterTypes = constructors[i].getParameterTypes(); + for (Constructor tryMe : constructors) { + Class[] parameterTypes = tryMe.getParameterTypes(); if (parameterTypes.length == 1 && (object == null || parameterTypes[0].isInstance(object))) { - constructor = constructors[i]; + constructor = tryMe; break; } } diff --git a/core/src/main/java/org/springframework/security/authentication/AuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/AuthenticationProvider.java index 2186903af9..07759eac30 100644 --- a/core/src/main/java/org/springframework/security/authentication/AuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/authentication/AuthenticationProvider.java @@ -62,5 +62,5 @@ public interface AuthenticationProvider { * @return true if the implementation can more closely evaluate the Authentication class * presented */ - boolean supports(Class authentication); + boolean supports(Class authentication); } diff --git a/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java b/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java index 1e794edd5a..8fea87604f 100644 --- a/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java +++ b/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java @@ -23,9 +23,8 @@ import org.springframework.security.core.AuthenticationException; *

* {@link org.springframework.security.access.AccessDecisionVoter}s will typically throw this exception if * they are dissatisfied with the level of the authentication, such as if performed using a remember-me mechanism or - * anonymously. The commonly used {@link org.springframework.security.web.access.ExceptionTranslationFilter - * ExceptionTranslationFilter} will thus cause the AuthenticationEntryPoint to be called, allowing - * the principal to authenticate with a stronger level of authentication. + * anonymously. The {@code ExceptionTranslationFilter} will then typically cause the {@code AuthenticationEntryPoint} + * to be called, allowing the principal to authenticate with a stronger level of authentication. * * @author Ben Alex */ diff --git a/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationProvider.java index e4cf311534..1f5f430bf6 100644 --- a/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationProvider.java @@ -69,7 +69,7 @@ public class RememberMeAuthenticationProvider implements AuthenticationProvider, this.messages = new MessageSourceAccessor(messageSource); } - public boolean supports(Class authentication) { + public boolean supports(Class authentication) { return (RememberMeAuthenticationToken.class.isAssignableFrom(authentication)); } } diff --git a/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationProvider.java index 3db3400e57..f19f8d805c 100644 --- a/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationProvider.java @@ -36,7 +36,7 @@ public class TestingAuthenticationProvider implements AuthenticationProvider { return authentication; } - public boolean supports(Class authentication) { + public boolean supports(Class authentication) { return TestingAuthenticationToken.class.isAssignableFrom(authentication); } } diff --git a/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java index ba50e6d0ba..2aa3b84683 100644 --- a/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java +++ b/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java @@ -33,8 +33,8 @@ public class TestingAuthenticationToken extends AbstractAuthenticationToken { //~ Instance fields ================================================================================================ private static final long serialVersionUID = 1L; - private Object credentials; - private Object principal; + private final Object credentials; + private final Object principal; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java index 966d1781cc..a2410df3e2 100644 --- a/core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java @@ -262,7 +262,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider implements Authe this.userCache = userCache; } - public boolean supports(Class authentication) { + public boolean supports(Class authentication) { return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication)); } diff --git a/core/src/main/java/org/springframework/security/authentication/dao/ReflectionSaltSource.java b/core/src/main/java/org/springframework/security/authentication/dao/ReflectionSaltSource.java index 679dc71023..c27169e5fd 100644 --- a/core/src/main/java/org/springframework/security/authentication/dao/ReflectionSaltSource.java +++ b/core/src/main/java/org/springframework/security/authentication/dao/ReflectionSaltSource.java @@ -66,7 +66,7 @@ public class ReflectionSaltSource implements SaltSource, InitializingBean { Method saltMethod = findSaltMethod(user); try { - return saltMethod.invoke(user, new Object[] {}); + return saltMethod.invoke(user); } catch (Exception exception) { throw new AuthenticationServiceException(exception.getMessage(), exception); } diff --git a/core/src/main/java/org/springframework/security/authentication/encoding/Md4.java b/core/src/main/java/org/springframework/security/authentication/encoding/Md4.java index bab8c0c751..6690390ea7 100644 --- a/core/src/main/java/org/springframework/security/authentication/encoding/Md4.java +++ b/core/src/main/java/org/springframework/security/authentication/encoding/Md4.java @@ -25,8 +25,8 @@ class Md4 { private final byte[] buffer = new byte[BLOCK_SIZE]; private int bufferOffset; private long byteCount; - private int[] state = new int[4]; - private int[] tmp = new int[16]; + private final int[] state = new int[4]; + private final int[] tmp = new int[16]; Md4() { reset(); diff --git a/core/src/main/java/org/springframework/security/authentication/event/AbstractAuthenticationFailureEvent.java b/core/src/main/java/org/springframework/security/authentication/event/AbstractAuthenticationFailureEvent.java index 3b5025c7ff..0a3f652426 100644 --- a/core/src/main/java/org/springframework/security/authentication/event/AbstractAuthenticationFailureEvent.java +++ b/core/src/main/java/org/springframework/security/authentication/event/AbstractAuthenticationFailureEvent.java @@ -29,7 +29,7 @@ import org.springframework.util.Assert; public abstract class AbstractAuthenticationFailureEvent extends AbstractAuthenticationEvent { //~ Instance fields ================================================================================================ - private AuthenticationException exception; + private final AuthenticationException exception; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/authentication/event/InteractiveAuthenticationSuccessEvent.java b/core/src/main/java/org/springframework/security/authentication/event/InteractiveAuthenticationSuccessEvent.java index db7f76bf59..8b76a711b3 100644 --- a/core/src/main/java/org/springframework/security/authentication/event/InteractiveAuthenticationSuccessEvent.java +++ b/core/src/main/java/org/springframework/security/authentication/event/InteractiveAuthenticationSuccessEvent.java @@ -29,7 +29,7 @@ import org.springframework.util.Assert; public class InteractiveAuthenticationSuccessEvent extends AbstractAuthenticationEvent { //~ Instance fields ================================================================================================ - private Class generatedBy; + private final Class generatedBy; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java index aac91b6ecc..1323d6dbd0 100644 --- a/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java @@ -191,8 +191,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli Set principals = loginContext.getSubject().getPrincipals(); for (Principal principal : principals) { - for (int i = 0; i < authorityGranters.length; i++) { - AuthorityGranter granter = authorityGranters[i]; + for (AuthorityGranter granter : authorityGranters) { Set roles = granter.grant(principal); // If the granter doesn't wish to grant any authorities, it should return null. @@ -249,7 +248,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli int n = 1; final String prefix = "login.config.url."; - String existing = null; + String existing; while ((existing = Security.getProperty(prefix + n)) != null) { alreadySet = existing.equals(loginConfigUrl); @@ -270,7 +269,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli private String convertLoginConfigToUrl() throws IOException { String loginConfigPath = loginConfig.getFile().getAbsolutePath(); - loginConfigPath.replace(File.separatorChar, '/'); + loginConfigPath = loginConfigPath.replace(File.separatorChar, '/'); if (!loginConfigPath.startsWith("/")) { loginConfigPath = "/" + loginConfigPath; @@ -436,7 +435,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli this.refreshConfigurationOnStartup = refresh; } - public boolean supports(Class aClass) { + public boolean supports(Class aClass) { return UsernamePasswordAuthenticationToken.class.isAssignableFrom(aClass); } @@ -454,19 +453,15 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli * Wrapper class for JAASAuthenticationCallbackHandlers */ private class InternalCallbackHandler implements CallbackHandler { - private Authentication authentication; + private final Authentication authentication; public InternalCallbackHandler(Authentication authentication) { this.authentication = authentication; } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { - for (int i = 0; i < callbackHandlers.length; i++) { - JaasAuthenticationCallbackHandler handler = callbackHandlers[i]; - - for (int j = 0; j < callbacks.length; j++) { - Callback callback = callbacks[j]; - + for (JaasAuthenticationCallbackHandler handler : callbackHandlers) { + for (Callback callback : callbacks) { handler.handle(callback, authentication); } } diff --git a/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java b/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java index b835250f0f..68f1c488f0 100644 --- a/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java +++ b/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java @@ -32,7 +32,7 @@ public class JaasGrantedAuthority extends GrantedAuthorityImpl { //~ Instance fields ================================================================================================ private static final long serialVersionUID = 1L; - private Principal principal; + private final Principal principal; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/authentication/jaas/JaasNameCallbackHandler.java b/core/src/main/java/org/springframework/security/authentication/jaas/JaasNameCallbackHandler.java index b57ce7cf00..9dda17b5fe 100644 --- a/core/src/main/java/org/springframework/security/authentication/jaas/JaasNameCallbackHandler.java +++ b/core/src/main/java/org/springframework/security/authentication/jaas/JaasNameCallbackHandler.java @@ -54,7 +54,7 @@ public class JaasNameCallbackHandler implements JaasAuthenticationCallbackHandle throws IOException, UnsupportedCallbackException { if (callback instanceof NameCallback) { NameCallback ncb = (NameCallback) callback; - String username = ""; + String username; Object principal = authentication.getPrincipal(); diff --git a/core/src/main/java/org/springframework/security/authentication/jaas/event/JaasAuthenticationFailedEvent.java b/core/src/main/java/org/springframework/security/authentication/jaas/event/JaasAuthenticationFailedEvent.java index 4e35b6b094..c7dcb7e593 100644 --- a/core/src/main/java/org/springframework/security/authentication/jaas/event/JaasAuthenticationFailedEvent.java +++ b/core/src/main/java/org/springframework/security/authentication/jaas/event/JaasAuthenticationFailedEvent.java @@ -26,7 +26,7 @@ import org.springframework.security.core.Authentication; public class JaasAuthenticationFailedEvent extends JaasAuthenticationEvent { //~ Instance fields ================================================================================================ - private Exception exception; + private final Exception exception; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImpl.java b/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImpl.java index 90b00bc89c..e9ea7be65f 100644 --- a/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImpl.java +++ b/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImpl.java @@ -49,9 +49,7 @@ public class RemoteAuthenticationManagerImpl implements RemoteAuthenticationMana UsernamePasswordAuthenticationToken request = new UsernamePasswordAuthenticationToken(username, password); try { - Collection authorities = authenticationManager.authenticate(request).getAuthorities(); - - return authorities; + return authenticationManager.authenticate(request).getAuthorities(); } catch (AuthenticationException authEx) { throw new RemoteAuthenticationException(authEx.getMessage()); } diff --git a/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java index a3fd2c080a..162c9353dc 100644 --- a/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java @@ -71,7 +71,7 @@ public class RemoteAuthenticationProvider implements AuthenticationProvider, Ini this.remoteAuthenticationManager = remoteAuthenticationManager; } - public boolean supports(Class authentication) { + public boolean supports(Class authentication) { return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication)); } } diff --git a/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java b/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java index 50de8f772f..d8790c257e 100644 --- a/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java +++ b/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java @@ -48,8 +48,8 @@ public abstract class AuthorityUtils { public static List createAuthorityList(String... roles) { List authorities = new ArrayList(roles.length); - for (int i=0; i < roles.length; i++) { - authorities.add(new GrantedAuthorityImpl(roles[i])); + for (String role : roles) { + authorities.add(new GrantedAuthorityImpl(role)); } return authorities; diff --git a/core/src/main/java/org/springframework/security/core/authority/GrantedAuthorityImpl.java b/core/src/main/java/org/springframework/security/core/authority/GrantedAuthorityImpl.java index aa20c7eccd..dc24af598f 100644 --- a/core/src/main/java/org/springframework/security/core/authority/GrantedAuthorityImpl.java +++ b/core/src/main/java/org/springframework/security/core/authority/GrantedAuthorityImpl.java @@ -37,7 +37,7 @@ public class GrantedAuthorityImpl implements GrantedAuthority, Serializable { //~ Instance fields ================================================================================================ private static final long serialVersionUID = 1L; - private String role; + private final String role; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java b/core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java index ff3d2f5166..fa68a8055f 100755 --- a/core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java +++ b/core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java @@ -127,8 +127,8 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2G } private void addGrantedAuthorityCollection(Collection result, Object[] value) { - for ( int i = 0 ; i < value.length ; i++ ) { - addGrantedAuthorityCollection(result,value[i]); + for (Object aValue : value) { + addGrantedAuthorityCollection(result, aValue); } } diff --git a/core/src/main/java/org/springframework/security/core/codec/Base64.java b/core/src/main/java/org/springframework/security/core/codec/Base64.java index