From d5b7ce69ccd96fbc19163d9c3225822457e8732c Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Mon, 11 May 2009 05:35:20 +0000 Subject: [PATCH] SEC-1158: Decoupling of Pre/Post annotations implementation from Spring EL. --- .../DefaultWebSecurityExpressionHandler.java | 4 +-- ...ilterInvocationSecurityMetadataSource.java | 2 +- .../WebExpressionConfigAttribute.java | 2 +- .../access/expression/WebExpressionVoter.java | 4 +-- .../expression/WebSecurityExpressionRoot.java | 4 +-- ...ilterInvocationSecurityMetadataSource.java | 2 +- .../intercept/FilterSecurityInterceptor.java | 2 +- ...AuthenticationTargetUrlRequestHandler.java | 2 +- .../AuthenticationFailureHandler.java | 2 +- .../AuthenticationSuccessHandler.java | 2 +- ...onMappingAuthenticationFailureHandler.java | 2 +- ...uestAwareAuthenticationSuccessHandler.java | 2 +- ...SimpleUrlAuthenticationFailureHandler.java | 2 +- .../logout/LogoutSuccessHandler.java | 2 +- .../logout/SimpleUrlLogoutSuccessHandler.java | 2 +- .../context/HttpRequestResponseHolder.java | 2 +- .../HttpSessionSecurityContextRepository.java | 2 +- ...ContextOnUpdateOrErrorResponseWrapper.java | 2 +- .../SecurityContextPersistenceFilter.java | 2 +- .../context/SecurityContextRepository.java | 2 +- .../WebSecurityExpressionRootTests.java | 2 +- .../AnonymousProcessingFilterTests.java | 27 ++++++++----------- ...DefaultLoginPageGeneratingFilterTests.java | 2 +- 23 files changed, 36 insertions(+), 41 deletions(-) diff --git a/web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java b/web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java index e21d529118..7c23543abd 100644 --- a/web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java @@ -4,7 +4,7 @@ import org.springframework.expression.EvaluationContext; import org.springframework.expression.ExpressionParser; import org.springframework.expression.spel.antlr.SpelAntlrExpressionParser; import org.springframework.expression.spel.support.StandardEvaluationContext; -import org.springframework.security.access.expression.support.SecurityExpressionRoot; +import org.springframework.security.access.expression.SecurityExpressionRoot; import org.springframework.security.authentication.AuthenticationTrustResolver; import org.springframework.security.authentication.AuthenticationTrustResolverImpl; import org.springframework.security.core.Authentication; @@ -16,7 +16,7 @@ import org.springframework.security.web.FilterInvocation; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class DefaultWebSecurityExpressionHandler implements WebSecurityExpressionHandler { diff --git a/web/src/main/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java b/web/src/main/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java index de6a7cc15e..1d67337dd3 100644 --- a/web/src/main/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java @@ -20,7 +20,7 @@ import org.springframework.util.Assert; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public final class ExpressionBasedFilterInvocationSecurityMetadataSource extends DefaultFilterInvocationSecurityMetadataSource { private final static Log logger = LogFactory.getLog(ExpressionBasedFilterInvocationSecurityMetadataSource.class); diff --git a/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java index ebbd9ab355..e950338f97 100644 --- a/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java @@ -8,7 +8,7 @@ import org.springframework.security.access.ConfigAttribute; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ class WebExpressionConfigAttribute implements ConfigAttribute { private final Expression authorizeExpression; diff --git a/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionVoter.java b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionVoter.java index 88c0a7e778..4b2461a7c0 100644 --- a/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionVoter.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionVoter.java @@ -3,9 +3,9 @@ package org.springframework.security.web.access.expression; import java.util.List; import org.springframework.expression.EvaluationContext; +import org.springframework.security.access.AccessDecisionVoter; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.expression.ExpressionUtils; -import org.springframework.security.access.vote.AccessDecisionVoter; import org.springframework.security.core.Authentication; import org.springframework.security.web.FilterInvocation; @@ -13,7 +13,7 @@ import org.springframework.security.web.FilterInvocation; * Voter which handles web authorisation decisions. * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class WebExpressionVoter implements AccessDecisionVoter { private WebSecurityExpressionHandler expressionHandler = new DefaultWebSecurityExpressionHandler(); diff --git a/web/src/main/java/org/springframework/security/web/access/expression/WebSecurityExpressionRoot.java b/web/src/main/java/org/springframework/security/web/access/expression/WebSecurityExpressionRoot.java index 34aa53f1bc..82f33a5a05 100644 --- a/web/src/main/java/org/springframework/security/web/access/expression/WebSecurityExpressionRoot.