Add UsernamePasswordAuthenticationToken factory methods

- unauthenticated factory method - authenticated factory method - test for unauthenticated factory method - test for authenticated factory method - make existing constructor protected - use newly factory methods in rest of the project - update copyright dates Closes gh-10790
2026-05-22 21:33:16 +00:00 · 2022-03-08 11:33:13 +01:00
parent 28c7a4be11
commit abd33389be
88 changed files with 439 additions and 346 deletions
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2016 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -35,7 +35,7 @@ public class PythonInterpreterBasedSecurityTests {
 	@Test
 	public void serviceMethod() {
 		SecurityContextHolder.getContext()
-				.setAuthentication(new UsernamePasswordAuthenticationToken("bob", "bobspassword"));
+				.setAuthentication(UsernamePasswordAuthenticationToken.unauthenticated("bob", "bobspassword"));

 		// for (int i=0; i < 1000; i++) {
 		this.service.someMethod();
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2016 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -58,7 +58,7 @@ public class FilterChainPerformanceTests {

 	private static StopWatch sw = new StopWatch("Filter Chain Performance Tests");

-	private final UsernamePasswordAuthenticationToken user = new UsernamePasswordAuthenticationToken("bob",
+	private final UsernamePasswordAuthenticationToken user = UsernamePasswordAuthenticationToken.authenticated("bob",
 			"bobspassword", createRoles(N_AUTHORITIES));

 	private HttpSession session;
@@ -129,8 +129,8 @@ public class FilterChainPerformanceTests {
 		StopWatch sw = new StopWatch("Scaling with nAuthorities");
 		for (int user = 0; user < N_AUTHORITIES / 10; user++) {
 			int nAuthorities = (user != 0) ? user * 10 : 1;
-			SecurityContextHolder.getContext().setAuthentication(
-					new UsernamePasswordAuthenticationToken("bob", "bobspassword", createRoles(nAuthorities)));
+			SecurityContextHolder.getContext().setAuthentication(UsernamePasswordAuthenticationToken
+					.authenticated("bob", "bobspassword", createRoles(nAuthorities)));
 			this.session.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
 					SecurityContextHolder.getContext());
 			SecurityContextHolder.clearContext();
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -117,7 +117,7 @@ public class SecurityContextHolderMTTests extends TestCase{
 			} else if (expectAllThreadsToUseIdenticalAuthentication) {
 				// A global
 				SecurityContextHolder.getContext()
-									.setAuthentication(new UsernamePasswordAuthenticationToken("GLOBAL_USERNAME",
+									.setAuthentication(UsernamePasswordAuthenticationToken.unauthenticated("GLOBAL_USERNAME",
 						"pass"));

 				for (int i = 0; i < threads.length; i++) {
@@ -182,7 +182,7 @@ public class SecurityContextHolderMTTests extends TestCase{
 			public void run() {
 					if (injectAuthIntoCurrentThread) {
 						// Set authentication in this thread
-						SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(
+						SecurityContextHolder.getContext().setAuthentication(UsernamePasswordAuthenticationToken.authenticated(
 								expectedUsername, "pass"));

 						//System.out.println(threadIdentifier + " - set to " + SecurityContextHolder.getContext().getAuthentication());