b4f11fa176..74149e9bbb 100644 --- a/core/src/main/java/org/springframework/security/core/codec/Base64.java +++ b/core/src/main/java/org/springframework/security/core/codec/Base64.java @@ -266,7 +266,7 @@ public final class Base64 { * in which case one of them will be picked, though there is * no guarantee as to which one will be picked. */ - private final static byte[] getAlphabet( int options ) { + private static byte[] getAlphabet( int options ) { if ((options & URL_SAFE) == URL_SAFE) { return _URL_SAFE_ALPHABET; } else if ((options & ORDERED) == ORDERED) { @@ -283,7 +283,7 @@ public final class Base64 { * in which case one of them will be picked, though there is * no guarantee as to which one will be picked. */ - private final static byte[] getDecodabet( int options ) { + private static byte[] getDecodabet( int options ) { if( (options & URL_SAFE) == URL_SAFE) { return _URL_SAFE_DECODABET; } else if ((options & ORDERED) == ORDERED) { @@ -600,11 +600,10 @@ public final class Base64 { byte[] b4 = new byte[4]; // Four byte buffer from source, eliminating white space int b4Posn = 0; // Keep track of four byte input buffer - int i = 0; // Source array counter - byte sbiCrop = 0; // Low seven bits (ASCII) of input - byte sbiDecode = 0; // Special value from DECODABET + byte sbiCrop; // Low seven bits (ASCII) of input + byte sbiDecode; // Special value from DECODABET - for( i = off; i < off+len; i++ ) { // Loop through source + for(int i = off; i < off+len; i++ ) { // Loop through source sbiCrop = (byte)(source[i] & 0x7f); // Only the low seven bits sbiDecode = DECODABET[ sbiCrop ]; // Special value diff --git a/core/src/main/java/org/springframework/security/core/context/InheritableThreadLocalSecurityContextHolderStrategy.java b/core/src/main/java/org/springframework/security/core/context/InheritableThreadLocalSecurityContextHolderStrategy.java index 888805c696..702f8208ae 100644 --- a/core/src/main/java/org/springframework/security/core/context/InheritableThreadLocalSecurityContextHolderStrategy.java +++ b/core/src/main/java/org/springframework/security/core/context/InheritableThreadLocalSecurityContextHolderStrategy.java @@ -25,7 +25,6 @@ import org.springframework.util.Assert; * @author Ben Alex * * @see java.lang.ThreadLocal - * @see org.springframework.security.core.context.web.SecurityContextPersistenceFilter */ final class InheritableThreadLocalSecurityContextHolderStrategy implements SecurityContextHolderStrategy { //~ Static fields/initializers ===================================================================================== diff --git a/core/src/main/java/org/springframework/security/core/session/SessionInformation.java b/core/src/main/java/org/springframework/security/core/session/SessionInformation.java index 9cc142c401..8313e5d254 100644 --- a/core/src/main/java/org/springframework/security/core/session/SessionInformation.java +++ b/core/src/main/java/org/springframework/security/core/session/SessionInformation.java @@ -38,8 +38,8 @@ public class SessionInformation implements Serializable { //~ Instance fields ================================================================================================ private Date lastRequest; - private Object principal; - private String sessionId; + private final Object principal; + private final String sessionId; private boolean expired = false; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/core/token/DefaultToken.java b/core/src/main/java/org/springframework/security/core/token/DefaultToken.java index 6bdd655096..6e3e444ad7 100644 --- a/core/src/main/java/org/springframework/security/core/token/DefaultToken.java +++ b/core/src/main/java/org/springframework/security/core/token/DefaultToken.java @@ -11,9 +11,9 @@ import org.springframework.util.Assert; * @since 2.0.1 */ public class DefaultToken implements Token { - private String key; - private long keyCreationTime; - private String extendedInformation; + private final String key; + private final long keyCreationTime; + private final String extendedInformation; public DefaultToken(String key, long keyCreationTime, String extendedInformation) { Assert.hasText(key, "Key required"); @@ -52,7 +52,7 @@ public class DefaultToken implements Token { } public String toString() { - return "DefaultToken[key=" + new String(key) + "; creation=" + new Date(keyCreationTime) + "; extended=" + extendedInformation + "]"; + return "DefaultToken[key=" + key + "; creation=" + new Date(keyCreationTime) + "; extended=" + extendedInformation + "]"; } diff --git a/core/src/main/java/org/springframework/security/core/token/KeyBasedPersistenceTokenService.java b/core/src/main/java/org/springframework/security/core/token/KeyBasedPersistenceTokenService.java index 7fe62add2b..4d22539e02 100644 --- a/core/src/main/java/org/springframework/security/core/token/KeyBasedPersistenceTokenService.java +++ b/core/src/main/java/org/springframework/security/core/token/KeyBasedPersistenceTokenService.java @@ -63,7 +63,7 @@ public class KeyBasedPersistenceTokenService implements TokenService, Initializi long creationTime = new Date().getTime(); String serverSecret = computeServerSecretApplicableAt(creationTime); String pseudoRandomNumber = generatePseudoRandomNumber(); - String content = new Long(creationTime).toString() + ":" + pseudoRandomNumber + ":" + extendedInformation; + String content = Long.toString(creationTime) + ":" + pseudoRandomNumber + ":" + extendedInformation; // Compute key String sha512Hex = Sha512DigestUtils.shaHex(content + ":" + serverSecret); @@ -102,7 +102,7 @@ public class KeyBasedPersistenceTokenService implements TokenService, Initializi String sha1Hex = tokens[tokens.length-1]; // Verification - String content = new Long(creationTime).toString() + ":" + pseudoRandomNumber + ":" + extendedInfo.toString(); + String content = Long.toString(creationTime) + ":" + pseudoRandomNumber + ":" + extendedInfo.toString(); String expectedSha512Hex = Sha512DigestUtils.shaHex(content + ":" + serverSecret); Assert.isTrue(expectedSha512Hex.equals(sha1Hex), "Key verification failure"); diff --git a/core/src/main/java/org/springframework/security/core/token/Sha512DigestUtils.java b/core/src/main/java/org/springframework/security/core/token/Sha512DigestUtils.java index dfd8447041..05925f328d 100644 --- a/core/src/main/java/org/springframework/security/core/token/Sha512DigestUtils.java +++ b/core/src/main/java/org/springframework/security/core/token/Sha512DigestUtils.java @@ -17,29 +17,19 @@ import org.springframework.security.core.codec.Hex; * */ public abstract class Sha512DigestUtils { - /** - * Returns a MessageDigest for the given algorithm. - * - * @param algorithm The MessageDigest algorithm name. - * @return An MD5 digest instance. - * @throws RuntimeException when a {@link java.security.NoSuchAlgorithmException} is caught, - */ - static MessageDigest getDigest(String algorithm) { - try { - return MessageDigest.getInstance(algorithm); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException(e.getMessage()); - } - } /** * Returns an SHA digest. * * @return An SHA digest instance. - * @throws RuntimeException when a {@link java.security.NoSuchAlgorithmException} is caught, + * @throws RuntimeException when a {@link java.security.NoSuchAlgorithmException} is caught. */ private static MessageDigest getSha512Digest() { - return getDigest("SHA-512"); + try { + return MessageDigest.getInstance("SHA-512"); + } catch (NoSuchAlgorithmException e) { + throw new RuntimeException(e.getMessage()); + } } /** diff --git a/core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java b/core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java index 86e99c0d59..9a3e413c9b 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java @@ -110,7 +110,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService { //~ Instance fields ================================================================================================ - protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); + protected final MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); private String authoritiesByUsernameQuery; private String groupAuthoritiesByUsernameQuery; @@ -205,9 +205,8 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService { return getJdbcTemplate().query(authoritiesByUsernameQuery, new String[] {username}, new RowMapper() { public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException { String roleName = rolePrefix + rs.getString(2); - GrantedAuthorityImpl authority = new GrantedAuthorityImpl(roleName); - return authority; + return new GrantedAuthorityImpl(roleName); } }); } @@ -221,9 +220,8 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService { return getJdbcTemplate().query(groupAuthoritiesByUsernameQuery, new String[] {username}, new RowMapper() { public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException { String roleName = getRolePrefix() + rs.getString(3); - GrantedAuthorityImpl authority = new GrantedAuthorityImpl(roleName); - return authority; + return new GrantedAuthorityImpl(roleName); } }); } diff --git a/core/src/main/java/org/springframework/security/core/userdetails/memory/UserMapEditor.java b/core/src/main/java/org/springframework/security/core/userdetails/memory/UserMapEditor.java index 3ad894e881..25c42b31e0 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/memory/UserMapEditor.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/memory/UserMapEditor.java @@ -49,8 +49,8 @@ public class UserMapEditor extends PropertyEditorSupport { // Now we have properties, process each one individually UserAttributeEditor configAttribEd = new UserAttributeEditor(); - for (Iterator iter = props.keySet().iterator(); iter.hasNext();) { - String username = (String) iter.next(); + for (Object o : props.keySet()) { + String username = (String) o; String value = props.getProperty(username); // Convert value to a password, enabled setting, and list of granted authorities diff --git a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java index 65fa2eb72e..d965c0b7f6 100644 --- a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java +++ b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java @@ -180,12 +180,12 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa if (getEnableAuthorities()) { deleteUserAuthorities(username); } - getJdbcTemplate().update(deleteUserSql, new Object[] {username}); + getJdbcTemplate().update(deleteUserSql, username); userCache.removeUserFromCache(username); } private void deleteUserAuthorities(String username) { - getJdbcTemplate().update(deleteUserAuthoritiesSql, new Object[] {username}); + getJdbcTemplate().update(deleteUserAuthoritiesSql, username); } public void changePassword(String oldPassword, String newPassword) throws AuthenticationException { @@ -255,12 +255,12 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa logger.debug("Creating new group '" + groupName + "' with authorities " + AuthorityUtils.authorityListToSet(authorities)); - getJdbcTemplate().update(insertGroupSql, new Object[] {groupName}); + getJdbcTemplate().update(insertGroupSql, groupName); final int groupId = findGroupId(groupName); - for (int i=0; i < authorities.size(); i++) { - final String authority = authorities.get(i).getAuthority(); + for (GrantedAuthority a : authorities) { + final String authority = a.getAuthority(); getJdbcTemplate().update(insertGroupAuthoritySql, new PreparedStatementSetter() { public void setValues(PreparedStatement ps) throws SQLException { ps.setInt(1, groupId); @@ -290,7 +290,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa Assert.hasText(oldName); Assert.hasText(newName); - getJdbcTemplate().update(renameGroupSql, new Object[] {newName, oldName}); + getJdbcTemplate().update(renameGroupSql, newName, oldName); } public void addUserToGroup(final String username, final String groupName) { @@ -330,16 +330,13 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa logger.debug("Loading authorities for group '" + groupName + "'"); Assert.hasText(groupName); - List authorities = getJdbcTemplate().query(groupAuthoritiesSql, new String[] {groupName}, new RowMapper() { + return getJdbcTemplate().query(groupAuthoritiesSql, new String[] {groupName}, new RowMapper() { public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException { String roleName = getRolePrefix() + rs.getString(3); - GrantedAuthorityImpl authority = new GrantedAuthorityImpl(roleName); - return authority; + return new GrantedAuthorityImpl(roleName); } }); - - return authorities; } public void removeGroupAuthority(String groupName, final GrantedAuthority authority) { @@ -373,7 +370,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa } private int findGroupId(String group) { - return getJdbcTemplate().queryForInt(findGroupIdSql, new Object[] {group}); + return getJdbcTemplate().queryForInt(findGroupIdSql, group); } public void setAuthenticationManager(AuthenticationManager authenticationManager) { diff --git a/core/src/main/java/org/springframework/security/remoting/dns/JndiDnsResolver.java b/core/src/main/java/org/springframework/security/remoting/dns/JndiDnsResolver.java index 1f51c91961..2df9c5d5d5 100644 --- a/core/src/main/java/org/springframework/security/remoting/dns/JndiDnsResolver.java +++ b/core/src/main/java/org/springframework/security/remoting/dns/JndiDnsResolver.java @@ -16,7 +16,7 @@ package org.springframework.security.remoting.dns; -import java.util.Hashtable; +import java.util.