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/WebSecurityExpressionRoot.java @@ -4,7 +4,7 @@ import java.net.InetAddress; import java.net.UnknownHostException; import java.util.Arrays; -import org.springframework.security.access.expression.support.SecurityExpressionRoot; +import org.springframework.security.access.expression.SecurityExpressionRoot; import org.springframework.security.core.Authentication; import org.springframework.security.web.FilterInvocation; import org.springframework.util.StringUtils; @@ -13,7 +13,7 @@ import org.springframework.util.StringUtils; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ class WebSecurityExpressionRoot extends SecurityExpressionRoot { private FilterInvocation filterInvocation; diff --git a/web/src/main/java/org/springframework/security/web/access/intercept/FilterInvocationSecurityMetadataSource.java b/web/src/main/java/org/springframework/security/web/access/intercept/FilterInvocationSecurityMetadataSource.java index 7da006b5af..b3fb6609ce 100644 --- a/web/src/main/java/org/springframework/security/web/access/intercept/FilterInvocationSecurityMetadataSource.java +++ b/web/src/main/java/org/springframework/security/web/access/intercept/FilterInvocationSecurityMetadataSource.java @@ -15,7 +15,7 @@ package org.springframework.security.web.access.intercept; -import org.springframework.security.access.intercept.SecurityMetadataSource; +import org.springframework.security.access.SecurityMetadataSource; import org.springframework.security.web.FilterInvocation; diff --git a/web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java b/web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java index 23e816b09e..9bbe141328 100644 --- a/web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java +++ b/web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java @@ -15,9 +15,9 @@ package org.springframework.security.web.access.intercept; +import org.springframework.security.access.SecurityMetadataSource; import org.springframework.security.access.intercept.AbstractSecurityInterceptor; import org.springframework.security.access.intercept.InterceptorStatusToken; -import org.springframework.security.access.intercept.SecurityMetadataSource; import org.springframework.security.web.FilterChainOrder; import org.springframework.security.web.FilterInvocation; import org.springframework.core.Ordered; diff --git a/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java b/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java index 3348fd5a37..0c7bd415bc 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java @@ -41,7 +41,7 @@ import org.springframework.util.StringUtils; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public abstract class AbstractAuthenticationTargetUrlRequestHandler { diff --git a/web/src/main/java/org/springframework/security/web/authentication/AuthenticationFailureHandler.java b/web/src/main/java/org/springframework/security/web/authentication/AuthenticationFailureHandler.java index 5f7c307b2a..c4c307132f 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/AuthenticationFailureHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/AuthenticationFailureHandler.java @@ -19,7 +19,7 @@ import org.springframework.security.core.AuthenticationException; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public interface AuthenticationFailureHandler { diff --git a/web/src/main/java/org/springframework/security/web/authentication/AuthenticationSuccessHandler.java b/web/src/main/java/org/springframework/security/web/authentication/AuthenticationSuccessHandler.java index 8fd855f23a..3735d6cbf5 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/AuthenticationSuccessHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/AuthenticationSuccessHandler.java @@ -18,7 +18,7 @@ import org.springframework.security.core.Authentication; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 * @see */ public interface AuthenticationSuccessHandler { diff --git a/web/src/main/java/org/springframework/security/web/authentication/ExceptionMappingAuthenticationFailureHandler.java b/web/src/main/java/org/springframework/security/web/authentication/ExceptionMappingAuthenticationFailureHandler.java index 169c17cd4a..a51e39cb2c 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/ExceptionMappingAuthenticationFailureHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/ExceptionMappingAuthenticationFailureHandler.java @@ -24,7 +24,7 @@ import org.springframework.util.Assert; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class ExceptionMappingAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler { private Map failureUrlMap = new