*; import javax.naming.Context; import javax.naming.NameNotFoundException; @@ -109,7 +109,7 @@ public class JndiDnsResolver implements DnsResolver { for (NamingEnumeration recordEnum = dnsRecord.getAll(); recordEnum.hasMoreElements();) { String[] record = recordEnum.next().toString().split(" "); if (record.length != 4) { - throw new DnsLookupException("Wrong service record for query " + query + ": [" + record + "]"); + throw new DnsLookupException("Wrong service record for query " + query + ": [" + Arrays.toString(record) + "]"); } int priority = Integer.parseInt(record[0]); int weight = Integer.parseInt(record[1]); @@ -139,8 +139,8 @@ public class JndiDnsResolver implements DnsResolver { private Attribute lookup(String query, DirContext ictx, String recordType) { try { Attributes dnsResult = ictx.getAttributes(query, new String[] { recordType }); - Attribute dnsRecord = dnsResult.get(recordType); - return dnsRecord; + + return dnsResult.get(recordType); } catch (NamingException e) { if (e instanceof NameNotFoundException) { throw new DnsEntryNotFoundException("DNS entry not found for:" + query, e); diff --git a/core/src/main/java/org/springframework/security/remoting/rmi/ContextPropagatingRemoteInvocation.java b/core/src/main/java/org/springframework/security/remoting/rmi/ContextPropagatingRemoteInvocation.java index 3822e4547f..b2bb2834c4 100644 --- a/core/src/main/java/org/springframework/security/remoting/rmi/ContextPropagatingRemoteInvocation.java +++ b/core/src/main/java/org/springframework/security/remoting/rmi/ContextPropagatingRemoteInvocation.java @@ -49,7 +49,7 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation { //~ Instance fields ================================================================================================ - private SecurityContext securityContext; + private final SecurityContext securityContext; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/util/FieldUtils.java b/core/src/main/java/org/springframework/security/util/FieldUtils.java index 6387a7fa9f..2ccb93a468 100644 --- a/core/src/main/java/org/springframework/security/util/FieldUtils.java +++ b/core/src/main/java/org/springframework/security/util/FieldUtils.java @@ -83,11 +83,10 @@ public final class FieldUtils { Assert.hasText(fieldName, "Field name required"); String[] nestedFields = StringUtils.tokenizeToStringArray(fieldName, "."); Class componentClass = bean.getClass(); - Field field = null; Object value = bean; - for (int i=0; i < nestedFields.length; i++) { - field = getField(componentClass, nestedFields[i]); + for (String nestedField : nestedFields) { + Field field = getField(componentClass, nestedField); field.setAccessible(true); value = field.get(value); if (value != null) { diff --git a/core/src/main/java/org/springframework/security/util/InMemoryResource.java b/core/src/main/java/org/springframework/security/util/InMemoryResource.java index b59553651c..a33989c19e 100644 --- a/core/src/main/java/org/springframework/security/util/InMemoryResource.java +++ b/core/src/main/java/org/springframework/security/util/InMemoryResource.java @@ -33,8 +33,8 @@ import java.util.Arrays; public class InMemoryResource extends AbstractResource { //~ Instance fields ================================================================================================ - private byte[] source; - private String description; + private final byte[] source; + private final String description; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/util/MethodInvocationUtils.java b/core/src/main/java/org/springframework/security/util/MethodInvocationUtils.java index 99a079ae45..572fa64860 100644 --- a/core/src/main/java/org/springframework/security/util/MethodInvocationUtils.java +++ b/core/src/main/java/org/springframework/security/util/MethodInvocationUtils.java @@ -67,13 +67,15 @@ public final class MethodInvocationUtils { Advised a = (Advised) object; if (!a.isProxyTargetClass()) { Class[] possibleInterfaces = a.getProxiedInterfaces(); - for (int i = 0; i < possibleInterfaces.length; i++) { + for (Class possibleInterface : possibleInterfaces) { try { - possibleInterfaces[i].getMethod(methodName, classArgs); + possibleInterface.getMethod(methodName, classArgs); // to get here means no exception happened - target = possibleInterfaces[i]; + target = possibleInterface; break; - } catch (Exception tryTheNextOne) {} + } catch (Exception ignored) { + // try the next one + } } } } diff --git a/core/src/test/java/org/springframework/security/access/vote/AbstractAccessDecisionManagerTests.java b/core/src/test/java/org/springframework/security/access/vote/AbstractAccessDecisionManagerTests.java index 63f1f21660..0cabf9e636 100644 --- a/core/src/test/java/org/springframework/security/access/vote/AbstractAccessDecisionManagerTests.java +++ b/core/src/test/java/org/springframework/security/access/vote/AbstractAccessDecisionManagerTests.java @@ -40,8 +40,7 @@ public class AbstractAccessDecisionManagerTests extends TestCase { //~ Methods ======================================================================================================== - public void testAllowIfAccessDecisionManagerDefaults() - throws Exception { + public void testAllowIfAccessDecisionManagerDefaults() { MockDecisionManagerImpl mock = new MockDecisionManagerImpl(); assertTrue(!mock.isAllowIfAllAbstainDecisions()); // default mock.setAllowIfAllAbstainDecisions(true); @@ -55,8 +54,8 @@ public class AbstractAccessDecisionManagerTests extends TestCase { list.add(new MockStringOnlyVoter()); mock.setDecisionVoters(list); - assertTrue(mock.supports(new String().getClass())); - assertTrue(!mock.supports(new Integer(7).getClass())); + assertTrue(mock.supports(String.class)); + assertTrue(!mock.supports(Integer.class)); } public void testDelegatesSupportsRequests() throws Exception { @@ -98,8 +97,7 @@ public class AbstractAccessDecisionManagerTests extends TestCase { } } - public void testRejectsListContainingInvalidObjectTypes() - throws Exception { + public void testRejectsListContainingInvalidObjectTypes() { MockDecisionManagerImpl mock = new MockDecisionManagerImpl(); List list = new Vector(); DenyVoter voter = new DenyVoter(); @@ -148,19 +146,13 @@ public class AbstractAccessDecisionManagerTests extends TestCase { //~ Inner Classes ================================================================================================== private class MockDecisionManagerImpl extends AbstractAccessDecisionManager { - public void decide(Authentication authentication, Object object, Collection configAttributes) - throws AccessDeniedException { - return; + public void decide(Authentication authentication, Object object, Collection configAttributes) { } } private class MockStringOnlyVoter implements AccessDecisionVoter { public boolean supports(Class clazz) { - if (String.class.isAssignableFrom(clazz)) { - return true; - } else { - return false; - } + return String.class.isAssignableFrom(clazz); } public boolean supports(ConfigAttribute attribute) { diff --git a/itest/context/src/main/java/org/springframework/security/integration/UserDetailsServiceImpl.java b/itest/context/src/main/java/org/springframework/security/integration/UserDetailsServiceImpl.java index dd0012b995..86675e3ec7 100755 --- a/itest/context/src/main/java/org/springframework/security/integration/UserDetailsServiceImpl.java +++ b/itest/context/src/main/java/org/springframework/security/integration/UserDetailsServiceImpl.java @@ -7,7 +7,7 @@ import org.springframework.transaction.annotation.Transactional; public class UserDetailsServiceImpl implements UserDetailsService { - @SuppressWarnings("unused") + @SuppressWarnings({"unused", "FieldCanBeLocal"}) private UserRepository userRepository; @Transactional(readOnly=true) diff --git a/itest/context/src/main/java/org/springframework/security/integration/python/PythonInterpreterPreInvocationAdvice.java b/itest/context/src/main/java/org/springframework/security/integration/python/PythonInterpreterPreInvocationAdvice.java index e1be9e6ffd..11a9e5e04d 100644 --- a/itest/context/src/main/java/org/springframework/security/integration/python/PythonInterpreterPreInvocationAdvice.java +++ b/itest/context/src/main/java/org/springframework/security/integration/python/PythonInterpreterPreInvocationAdvice.java @@ -19,7 +19,7 @@ import org.springframework.security.core.Authentication; import org.springframework.util.ClassUtils; public class PythonInterpreterPreInvocationAdvice implements PreInvocationAuthorizationAdvice{ - private ParameterNameDiscoverer parameterNameDiscoverer = new LocalVariableTableParameterNameDiscoverer(); + private final ParameterNameDiscoverer parameterNameDiscoverer = new LocalVariableTableParameterNameDiscoverer(); @SuppressWarnings("deprecation") public boolean before(Authentication authentication, MethodInvocation mi, PreInvocationAttribute preAttr) { diff --git a/itest/context/src/main/java/org/springframework/security/integration/python/PythonInterpreterPreInvocationAttribute.java b/itest/context/src/main/java/org/springframework/security/integration/python/PythonInterpreterPreInvocationAttribute.java index a1500810ba..8639c40a85 100644 --- a/itest/context/src/main/java/org/springframework/security/integration/python/PythonInterpreterPreInvocationAttribute.java +++ b/itest/context/src/main/java/org/springframework/security/integration/python/PythonInterpreterPreInvocationAttribute.java @@ -3,7 +3,7 @@ package org.springframework.security.integration.python; import org.springframework.security.access.prepost.PreInvocationAttribute; public class PythonInterpreterPreInvocationAttribute implements PreInvocationAttribute { - private String script; + private final String script; PythonInterpreterPreInvocationAttribute(String script) { this.script = script; diff --git a/ldap/src/main/java/org/springframework/security/ldap/DefaultLdapUsernameToDnMapper.java b/ldap/src/main/java/org/springframework/security/ldap/DefaultLdapUsernameToDnMapper.java index f936058b8d..282629db4c 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/DefaultLdapUsernameToDnMapper.java +++ b/ldap/src/main/java/org/springframework/security/ldap/DefaultLdapUsernameToDnMapper.java @@ -11,8 +11,8 @@ import org.springframework.ldap.core.DistinguishedName; * @author Luke Taylor */ public class DefaultLdapUsernameToDnMapper implements LdapUsernameToDnMapper { - private String userDnBase; - private String usernameAttribute; + private final String userDnBase; + private final String usernameAttribute; /** * @param userDnBase the base name of the DN diff --git a/ldap/src/main/java/org/springframework/security/ldap/LdapUtils.java b/ldap/src/main/java/org/springframework/security/ldap/LdapUtils.java index 3d885577cc..542bdbe794 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/LdapUtils.java +++ b/ldap/src/main/java/org/springframework/security/ldap/LdapUtils.java @@ -164,7 +164,7 @@ public final class LdapUtils { public static String parseRootDnFromUrl(String url) { Assert.hasLength(url); - String urlRootDn = ""; + String urlRootDn; if (url.startsWith("ldap:") || url.startsWith("ldaps:")) { URI uri = parseLdapUrl(url); diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java index 580b3674b1..bc0c57d6f1 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java @@ -38,7 +38,7 @@ import java.util.List; public abstract class AbstractLdapAuthenticator implements LdapAuthenticator, InitializingBean, MessageSourceAware { //~ Instance fields ================================================================================================ - private ContextSource contextSource; + private final ContextSource contextSource; /** Optional search object which can be used to locate a user when a simple DN match isn't sufficient */ private LdapUserSearch userSearch; @@ -94,8 +94,8 @@ public abstract class AbstractLdapAuthenticator implements LdapAuthenticator, In String[] args = new String[] {username}; synchronized (userDnFormat) { - for (int i = 0; i < userDnFormat.length; i++) { - userDns.add(userDnFormat[i].format(args)); + for (MessageFormat formatter : userDnFormat) { + userDns.add(formatter.format(args)); } } diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java index 7895675f47..fb13b2e285 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java @@ -293,7 +293,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa return result; } - public boolean supports(Class authentication) { + public boolean supports(Class authentication) { return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication)); } } diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java index ce32d707e8..687e0dc43d 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java @@ -17,7 +17,7 @@ import org.springframework.util.Assert; * @since 2.0 */ public class UserDetailsServiceLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator { - private UserDetailsService userDetailsService; + private final UserDetailsService userDetailsService; public UserDetailsServiceLdapAuthoritiesPopulator(UserDetailsService userService) { Assert.notNull(userService, "userDetailsService cannot be null"); diff --git a/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyControl.java b/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyControl.java index cf1642c2ab..8a276b501d 100755 --- a/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyControl.java +++ b/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyControl.java @@ -39,7 +39,7 @@ public class PasswordPolicyControl implements Control { //~ Instance fields ================================================================================================ - private boolean critical; + private final boolean critical; //~ Constructors =================================================================================================== diff --git a/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyErrorStatus.java b/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyErrorStatus.java index a727270d5e..0a261096cd 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyErrorStatus.java +++ b/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyErrorStatus.java @@ -35,8 +35,8 @@ public enum PasswordPolicyErrorStatus { PASSWORD_TOO_YOUNG ("ppolicy.password.too.young", "Your password was changed too recently to be changed again"), PASSWORD_IN_HISTORY ("ppolicy.password.in.history", "The supplied password has already been used"); - private String errorCode; - private String defaultMessage; + private final String errorCode; + private final String defaultMessage; private PasswordPolicyErrorStatus(String errorCode, String defaultMessage) { this.errorCode = errorCode; diff --git a/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyException.java b/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyException.java index 3964232314..50d13bb27c 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyException.java +++ b/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyException.java @@ -9,7 +9,7 @@ package org.springframework.security.ldap.ppolicy; * @since 3.0 */ public class PasswordPolicyException extends RuntimeException { - private PasswordPolicyErrorStatus status; + private final PasswordPolicyErrorStatus status; public PasswordPolicyException(PasswordPolicyErrorStatus status) { super(status.getDefaultMessage()); diff --git a/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyResponseControl.java b/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyResponseControl.java index 3883e9f110..08120ebb93 100755 --- a/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyResponseControl.java +++ b/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyResponseControl.java @@ -55,7 +55,7 @@ public class PasswordPolicyResponseControl extends PasswordPolicyControl { //~ Instance fields ================================================================================================ - private byte[] encodedValue; + private final byte[] encodedValue; private PasswordPolicyErrorStatus errorStatus; @@ -279,7 +279,7 @@ public class PasswordPolicyResponseControl extends PasswordPolicyControl { } private void setInChoice(boolean inChoice) { - this.inChoice = new Boolean(inChoice); + this.inChoice = Boolean.valueOf(inChoice); } } } diff --git a/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java b/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java index cefe847f09..8ea6f89d4b 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java +++ b/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java @@ -48,13 +48,13 @@ public class FilterBasedLdapUserSearch implements LdapUserSearch { //~ Instance fields ================================================================================================ - private ContextSource contextSource; + private final ContextSource contextSource; /** * The LDAP SearchControls object used for the search. Shared between searches so shouldn't be modified * once the bean has been configured. */ - private SearchControls searchControls = new SearchControls(); + private final SearchControls searchControls = new SearchControls(); /** Context name to search in, relative to the base of the configured ContextSource. */ private String searchBase = ""; @@ -70,7 +70,7 @@ public class FilterBasedLdapUserSearch implements LdapUserSearch { *

  • (uid={0}) - this would search for a username match on the uid attribute.
    • * */ - private String searchFilter; + private final String searchFilter; //~ Constructors =================================================================================================== diff --git a/ldap/src/main/java/org/springframework/security/ldap/server/ApacheDSContainer.java b/ldap/src/main/java/org/springframework/security/ldap/server/ApacheDSContainer.java index 398789cc73..2c0d4f37ae 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/server/ApacheDSContainer.java +++ b/ldap/src/main/java/org/springframework/security/ldap/server/ApacheDSContainer.java @@ -50,18 +50,18 @@ import org.springframework.util.Assert; * @author Luke Taylor */ public class ApacheDSContainer implements InitializingBean, DisposableBean, Lifecycle, ApplicationContextAware { - private Log logger = LogFactory.getLog(getClass()); + private final Log logger = LogFactory.getLog(getClass()); - DefaultDirectoryService service; + final DefaultDirectoryService service; LdapServer server; private ApplicationContext ctxt; private File workingDir; private boolean running; - private String ldifResources; - private JdbmPartition partition; - private String root; + private final String ldifResources; + private final JdbmPartition partition; + private final String root; private int port = 53389; public ApacheDSContainer(String root, String ldifs) throws Exception { @@ -241,8 +241,8 @@ public class ApacheDSContainer implements InitializingBean, DisposableBean, Life private boolean deleteDir(File dir) { if (dir.isDirectory()) { String[] children = dir.list(); - for (int i=0; i < children.length; i++) { - boolean success = deleteDir(new File(dir, children[i])); + for (String child : children) { + boolean success = deleteDir(new File(dir, child)); if (!success) { return false; } diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java index c35fec53e0..19ab6d0701 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java @@ -102,13 +102,13 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator */ private GrantedAuthority defaultRole; - private SpringSecurityLdapTemplate ldapTemplate; + private final SpringSecurityLdapTemplate ldapTemplate; /** * Controls used to determine whether group searches should be performed over the full sub-tree from the * base DN. Modified by searchSubTree property */ - private SearchControls searchControls = new SearchControls(); + private final SearchControls searchControls = new SearchControls(); /** * The ID of the attribute which contains the role name for a group diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java index 9ff0c0bced..a7e7fb747a 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java @@ -89,7 +89,7 @@ public class LdapUserDetailsManager implements UserDetailsManager { /** The attribute which contains members of a group */ private String groupMemberAttributeName = "uniquemember"; - private String rolePrefix = "ROLE_"; + private final String rolePrefix = "ROLE_"; /** The pattern to be used for the user search. {0} is the user's DN */ private String groupSearchFilter = "(uniquemember={0})"; @@ -99,7 +99,7 @@ public class LdapUserDetailsManager implements UserDetailsManager { */ private UserDetailsContextMapper userDetailsMapper = new InetOrgPersonContextMapper(); - private LdapTemplate template; + private final LdapTemplate template; /** Default context mapper used to create a set of roles from a list of attributes */ private AttributesMapper roleMapper = new AttributesMapper() { diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java index d4fd2e4350..410397e7d1 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java @@ -70,8 +70,8 @@ public class LdapUserDetailsMapper implements UserDetailsContextMapper { continue; } - for (int j = 0; j < rolesForAttribute.length; j++) { - GrantedAuthority authority = createAuthority(rolesForAttribute[j]); + for (String role : rolesForAttribute) { + GrantedAuthority authority = createAuthority(role); if (authority != null) { essence.addAuthority(authority); diff --git a/openid/src/main/java/org/springframework/security/openid/OpenID4JavaConsumer.java b/openid/src/main/java/org/springframework/security/openid/OpenID4JavaConsumer.java index e5c4f3db6a..e9b4f80096 100644 --- a/openid/src/main/java/org/springframework/security/openid/OpenID4JavaConsumer.java +++ b/openid/src/main/java/org/springframework/security/openid/OpenID4JavaConsumer.java @@ -74,7 +74,7 @@ public class OpenID4JavaConsumer implements OpenIDConsumer { throws ConsumerException { this.consumerManager = consumerManager; this.attributesToFetchFactory = new AxFetchListFactory() { - private List fetchAttrs = Collections.unmodifiableList(attributes); + private final List fetchAttrs = Collections.unmodifiableList(attributes); public List createAttributeList(String identifier) { return fetchAttrs; diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java index d3a0d8a341..2ebcd1759c 100644 --- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java +++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java @@ -121,7 +121,7 @@ public class OpenIDAuthenticationProvider implements AuthenticationProvider, Ini /* (non-Javadoc) * @see org.springframework.security.authentication.AuthenticationProvider#supports(java.lang.Class) */ - public boolean supports(Class authentication) { + public boolean supports(Class authentication) { return OpenIDAuthenticationToken.class.isAssignableFrom(authentication); } } diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java index 99d6f29e94..20f9e0b653 100644 --- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java +++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java @@ -48,7 +48,7 @@ public class OpenIDAuthenticationStatus implements Serializable { //~ Instance fields ================================================================================================ - private String name; + private final String name; private final int ordinal = nextOrdinal++; //~ Constructors =================================================================================================== diff --git a/samples/contacts/src/main/java/sample/contact/AddDeleteContactController.java b/samples/contacts/src/main/java/sample/contact/AddDeleteContactController.java index 35e88e07b3..228bd6e2b0 100644 --- a/samples/contacts/src/main/java/sample/contact/AddDeleteContactController.java +++ b/samples/contacts/src/main/java/sample/contact/AddDeleteContactController.java @@ -20,7 +20,7 @@ import org.springframework.web.servlet.ModelAndView; public class AddDeleteContactController { @Autowired private ContactManager contactManager; - private Validator validator = new WebContactValidator(); + private final Validator validator = new WebContactValidator(); /** * Displays the "add contact" form. diff --git a/samples/contacts/src/main/java/sample/contact/AdminPermissionController.java b/samples/contacts/src/main/java/sample/contact/AdminPermissionController.java index 812a41c967..424430be5a 100644 --- a/samples/contacts/src/main/java/sample/contact/AdminPermissionController.java +++ b/samples/contacts/src/main/java/sample/contact/AdminPermissionController.java @@ -45,8 +45,8 @@ public final class AdminPermissionController implements MessageSourceAware{ @Autowired private ContactManager contactManager; private MessageSourceAccessor messages; - private Validator addPermissionValidator = new AddPermissionValidator(); - private PermissionFactory permissionFactory = new DefaultPermissionFactory(); + private final Validator addPermissionValidator = new AddPermissionValidator(); + private final PermissionFactory permissionFactory = new DefaultPermissionFactory(); /** * Displays the permission admin page for a particular contact. @@ -83,7 +83,7 @@ public final class AdminPermissionController implements MessageSourceAware{ @InitBinder("addPermission") public void initBinder(WebDataBinder binder) { - binder.setAllowedFields(new String[] {"recipient", "permission"}); + binder.setAllowedFields("recipient", "permission"); } /** diff --git a/samples/contacts/src/main/java/sample/contact/ClientApplication.java b/samples/contacts/src/main/java/sample/contact/ClientApplication.java index 4d0207bdc6..99dffb82a8 100644 --- a/samples/contacts/src/main/java/sample/contact/ClientApplication.java +++ b/samples/contacts/src/main/java/sample/contact/ClientApplication.java @@ -63,7 +63,7 @@ public class ClientApplication { Method method = object.getClass().getMethod("setUsername", new Class[] {String.class}); System.out.println("Found; Trying to setUsername(String) to " + authentication.getPrincipal()); - method.invoke(object, new Object[] {authentication.getPrincipal()}); + method.invoke(object, authentication.getPrincipal()); } catch (NoSuchMethodException ignored) { System.out.println("This client proxy factory does not have a setUsername(String) method"); } catch (IllegalAccessException ignored) { @@ -76,7 +76,7 @@ public class ClientApplication { System.out.println("Trying to find setPassword(String) method on: " + object.getClass().getName()); Method method = object.getClass().getMethod("setPassword", new Class[] {String.class}); - method.invoke(object, new Object[] {authentication.getCredentials()}); + method.invoke(object, authentication.getCredentials()); System.out.println("Found; Trying to setPassword(String) to " + authentication.getCredentials()); } catch (NoSuchMethodException ignored) { System.out.println("This client proxy factory does not have a setPassword(String) method"); diff --git a/samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java b/samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java index 051ba22fa8..f5a5cbb7e4 100644 --- a/samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java +++ b/samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java @@ -134,9 +134,7 @@ public class ContactManagerBackend extends ApplicationObjectSupport implements C public List getAllRecipients() { logger.debug("Returning all recipients"); - List list = contactDao.findAllPrincipals(); - - return list; + return contactDao.findAllPrincipals(); } @Transactional(readOnly=true) diff --git a/samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java b/samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java index 1edeb4fc5b..4148ef4b11 100644 --- a/samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java +++ b/samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java @@ -49,14 +49,14 @@ public class DataSourcePopulator implements InitializingBean { JdbcTemplate template; private MutableAclService mutableAclService; - Random rnd = new Random(); + final Random rnd = new Random(); TransactionTemplate tt; - String[] firstNames = { + final String[] firstNames = { "Bob", "Mary", "James", "Jane", "Kristy", "Kirsty", "Kate", "Jeni", "Angela", "Melanie", "Kent", "William", "Geoff", "Jeff", "Adrian", "Amanda", "Lisa", "Elizabeth", "Prue", "Richard", "Darin", "Phillip", "Michael", "Belinda", "Samantha", "Brian", "Greg", "Matthew" }; - String[] lastNames = { + final String[] lastNames = { "Smith", "Williams", "Jackson", "Rictor", "Nelson", "Fitzgerald", "McAlpine", "Sutherland", "Abbott", "Hall", "Edwards", "Gates", "Black", "Brown", "Gray", "Marwell", "Booch", "Johnson", "McTaggart", "Parklin", "Findlay", "Robinson", "Giugni", "Lang", "Chi", "Carmichael" diff --git a/samples/gae/src/main/java/samples/gae/security/AppRole.java b/samples/gae/src/main/java/samples/gae/security/AppRole.java index f59a75e96e..c7ebffa7ba 100644 --- a/samples/gae/src/main/java/samples/gae/security/AppRole.java +++ b/samples/gae/src/main/java/samples/gae/security/AppRole.java @@ -10,7 +10,7 @@ public enum AppRole implements GrantedAuthority { NEW_USER (1), USER (2); - private int bit; + private final int bit; /** * Creates an authority with a specific bit representation. It's important that this doesn't diff --git a/samples/gae/src/main/java/samples/gae/security/GaeAuthenticationFilter.java b/samples/gae/src/main/java/samples/gae/security/GaeAuthenticationFilter.java index f08bdcfe89..5077bff947 100644 --- a/samples/gae/src/main/java/samples/gae/security/GaeAuthenticationFilter.java +++ b/samples/gae/src/main/java/samples/gae/security/GaeAuthenticationFilter.java @@ -32,7 +32,7 @@ public class GaeAuthenticationFilter extends GenericFilterBean { private final Logger logger = LoggerFactory.getLogger(getClass()); - private AuthenticationDetailsSource ads = new WebAuthenticationDetailsSource(); + private final AuthenticationDetailsSource ads = new WebAuthenticationDetailsSource(); private AuthenticationManager authenticationManager; private AuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler(); diff --git a/samples/gae/src/main/java/samples/gae/users/InMemoryUserRegistry.java b/samples/gae/src/main/java/samples/gae/users/InMemoryUserRegistry.java index 16be6aabef..613700c31d 100644 --- a/samples/gae/src/main/java/samples/gae/users/InMemoryUserRegistry.java +++ b/samples/gae/src/main/java/samples/gae/users/InMemoryUserRegistry.java @@ -14,7 +14,7 @@ import org.springframework.util.Assert; public class InMemoryUserRegistry implements UserRegistry { private final Logger logger = LoggerFactory.getLogger(getClass()); - private Map users = Collections.synchronizedMap(new HashMap()); + private final Map users = Collections.synchronizedMap(new HashMap()); public GaeUser findUser(String userId) { return users.get(userId); diff --git a/samples/openid/src/main/java/org/springframework/security/samples/openid/CustomUserDetailsService.java b/samples/openid/src/main/java/org/springframework/security/samples/openid/CustomUserDetailsService.java index 57dd73c633..b889a78daa 100644 --- a/samples/openid/src/main/java/org/springframework/security/samples/openid/CustomUserDetailsService.java +++ b/samples/openid/src/main/java/org/springframework/security/samples/openid/CustomUserDetailsService.java @@ -22,7 +22,7 @@ import org.springframework.security.openid.OpenIDAuthenticationToken; */ public class CustomUserDetailsService implements UserDetailsService, AuthenticationUserDetailsService { - private Map registeredUsers = new HashMap(); + private final Map registeredUsers = new HashMap(); private static final List DEFAULT_AUTHORITIES = AuthorityUtils.createAuthorityList("ROLE_USER"); diff --git a/samples/tutorial/src/main/java/bigbank/BankDaoStub.java b/samples/tutorial/src/main/java/bigbank/BankDaoStub.java index 2c6a4ce51d..d322d78836 100644 --- a/samples/tutorial/src/main/java/bigbank/BankDaoStub.java +++ b/samples/tutorial/src/main/java/bigbank/BankDaoStub.java @@ -5,7 +5,7 @@ import java.util.Map; public class BankDaoStub implements BankDao { private long id = 0; - private Map accounts = new HashMap(); + private final Map accounts = new HashMap(); public void createOrUpdateAccount(Account account) { if (account.getId() == -1) { @@ -17,12 +17,12 @@ public class BankDaoStub implements BankDao { } public Account[] findAccounts() { - Account[] a = accounts.values().toArray(new Account[] {}); - System.out.println("Returning " + a.length + " account(s):"); - for (int i = 0; i < a.length; i++) { - System.out.println(" > " + a[i]); + Account[] accounts = this.accounts.values().toArray(new Account[] {}); + System.out.println("Returning " + accounts.length + " account(s):"); + for (Account account : accounts) { + System.out.println(" > " + account); } - return a; + return accounts; } public Account readAccount(Long id) { diff --git a/samples/tutorial/src/main/java/bigbank/BankServiceImpl.java b/samples/tutorial/src/main/java/bigbank/BankServiceImpl.java index 59ac02b0d1..ab1bc0c12a 100644 --- a/samples/tutorial/src/main/java/bigbank/BankServiceImpl.java +++ b/samples/tutorial/src/main/java/bigbank/BankServiceImpl.java @@ -4,7 +4,7 @@ import org.aspectj.lang.annotation.Pointcut; import org.springframework.util.Assert; public class BankServiceImpl implements BankService { - private BankDao bankDao; + private final BankDao bankDao; // Not used unless you declare a @Pointcut("execution(* bigbank.BankServiceImpl.*(..))") diff --git a/samples/tutorial/src/main/java/bigbank/web/ListAccounts.java b/samples/tutorial/src/main/java/bigbank/web/ListAccounts.java index ac31e1a197..2428c82746 100644 --- a/samples/tutorial/src/main/java/bigbank/web/ListAccounts.java +++ b/samples/tutorial/src/main/java/bigbank/web/ListAccounts.java @@ -11,7 +11,7 @@ import bigbank.BankService; public class ListAccounts implements Controller { - private BankService bankService; + private final BankService bankService; public ListAccounts(BankService bankService) { Assert.notNull(bankService); diff --git a/samples/tutorial/src/main/java/bigbank/web/PostAccounts.java b/samples/tutorial/src/main/java/bigbank/web/PostAccounts.java index 8caa9066d8..53ffe5c20c 100644 --- a/samples/tutorial/src/main/java/bigbank/web/PostAccounts.java +++ b/samples/tutorial/src/main/java/bigbank/web/PostAccounts.java @@ -13,7 +13,7 @@ import bigbank.BankService; public class PostAccounts implements Controller { - private BankService bankService; + private final BankService bankService; public PostAccounts(BankService bankService) { Assert.notNull(bankService); diff --git a/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java b/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java index 117778805d..a894cd7ffd 100644 --- a/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java +++ b/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java @@ -98,7 +98,7 @@ public class AccessControlListTag extends TagSupport { List requiredPermissions = parsePermissionsString(evaledPermissionsString); - Object resolvedDomainObject = null; + Object resolvedDomainObject; if (domainObject instanceof String) { resolvedDomainObject = ExpressionEvaluationUtils.evaluate("domainObject", (String) domainObject, diff --git a/taglibs/src/main/java/org/springframework/security/taglibs/velocity/AuthzImpl.java b/taglibs/src/main/java/org/springframework/security/taglibs/velocity/AuthzImpl.java index 403c153c71..c809f52882 100644 --- a/taglibs/src/main/java/org/springframework/security/taglibs/velocity/AuthzImpl.java +++ b/taglibs/src/main/java/org/springframework/security/taglibs/velocity/AuthzImpl.java @@ -77,7 +77,7 @@ public class AuthzImpl implements Authz { private boolean ifGranted(String roles, int grantType) { LegacyAuthorizeTag authorizeTag = new LegacyAuthorizeTag(); - int result = -1; + int result; try { switch (grantType) { @@ -105,11 +105,7 @@ public class AuthzImpl implements Authz { throw new IllegalArgumentException(je.getMessage()); } - if (Tag.EVAL_BODY_INCLUDE == result) { - return true; - } else { - return false; - } + return Tag.EVAL_BODY_INCLUDE == result; } public boolean noneGranted(String roles) { diff --git a/web/src/main/java/org/springframework/security/web/FilterChainProxy.java b/web/src/main/java/org/springframework/security/web/FilterChainProxy.java index 7ec9989b67..e369c0148c 100644 --- a/web/src/main/java/org/springframework/security/web/FilterChainProxy.java +++ b/web/src/main/java/org/springframework/security/web/FilterChainProxy.java @@ -208,10 +208,8 @@ public class FilterChainProxy extends GenericFilterBean { Object filters = filterChainMap.get(key); Assert.isInstanceOf(List.class, filters, "Value must be a filter list"); // Check the contents - Iterator filterIterator = ((List)filters).iterator(); - while (filterIterator.hasNext()) { - Object filter = filterIterator.next(); + for (Object filter : ((List) filters)) { Assert.isInstanceOf(Filter.class, filter, "Objects in filter chain must be of type Filter. "); } } @@ -269,8 +267,8 @@ public class FilterChainProxy extends GenericFilterBean { * Filter should be called or not.

    */ private static class VirtualFilterChain implements FilterChain { - private FilterInvocation fi; - private List additionalFilters; + private final FilterInvocation fi; + private final List additionalFilters; private int currentPosition = 0; private VirtualFilterChain(FilterInvocation filterInvocation, List additionalFilters) { diff --git a/web/src/main/java/org/springframework/security/web/PortMapperImpl.java b/web/src/main/java/org/springframework/security/web/PortMapperImpl.java index 5dd3a6ce88..9dcbd496e7 100644 --- a/web/src/main/java/org/springframework/security/web/PortMapperImpl.java +++ b/web/src/main/java/org/springframework/security/web/PortMapperImpl.java @@ -34,7 +34,7 @@ import java.util.Map; public class PortMapperImpl implements PortMapper { //~ Instance fields ================================================================================================ - private Map httpsPortMappings; + private final Map httpsPortMappings; //~ Constructors =================================================================================================== @@ -55,11 +55,7 @@ public class PortMapperImpl implements PortMapper { } public Integer lookupHttpPort(Integer httpsPort) { - Iterator iter = httpsPortMappings.keySet().iterator(); - - while (iter.hasNext()) { - Integer httpPort = iter.next(); - + for (Integer httpPort : httpsPortMappings.keySet()) { if (httpsPortMappings.get(httpPort).equals(httpsPort)) { return httpPort; } diff --git a/web/src/main/java/org/springframework/security/web/access/DefaultWebInvocationPrivilegeEvaluator.java b/web/src/main/java/org/springframework/security/web/access/DefaultWebInvocationPrivilegeEvaluator.java index 863fd802c5..1700ed213b 100644 --- a/web/src/main/java/org/springframework/security/web/access/DefaultWebInvocationPrivilegeEvaluator.java +++ b/web/src/main/java/org/springframework/security/web/access/DefaultWebInvocationPrivilegeEvaluator.java @@ -41,7 +41,7 @@ public class DefaultWebInvocationPrivilegeEvaluator implements WebInvocationPriv //~ Instance fields ================================================================================================ - private AbstractSecurityInterceptor securityInterceptor; + private final AbstractSecurityInterceptor securityInterceptor; //~ Constructors =================================================================================================== diff --git a/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImpl.java b/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImpl.java index 5652587ec1..91705d49d0 100644 --- a/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImpl.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImpl.java @@ -62,11 +62,7 @@ public class ChannelDecisionManagerImpl implements ChannelDecisionManager, Initi } public void decide(FilterInvocation invocation, Collection config) throws IOException, ServletException { - - Iterator attrs = config.iterator(); - - while (attrs.hasNext()) { - ConfigAttribute attribute = attrs.next(); + for (ConfigAttribute attribute : config) { if (ANY_CHANNEL.equals(attribute.getAttribute())) { return; } diff --git a/web/src/main/java/org/springframework/security/web/access/channel/InsecureChannelProcessor.java b/web/src/main/java/org/springframework/security/web/access/channel/InsecureChannelProcessor.java index 32da4bf7cf..1128e078f5 100644 --- a/web/src/main/java/org/springframework/security/web/access/channel/InsecureChannelProcessor.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/InsecureChannelProcessor.java @@ -82,11 +82,7 @@ public class InsecureChannelProcessor implements InitializingBean, ChannelProces } public boolean supports(ConfigAttribute attribute) { - if ((attribute != null) && (attribute.getAttribute() != null) - && attribute.getAttribute().equals(getInsecureKeyword())) { - return true; - } else { - return false; - } + return (attribute != null) && (attribute.getAttribute() != null) + && attribute.getAttribute().equals(getInsecureKeyword()); } } diff --git a/web/src/main/java/org/springframework/security/web/access/channel/SecureChannelProcessor.java b/web/src/main/java/org/springframework/security/web/access/channel/SecureChannelProcessor.java index fe284b3a60..62a7b60815 100644 --- a/web/src/main/java/org/springframework/security/web/access/channel/SecureChannelProcessor.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/SecureChannelProcessor.java @@ -80,11 +80,7 @@ public class SecureChannelProcessor implements InitializingBean, ChannelProcesso } public boolean supports(ConfigAttribute attribute) { - if ((attribute != null) && (attribute.getAttribute() != null) - && attribute.getAttribute().equals(getSecureKeyword())) { - return true; - } else { - return false; - } + return (attribute != null) && (attribute.getAttribute() != null) + && attribute.getAttribute().equals(getSecureKeyword()); } } diff --git a/web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java b/web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java index 85b08984d5..8af5c18e26 100644 --- a/web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java @@ -24,8 +24,8 @@ import org.springframework.security.web.FilterInvocation; */ public class DefaultWebSecurityExpressionHandler implements WebSecurityExpressionHandler, ApplicationContextAware { - private AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl(); - private ExpressionParser expressionParser = new SpelExpressionParser(); + private final AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl(); + private final ExpressionParser expressionParser = new SpelExpressionParser(); private final SecurityExpressionRootPropertyAccessor sxrpa = new SecurityExpressionRootPropertyAccessor(); private RoleHierarchy roleHierarchy; private ApplicationContext applicationContext; diff --git a/web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java b/web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java index c039dd6ccd..b095e9ea69 100644 --- a/web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java +++ b/web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java @@ -95,7 +95,7 @@ public class FilterSecurityInterceptor extends AbstractSecurityInterceptor imple this.securityMetadataSource = newSource; } - public Class getSecureObjectClass() { + public Class getSecureObjectClass() { return FilterInvocation.class; } diff --git a/web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java b/web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java index 3c699f4e08..21b13a7806 100644 --- a/web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java +++ b/web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java @@ -5,8 +5,8 @@ package org.springframework.security.web.access.intercept; * @since 2.0 */ public class RequestKey { - private String url; - private String method; + private final String url; + private final String method; public RequestKey(String url) { this(url, null); diff --git a/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java b/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java index bc6c860300..73acda5aee 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java @@ -46,7 +46,7 @@ import org.springframework.util.StringUtils; */ public abstract class AbstractAuthenticationTargetUrlRequestHandler { - public static String DEFAULT_TARGET_PARAMETER = "spring-security-redirect"; + public static final String DEFAULT_TARGET_PARAMETER = "spring-security-redirect"; protected final Log logger = LogFactory.getLog(this.getClass()); private String targetUrlParameter = DEFAULT_TARGET_PARAMETER; private String defaultTargetUrl = "/"; diff --git a/web/src/main/java/org/springframework/security/web/authentication/DelegatingAuthenticationEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/DelegatingAuthenticationEntryPoint.java index 1f55604cfe..933714e93f 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/DelegatingAuthenticationEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/authentication/DelegatingAuthenticationEntryPoint.java @@ -56,7 +56,7 @@ import org.springframework.util.Assert; */ public class DelegatingAuthenticationEntryPoint implements AuthenticationEntryPoint, InitializingBean { - private LinkedHashMap entryPoints; + private final LinkedHashMap entryPoints; private AuthenticationEntryPoint defaultEntryPoint; public DelegatingAuthenticationEntryPoint(LinkedHashMap entryPoints) { diff --git a/web/src/main/java/org/springframework/security/web/authentication/ExceptionMappingAuthenticationFailureHandler.java b/web/src/main/java/org/springframework/security/web/authentication/ExceptionMappingAuthenticationFailureHandler.java index 7d3ece9a12..778ca0e944 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/ExceptionMappingAuthenticationFailureHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/ExceptionMappingAuthenticationFailureHandler.java @@ -25,7 +25,7 @@ import org.springframework.util.Assert; * @since 3.0 */ public class ExceptionMappingAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler { - private Map failureUrlMap = new HashMap(); + private final Map failureUrlMap = new HashMap(); @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, diff --git a/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java index 52a690062e..2d21323eca 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java @@ -79,7 +79,7 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin private boolean useForward = false; - private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); + private final RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); //~ Methods ======================================================================================================== diff --git a/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java b/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java index 7572e65d7c..f4aa8cf05c 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java +++ b/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java @@ -31,8 +31,8 @@ import javax.servlet.http.HttpSession; public class WebAuthenticationDetails implements SessionIdentifierAware, Serializable { //~ Instance fields ================================================================================================ - private String remoteAddress; - private String sessionId; + private final String remoteAddress; + private final String sessionId; //~ Constructors =================================================================================================== diff --git a/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutFilter.java b/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutFilter.java index 1ca909369b..2854c4648e 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutFilter.java @@ -50,8 +50,8 @@ public class LogoutFilter extends GenericFilterBean { //~ Instance fields ================================================================================================ private String filterProcessesUrl = "/j_spring_security_logout"; - private List handlers; - private LogoutSuccessHandler logoutSuccessHandler; + private final List handlers; + private final LogoutSuccessHandler logoutSuccessHandler; //~ Constructors =================================================================================================== diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilter.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilter.java index 9807b4003b..a1d82f2049 100755 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilter.java @@ -91,7 +91,7 @@ public abstract class AbstractPreAuthenticatedProcessingFilter extends GenericFi * Do the actual authentication for a pre-authenticated user. */ private void doAuthenticate(HttpServletRequest request, HttpServletResponse response) { - Authentication authResult = null; + Authentication authResult; Object principal = getPreAuthenticatedPrincipal(request); Object credentials = getPreAuthenticatedCredentials(request); diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProvider.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProvider.java index d19dc79ad1..4d0f98a089 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProvider.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProvider.java @@ -91,7 +91,7 @@ public class PreAuthenticatedAuthenticationProvider implements AuthenticationPro /** * Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes. */ - public final boolean supports(Class authentication) { + public final boolean supports(Class authentication) { return PreAuthenticatedAuthenticationToken.class.isAssignableFrom(authentication); } diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java index d754a5760b..83a9dab760 100755 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java @@ -42,8 +42,7 @@ public class PreAuthenticatedGrantedAuthoritiesUserDetailsService Assert.notNull(token.getDetails()); Assert.isInstanceOf(GrantedAuthoritiesContainer.class, token.getDetails()); List authorities = ((GrantedAuthoritiesContainer) token.getDetails()).getGrantedAuthorities(); - UserDetails ud = createuserDetails(token, authorities); - return ud; + return createuserDetails(token, authorities); } /** diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails.java index 818eb99305..371677e861 100755 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails.java @@ -21,7 +21,7 @@ public class PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails extends MutableGrantedAuthoritiesContainer { public static final long serialVersionUID = 1L; - private MutableGrantedAuthoritiesContainer authoritiesContainer = new GrantedAuthoritiesContainerImpl(); + private final MutableGrantedAuthoritiesContainer authoritiesContainer = new GrantedAuthoritiesContainerImpl(); public PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(HttpServletRequest request) { super(request); diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/RequestHeaderAuthenticationFilter.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/RequestHeaderAuthenticationFilter.java index ec656c3f02..77c662f395 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/RequestHeaderAuthenticationFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/RequestHeaderAuthenticationFilter.java @@ -53,9 +53,7 @@ public class RequestHeaderAuthenticationFilter extends AbstractPreAuthenticatedP */ protected Object getPreAuthenticatedCredentials(HttpServletRequest request) { if (credentialsRequestHeader != null) { - String credentials = request.getHeader(credentialsRequestHeader); - - return credentials; + return request.getHeader(credentialsRequestHeader); } return "N/A"; diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/websphere/DefaultWASUsernameAndGroupsExtractor.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/websphere/DefaultWASUsernameAndGroupsExtractor.java index aeced5c008..1e3c8f4a06 100755 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/websphere/DefaultWASUsernameAndGroupsExtractor.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/websphere/DefaultWASUsernameAndGroupsExtractor.java @@ -54,7 +54,7 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups * The subject for which to retrieve the security name * @return String the security name for the given subject */ - private static final String getSecurityName(final Subject subject) { + private static String getSecurityName(final Subject subject) { if (logger.isDebugEnabled()) { logger.debug("Determining Websphere security name for subject " + subject); } @@ -77,7 +77,7 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups * * @return Subject the current RunAs subject */ - private static final Subject getRunAsSubject() { + private static Subject getRunAsSubject() { logger.debug("Retrieving WebSphere RunAs subject"); // get Subject: WSSubject.getCallerSubject (); return (Subject) invokeMethod(getRunAsSubjectMethod(), null, new Object[] {}); @@ -90,7 +90,7 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups * The subject for which to retrieve the WebSphere group names * @return the WebSphere group names for the given subject */ - private static final List getWebSphereGroups(final Subject subject) { + private static List getWebSphereGroups(final Subject subject) { return getWebSphereGroups(getSecurityName(subject)); } @@ -102,7 +102,7 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups * @return the WebSphere group names for the given security name */ @SuppressWarnings("unchecked") - private static final List getWebSphereGroups(final String securityName) { + private static List getWebSphereGroups(final String securityName) { Context ic = null; try { // TODO: Cache UserRegistry object @@ -123,14 +123,16 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups throw new RuntimeException("Exception occured while looking up groups for user", e); } finally { try { - ic.close(); + if (ic != null) { + ic.close(); + } } catch (NamingException e) { logger.debug("Exception occured while closing context", e); } } } - private static final Object invokeMethod(Method method, Object instance, Object[] args) + private static Object invokeMethod(Method method, Object instance, Object[] args) { try { return method.invoke(instance,args); @@ -146,7 +148,7 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups } } - private static final Method getMethod(String className, String methodName, String[] parameterTypeNames) { + private static Method getMethod(String className, String methodName, String[] parameterTypeNames) { try { Class c = Class.forName(className); final int len = parameterTypeNames.length; @@ -164,21 +166,21 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups } } - private static final Method getRunAsSubjectMethod() { + private static Method getRunAsSubjectMethod() { if (getRunAsSubject == null) { getRunAsSubject = getMethod("com.ibm.websphere.security.auth.WSSubject", "getRunAsSubject", new String[] {}); } return getRunAsSubject; } - private static final Method getGroupsForUserMethod() { + private static Method getGroupsForUserMethod() { if (getGroupsForUser == null) { getGroupsForUser = getMethod("com.ibm.websphere.security.UserRegistry", "getGroupsForUser", new String[] { "java.lang.String" }); } return getGroupsForUser; } - private static final Method getSecurityNameMethod() { + private static Method getSecurityNameMethod() { if (getSecurityName == null) { getSecurityName = getMethod("com.ibm.websphere.security.cred.WSCredential", "getSecurityName", new String[] {}); } @@ -186,14 +188,14 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups } // SEC-803 - private static final Class getWSCredentialClass() { + private static Class getWSCredentialClass() { if (wsCredentialClass == null) { wsCredentialClass = getClass("com.ibm.websphere.security.cred.WSCredential"); } return wsCredentialClass; } - private static final Class getClass(String className) { + private static Class getClass(String className) { try { return Class.forName(className); } catch (ClassNotFoundException e) { diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/websphere/WebSphere2SpringSecurityPropagationInterceptor.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/websphere/WebSphere2SpringSecurityPropagationInterceptor.java index 7d72085d89..401522a1e6 100755 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/websphere/WebSphere2SpringSecurityPropagationInterceptor.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/websphere/WebSphere2SpringSecurityPropagationInterceptor.java @@ -54,7 +54,7 @@ public class WebSphere2SpringSecurityPropagationInterceptor implements MethodInt * using the pre-authenticated authentication provider. * @param aContext The context to use for building the authentication details. */ - private final void authenticateSpringSecurityWithWASCredentials(Object aContext) { + private void authenticateSpringSecurityWithWASCredentials(Object aContext) { Assert.notNull(authenticationManager); Assert.notNull(authenticationDetailsSource); diff --git a/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java b/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java index 4a4bce52f1..a33b2426b0 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java +++ b/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java @@ -43,10 +43,10 @@ public abstract class AbstractRememberMeServices implements RememberMeServices, //~ Instance fields ================================================================================================ protected final Log logger = LogFactory.getLog(getClass()); - protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); + protected final MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); private UserDetailsService userDetailsService; - private UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker(); + private final UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker(); private AuthenticationDetailsSource authenticationDetailsSource = new WebAuthenticationDetailsSource(); private String cookieName = SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY; @@ -125,9 +125,9 @@ public abstract class AbstractRememberMeServices implements RememberMeServices, return null; } - for (int i = 0; i < cookies.length; i++) { - if (cookieName.equals(cookies[i].getName())) { - return cookies[i].getValue(); + for (Cookie cookie : cookies) { + if (cookieName.equals(cookie.getName())) { + return cookie.getValue(); } } diff --git a/web/src/main/java/org/springframework/security/web/authentication/rememberme/InMemoryTokenRepositoryImpl.java b/web/src/main/java/org/springframework/security/web/authentication/rememberme/InMemoryTokenRepositoryImpl.java index 2961cafbdd..6078887ea0 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/rememberme/InMemoryTokenRepositoryImpl.java +++ b/web/src/main/java/org/springframework/security/web/authentication/rememberme/InMemoryTokenRepositoryImpl.java @@ -13,7 +13,7 @@ import java.util.Map; * @author Luke Taylor */ public class InMemoryTokenRepositoryImpl implements PersistentTokenRepository { - private Map seriesTokens = new HashMap(); + private final Map seriesTokens = new HashMap(); public synchronized void createNewToken(PersistentRememberMeToken token) { PersistentRememberMeToken current = seriesTokens.get(token.getSeries()); @@ -36,16 +36,16 @@ public class InMemoryTokenRepositoryImpl implements PersistentTokenRepository { } public synchronized PersistentRememberMeToken getTokenForSeries(String seriesId) { - return (PersistentRememberMeToken) seriesTokens.get(seriesId); + return seriesTokens.get(seriesId); } public synchronized void removeUserTokens(String username) { Iterator series = seriesTokens.keySet().iterator(); while (series.hasNext()) { - Object seriesId = series.next(); + String seriesId = series.next(); - PersistentRememberMeToken token = (PersistentRememberMeToken) seriesTokens.get(seriesId); + PersistentRememberMeToken token = seriesTokens.get(seriesId); if (username.equals(token.getUsername())) { series.remove(); diff --git a/web/src/main/java/org/springframework/security/web/authentication/rememberme/JdbcTokenRepositoryImpl.java b/web/src/main/java/org/springframework/security/web/authentication/rememberme/JdbcTokenRepositoryImpl.java index 7012b301b0..c6d1353130 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/rememberme/JdbcTokenRepositoryImpl.java +++ b/web/src/main/java/org/springframework/security/web/authentication/rememberme/JdbcTokenRepositoryImpl.java @@ -64,12 +64,11 @@ public class JdbcTokenRepositoryImpl extends JdbcDaoSupport implements Persisten } public void createNewToken(PersistentRememberMeToken token) { - insertToken.update( - new Object[] {token.getUsername(), token.getSeries(), token.getTokenValue(), token.getDate()}); + insertToken.update(token.getUsername(), token.getSeries(), token.getTokenValue(), token.getDate()); } public void updateToken(String series, String tokenValue, Date lastUsed) { - updateToken.update(new Object[] {tokenValue, new Date(), series}); + updateToken.update(tokenValue, new Date(), series); } /** @@ -83,7 +82,7 @@ public class JdbcTokenRepositoryImpl extends JdbcDaoSupport implements Persisten */ public PersistentRememberMeToken getTokenForSeries(String seriesId) { try { - return (PersistentRememberMeToken) tokensBySeriesMapping.findObject(seriesId); + return tokensBySeriesMapping.findObject(seriesId); } catch(IncorrectResultSizeDataAccessException moreThanOne) { logger.error("Querying token for series '" + seriesId + "' returned more than one value. Series" + " should be unique"); @@ -118,10 +117,7 @@ public class JdbcTokenRepositoryImpl extends JdbcDaoSupport implements Persisten } protected PersistentRememberMeToken mapRow(ResultSet rs, int rowNum) throws SQLException { - PersistentRememberMeToken token = - new PersistentRememberMeToken(rs.getString(1), rs.getString(2), rs.getString(3), rs.getTimestamp(4)); - - return token; + return new PersistentRememberMeToken(rs.getString(1), rs.getString(2), rs.getString(3), rs.getTimestamp(4)); } } diff --git a/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentRememberMeToken.java b/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentRememberMeToken.java index ebab6dabc0..7bf055679d 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentRememberMeToken.java +++ b/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentRememberMeToken.java @@ -6,10 +6,10 @@ import java.util.Date; * @author Luke Taylor */ public class PersistentRememberMeToken { - private String username; - private String series; - private String tokenValue; - private Date date; + private final String username; + private final String series; + private final String tokenValue; + private final Date date; public PersistentRememberMeToken(String username, String series, String tokenValue, Date date) { this.username = username; diff --git a/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java b/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java index 0442294da4..b48a5076d6 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java +++ b/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java @@ -112,9 +112,7 @@ public class PersistentTokenBasedRememberMeServices extends AbstractRememberMeSe throw new RememberMeAuthenticationException("Autologin failed due to data access problem"); } - UserDetails user = getUserDetailsService().loadUserByUsername(token.getUsername()); - - return user; + return getUserDetailsService().loadUserByUsername(token.getUsername()); } /** diff --git a/web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlStrategy.java b/web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlStrategy.java index ae9f14ce3f..3d84659aea 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlStrategy.java +++ b/web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlStrategy.java @@ -131,10 +131,10 @@ public class ConcurrentSessionControlStrategy extends SessionFixationProtectionS // Determine least recently used session, and mark it for invalidation SessionInformation leastRecentlyUsed = null; - for (int i = 0; i < sessions.size(); i++) { + for (SessionInformation session : sessions) { if ((leastRecentlyUsed == null) - || sessions.get(i).getLastRequest().before(leastRecentlyUsed.getLastRequest())) { - leastRecentlyUsed = sessions.get(i); + || session.getLastRequest().before(leastRecentlyUsed.getLastRequest())) { + leastRecentlyUsed = session; } } diff --git a/web/src/main/java/org/springframework/security/web/authentication/switchuser/AuthenticationSwitchUserEvent.java b/web/src/main/java/org/springframework/security/web/authentication/switchuser/AuthenticationSwitchUserEvent.java index b4361a91cd..ab68b457f0 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/switchuser/AuthenticationSwitchUserEvent.java +++ b/web/src/main/java/org/springframework/security/web/authentication/switchuser/AuthenticationSwitchUserEvent.java @@ -29,7 +29,7 @@ import org.springframework.security.core.userdetails.UserDetails; public class AuthenticationSwitchUserEvent extends AbstractAuthenticationEvent { //~ Instance fields ================================================================================================ - private UserDetails targetUser; + private final UserDetails targetUser; //~ Constructors =================================================================================================== diff --git a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilter.java b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilter.java index e140e49ffb..531d9ce8ac 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilter.java @@ -191,7 +191,7 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv * @throws CredentialsExpiredException If the target user credentials are expired. */ protected Authentication attemptSwitchUser(HttpServletRequest request) throws AuthenticationException { - UsernamePasswordAuthenticationToken targetUserRequest = null; + UsernamePasswordAuthenticationToken targetUserRequest; String username = request.getParameter(SPRING_SECURITY_SWITCH_USERNAME_KEY); diff --git a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java index a8d2a85089..fc75161e54 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java +++ b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java @@ -31,7 +31,7 @@ public class SwitchUserGrantedAuthority extends GrantedAuthorityImpl { //~ Instance fields ================================================================================================ private static final long serialVersionUID = 1L; - private Authentication source; + private final Authentication source; //~ Constructors =================================================================================================== diff --git a/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthUtils.java b/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthUtils.java index 9bb5edf2cd..db34b4cb4b 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthUtils.java +++ b/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthUtils.java @@ -17,9 +17,8 @@ final class DigestAuthUtils { static String encodePasswordInA1Format(String username, String realm, String password) { String a1 = username + ":" + realm + ":" + password; - String a1Md5 = md5Hex(a1); - return a1Md5; + return md5Hex(a1); } static String[] splitIgnoringQuotes(String str, char separatorChar) { @@ -91,7 +90,7 @@ final class DigestAuthUtils { static String generateDigest(boolean passwordAlreadyEncoded, String username, String realm, String password, String httpMethod, String uri, String qop, String nonce, String nc, String cnonce) throws IllegalArgumentException { - String a1Md5 = null; + String a1Md5; String a2 = httpMethod + ":" + uri; String a2Md5 = md5Hex(a2); @@ -113,9 +112,7 @@ final class DigestAuthUtils { throw new IllegalArgumentException("This method does not support a qop: '" + qop + "'"); } - String digestMd5 = new String(md5Hex(digest)); - - return digestMd5; + return md5Hex(digest); } /** @@ -138,13 +135,13 @@ final class DigestAuthUtils { Map map = new HashMap(); - for (int i = 0; i < array.length; i++) { + for (String s : array) { String postRemove; if (removeCharacters == null) { - postRemove = array[i]; + postRemove = s; } else { - postRemove = StringUtils.replace(array[i], removeCharacters, ""); + postRemove = StringUtils.replace(s, removeCharacters, ""); } String[] splitThisArrayElement = split(postRemove, delimiter); diff --git a/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthenticationEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthenticationEntryPoint.java index 1ddd9c4ee2..0b5d169fae 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthenticationEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthenticationEntryPoint.java @@ -82,7 +82,7 @@ public class DigestAuthenticationEntryPoint implements AuthenticationEntryPoint, // format of nonce is: // base64(expirationTime + ":" + md5Hex(expirationTime + ":" + key)) long expiryTime = System.currentTimeMillis() + (nonceValiditySeconds * 1000); - String signatureValue = new String(DigestAuthUtils.md5Hex(expiryTime + ":" + key)); + String signatureValue = DigestAuthUtils.md5Hex(expiryTime + ":" + key); String nonceValue = expiryTime + ":" + signatureValue; String nonceValueBase64 = new String(Base64.encode(nonceValue.getBytes())); diff --git a/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilter.java b/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilter.java index fb23ffacda..eb88cdcb86 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilter.java @@ -291,15 +291,15 @@ public class DigestAuthenticationFilter extends GenericFilterBean implements Mes } private class DigestData { - private String username; - private String realm; - private String nonce; - private String uri; - private String response; - private String qop; - private String nc; - private String cnonce; - private String section212response; + private final String username; + private final String realm; + private final String nonce; + private final String uri; + private final String response; + private final String qop; + private final String nc; + private final String cnonce; + private final String section212response; private long nonceExpiryTime; DigestData(String header) { diff --git a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java index a3706c2534..4cf3e4250e 100644 --- a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java +++ b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java @@ -57,13 +57,13 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo protected final Log logger = LogFactory.getLog(this.getClass()); - private Class securityContextClass = null; + private final Class securityContextClass = null; /** SecurityContext instance used to check for equality with default (unauthenticated) content */ - private Object contextObject = SecurityContextHolder.createEmptyContext(); + private final Object contextObject = SecurityContextHolder.createEmptyContext(); private boolean allowSessionCreation = true; private boolean disableUrlRewriting = false; - private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl(); + private final AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl(); /** * Gets the security context for the current request (if available) and returns it. @@ -227,10 +227,10 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo */ final class SaveToSessionResponseWrapper extends SaveContextOnUpdateOrErrorResponseWrapper { - private HttpServletRequest request; - private boolean httpSessionExistedAtStartOfRequest; - private SecurityContext contextBeforeExecution; - private Authentication authBeforeExecution; + private final HttpServletRequest request; + private final boolean httpSessionExistedAtStartOfRequest; + private final SecurityContext contextBeforeExecution; + private final Authentication authBeforeExecution; /** * Takes the parameters required to call saveContext() successfully in diff --git a/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java b/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java index c5c1670a70..cd38e7d765 100644 --- a/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java +++ b/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java @@ -25,7 +25,7 @@ public abstract class SaveContextOnUpdateOrErrorResponseWrapper extends HttpServ private boolean contextSaved = false; /* See SEC-1052 */ - private boolean disableUrlRewriting; + private final boolean disableUrlRewriting; /** * @param response the response to be wrapped diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java b/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java index ef082062d9..df4c922527 100644 --- a/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java +++ b/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java @@ -62,20 +62,20 @@ public class DefaultSavedRequest implements SavedRequest { //~ Instance fields ================================================================================================ - private ArrayList cookies = new ArrayList(); - private ArrayList locales = new ArrayList(); - private Map> headers = new TreeMap>(String.CASE_INSENSITIVE_ORDER); - private Map parameters = new TreeMap(String.CASE_INSENSITIVE_ORDER); - private String contextPath; - private String method; - private String pathInfo; - private String queryString; - private String requestURI; - private String requestURL; - private String scheme; - private String serverName; - private String servletPath; - private int serverPort; + private final ArrayList cookies = new ArrayList(); + private final ArrayList locales = new ArrayList(); + private final Map> headers = new TreeMap>(String.CASE_INSENSITIVE_ORDER); + private final Map parameters = new TreeMap(String.CASE_INSENSITIVE_ORDER); + private final String contextPath; + private final String method; + private final String pathInfo; + private final String queryString; + private final String requestURI; + private final String requestURL; + private final String scheme; + private final String serverName; + private final String servletPath; + private final int serverPort; //~ Constructors =================================================================================================== @@ -88,8 +88,8 @@ public class DefaultSavedRequest implements SavedRequest { Cookie[] cookies = request.getCookies(); if (cookies != null) { - for (int i = 0; i < cookies.length; i++) { - this.addCookie(cookies[i]); + for (Cookie cookie : cookies) { + this.addCookie(cookie); } } @@ -216,11 +216,8 @@ public class DefaultSavedRequest implements SavedRequest { return false; } - if (!propertyEquals("servletPath", this.servletPath, request.getServletPath())) { - return false; - } + return propertyEquals("servletPath", this.servletPath, request.getServletPath()); - return true; } public String getContextPath() { @@ -321,7 +318,7 @@ public class DefaultSavedRequest implements SavedRequest { return true; } - if (((arg1 == null) && (arg2 != null)) || ((arg1 != null) && (arg2 == null))) { + if (arg1 == null || arg2 == null) { if (logger.isDebugEnabled()) { logger.debug(log + ": arg1=" + arg1 + "; arg2=" + arg2 + " (property not equals)"); } diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/FastHttpDateFormat.java b/web/src/main/java/org/springframework/security/web/savedrequest/FastHttpDateFormat.java index 136d2a82a0..50b2c4973d 100644 --- a/web/src/main/java/org/springframework/security/web/savedrequest/FastHttpDateFormat.java +++ b/web/src/main/java/org/springframework/security/web/savedrequest/FastHttpDateFormat.java @@ -79,19 +79,19 @@ public class FastHttpDateFormat { * * @return Formatted date */ - public static final String formatDate(long value, DateFormat threadLocalformat) { + public static String formatDate(long value, DateFormat threadLocalformat) { String cachedDate = null; - Long longValue = new Long(value); + Long longValue = Long.valueOf(value); try { cachedDate = formatCache.get(longValue); - } catch (Exception e) {} + } catch (Exception ignored) {} if (cachedDate != null) { return cachedDate; } - String newDate = null; + String newDate; Date dateValue = new Date(value); if (threadLocalformat != null) { @@ -115,7 +115,7 @@ public class FastHttpDateFormat { * * @return Current date in HTTP format */ - public static final String getCurrentDate() { + public static String getCurrentDate() { long now = System.currentTimeMillis(); if ((now - currentDateGenerated) > 1000) { @@ -144,8 +144,7 @@ public class FastHttpDateFormat { for (int i = 0; (date == null) && (i < formats.length); i++) { try { date = formats[i].parse(value); - } catch (ParseException e) { - ; + } catch (ParseException ignored) { } } @@ -165,18 +164,18 @@ public class FastHttpDateFormat { * * @return Parsed date (or -1 if error occurred) */ - public static final long parseDate(String value, DateFormat[] threadLocalformats) { + public static long parseDate(String value, DateFormat[] threadLocalformats) { Long cachedDate = null; try { cachedDate = (Long) parseCache.get(value); - } catch (Exception e) {} + } catch (Exception ignored) {} if (cachedDate != null) { return cachedDate.longValue(); } - Long date = null; + Long date; if (threadLocalformats != null) { date = internalParseDate(value, threadLocalformats); diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/SavedCookie.java b/web/src/main/java/org/springframework/security/web/savedrequest/SavedCookie.java index 6730c6798a..61edc16fc7 100644 --- a/web/src/main/java/org/springframework/security/web/savedrequest/SavedCookie.java +++ b/web/src/main/java/org/springframework/security/web/savedrequest/SavedCookie.java @@ -9,14 +9,14 @@ import java.io.Serializable; * @author Ray Krueger */ public class SavedCookie implements Serializable { - private java.lang.String name; - private java.lang.String value; - private java.lang.String comment; - private java.lang.String domain; - private int maxAge; - private java.lang.String path; - private boolean secure; - private int version; + private final java.lang.String name; + private final java.lang.String value; + private final java.lang.String comment; + private final java.lang.String domain; + private final int maxAge; + private final java.lang.String path; + private final boolean secure; + private final int version; public SavedCookie(String name, String value, String comment, String domain, int maxAge, String path, boolean secure, int version) { this.name = name; diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/SavedRequestAwareWrapper.java b/web/src/main/java/org/springframework/security/web/savedrequest/SavedRequestAwareWrapper.java index 180f766dc6..32826a6ae5 100644 --- a/web/src/main/java/org/springframework/security/web/savedrequest/SavedRequestAwareWrapper.java +++ b/web/src/main/java/org/springframework/security/web/savedrequest/SavedRequestAwareWrapper.java @@ -66,7 +66,7 @@ class SavedRequestAwareWrapper extends HttpServletRequestWrapper { * The set of SimpleDateFormat formats to use in getDateHeader(). Notice that because SimpleDateFormat is * not thread-safe, we can't declare formats[] as a static variable. */ - protected SimpleDateFormat[] formats = new SimpleDateFormat[3]; + protected final SimpleDateFormat[] formats = new SimpleDateFormat[3]; //~ Constructors =================================================================================================== @@ -238,9 +238,9 @@ class SavedRequestAwareWrapper extends HttpServletRequestWrapper { List combinedParams = new ArrayList(wrappedParamsList); // We want to add all parameters of the saved request *apart from* duplicates of those already added - for (int i = 0; i < savedRequestParams.length; i++) { - if (!wrappedParamsList.contains(savedRequestParams[i])) { - combinedParams.add(savedRequestParams[i]); + for (String savedRequestParam : savedRequestParams) { + if (!wrappedParamsList.contains(savedRequestParam)) { + combinedParams.add(savedRequestParam); } } diff --git a/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java b/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java index baf4276fc1..8a8c5221c7 100644 --- a/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java +++ b/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java @@ -45,13 +45,13 @@ import org.springframework.security.core.userdetails.UserDetails; public class SecurityContextHolderAwareRequestWrapper extends HttpServletRequestWrapper { //~ Instance fields ================================================================================================ - private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl(); + private final AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl(); /** * The prefix passed by the filter. It will be prepended to any supplied role values before * comparing it with the roles obtained from the security context. */ - private String rolePrefix; + private final String rolePrefix; //~ Constructors =================================================================================================== diff --git a/web/src/main/java/org/springframework/security/web/session/ConcurrentSessionFilter.java b/web/src/main/java/org/springframework/security/web/session/ConcurrentSessionFilter.java index e907ff208c..ec0c9c90de 100644 --- a/web/src/main/java/org/springframework/security/web/session/ConcurrentSessionFilter.java +++ b/web/src/main/java/org/springframework/security/web/session/ConcurrentSessionFilter.java @@ -116,8 +116,8 @@ public class ConcurrentSessionFilter extends GenericFilterBean { private void doLogout(HttpServletRequest request, HttpServletResponse response) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); - for (int i = 0; i < handlers.length; i++) { - handlers[i].logout(request, response, auth); + for (LogoutHandler handler : handlers) { + handler.logout(request, response, auth); } } diff --git a/web/src/main/java/org/springframework/security/web/session/SessionManagementFilter.java b/web/src/main/java/org/springframework/security/web/session/SessionManagementFilter.java index e30830e39a..48f682283e 100644 --- a/web/src/main/java/org/springframework/security/web/session/SessionManagementFilter.java +++ b/web/src/main/java/org/springframework/security/web/session/SessionManagementFilter.java @@ -42,7 +42,7 @@ public class SessionManagementFilter extends GenericFilterBean { private final SecurityContextRepository securityContextRepository; private SessionAuthenticationStrategy sessionStrategy = new SessionFixationProtectionStrategy(); - private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl(); + private final AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl(); private String invalidSessionUrl; private AuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler(); private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); diff --git a/web/src/main/java/org/springframework/security/web/util/ELRequestMatcher.java b/web/src/main/java/org/springframework/security/web/util/ELRequestMatcher.java index 9a2f751e99..e096e94f67 100644 --- a/web/src/main/java/org/springframework/security/web/util/ELRequestMatcher.java +++ b/web/src/main/java/org/springframework/security/web/util/ELRequestMatcher.java @@ -39,7 +39,7 @@ import org.springframework.security.web.authentication.DelegatingAuthenticationE */ public class ELRequestMatcher implements RequestMatcher { - private Expression expression; + private final Expression expression; public ELRequestMatcher(String el) { SpelExpressionParser parser = new SpelExpressionParser(); diff --git a/web/src/main/java/org/springframework/security/web/util/ELRequestMatcherContext.java b/web/src/main/java/org/springframework/security/web/util/ELRequestMatcherContext.java index b675e30f5f..ab6fa70e84 100644 --- a/web/src/main/java/org/springframework/security/web/util/ELRequestMatcherContext.java +++ b/web/src/main/java/org/springframework/security/web/util/ELRequestMatcherContext.java @@ -22,7 +22,7 @@ import org.springframework.util.StringUtils; class ELRequestMatcherContext { - private HttpServletRequest request; + private final HttpServletRequest request; public ELRequestMatcherContext(HttpServletRequest request) { this.request = request; @@ -34,7 +34,7 @@ class ELRequestMatcherContext { public boolean hasHeader(String headerName, String value) { String header = request.getHeader(headerName); - if (StringUtils.hasText(header) == false) { + if (!StringUtils.hasText(header)) { return false; } diff --git a/web/src/main/java/org/springframework/security/web/util/TextEscapeUtils.java b/web/src/main/java/org/springframework/security/web/util/TextEscapeUtils.java index b339c4a542..fdd9943533 100644 --- a/web/src/main/java/org/springframework/security/web/util/TextEscapeUtils.java +++ b/web/src/main/java/org/springframework/security/web/util/TextEscapeUtils.java @@ -9,7 +9,7 @@ package org.springframework.security.web.util; */ public abstract class TextEscapeUtils { - public final static String escapeEntities(String s) { + public static String escapeEntities(String s) { if (s == null || s.length() == 0) { return s; } diff --git a/web/src/main/java/org/springframework/security/web/util/ThrowableAnalyzer.java b/web/src/main/java/org/springframework/security/web/util/ThrowableAnalyzer.java index f201d29741..a03938c0f2 100755 --- a/web/src/main/java/org/springframework/security/web/util/ThrowableAnalyzer.java +++ b/web/src/main/java/org/springframework/security/web/util/ThrowableAnalyzer.java @@ -198,9 +198,7 @@ public class ThrowableAnalyzer { */ public final Throwable getFirstThrowableOfType(Class throwableType, Throwable[] chain) { if (chain != null) { - for (int i = 0; i < chain.length; ++i) { - Throwable t = chain[i]; - + for (Throwable t : chain) { if ((t != null) && throwableType.isInstance(t)) { return t; } @@ -223,7 +221,7 @@ public class ThrowableAnalyzer { * @throws IllegalArgumentException if throwable is either null * or its type is not assignable to expectedBaseType */ - public static final void verifyThrowableHierarchy(Throwable throwable, Class expectedBaseType) { + public static void verifyThrowableHierarchy(Throwable throwable, Class expectedBaseType) { if (expectedBaseType == null) { return; }