HashMap(); diff --git a/web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java b/web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java index e333fed821..01d5fda26c 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java @@ -46,7 +46,7 @@ import org.springframework.util.StringUtils; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class SavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler { diff --git a/web/src/main/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationFailureHandler.java b/web/src/main/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationFailureHandler.java index 5989be1cb2..5b86f4f453 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationFailureHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationFailureHandler.java @@ -22,7 +22,7 @@ import org.springframework.util.Assert; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class SimpleUrlAuthenticationFailureHandler implements AuthenticationFailureHandler { private String defaultFailureUrl; diff --git a/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutSuccessHandler.java b/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutSuccessHandler.java index 1999d7dafd..f154784b2e 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutSuccessHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutSuccessHandler.java @@ -18,7 +18,7 @@ import org.springframework.security.core.Authentication; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public interface LogoutSuccessHandler { diff --git a/web/src/main/java/org/springframework/security/web/authentication/logout/SimpleUrlLogoutSuccessHandler.java b/web/src/main/java/org/springframework/security/web/authentication/logout/SimpleUrlLogoutSuccessHandler.java index 0e64dcefb4..c5fffd87d5 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/logout/SimpleUrlLogoutSuccessHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/logout/SimpleUrlLogoutSuccessHandler.java @@ -15,7 +15,7 @@ import org.springframework.security.web.authentication.AbstractAuthenticationTar * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class SimpleUrlLogoutSuccessHandler extends AbstractAuthenticationTargetUrlRequestHandler implements LogoutSuccessHandler { diff --git a/web/src/main/java/org/springframework/security/web/context/HttpRequestResponseHolder.java b/web/src/main/java/org/springframework/security/web/context/HttpRequestResponseHolder.java index 55e84eb4a9..6cc1b74783 100644 --- a/web/src/main/java/org/springframework/security/web/context/HttpRequestResponseHolder.java +++ b/web/src/main/java/org/springframework/security/web/context/HttpRequestResponseHolder.java @@ -10,7 +10,7 @@ import javax.servlet.http.HttpServletResponse; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class HttpRequestResponseHolder { HttpServletRequest request; diff --git a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java index 80f218f6db..8291042095 100644 --- a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java +++ b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java @@ -53,7 +53,7 @@ import org.springframework.util.ReflectionUtils; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class HttpSessionSecurityContextRepository implements SecurityContextRepository { public static final String SPRING_SECURITY_CONTEXT_KEY = "SPRING_SECURITY_CONTEXT"; diff --git a/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java b/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java index d43084075a..5bac8a19bb 100644 --- a/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java +++ b/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java @@ -20,7 +20,7 @@ import org.springframework.security.core.context.SecurityContextHolder; * @author Luke Taylor * @author Marten Algesten * @version $Id$ - * @since 2.5 + * @since 3.0 */ public abstract class SaveContextOnUpdateOrErrorResponseWrapper extends HttpServletResponseWrapper { diff --git a/web/src/main/java/org/springframework/security/web/context/SecurityContextPersistenceFilter.java b/web/src/main/java/org/springframework/security/web/context/SecurityContextPersistenceFilter.java index 1d21884b67..158c225035 100644 --- a/web/src/main/java/org/springframework/security/web/context/SecurityContextPersistenceFilter.java +++ b/web/src/main/java/org/springframework/security/web/context/SecurityContextPersistenceFilter.java @@ -36,7 +36,7 @@ import org.springframework.security.web.SpringSecurityFilter; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class SecurityContextPersistenceFilter extends SpringSecurityFilter { diff --git a/web/src/main/java/org/springframework/security/web/context/SecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/context/SecurityContextRepository.java index a31ba1b51b..b90d4f438a 100644 --- a/web/src/main/java/org/springframework/security/web/context/SecurityContextRepository.java +++ b/web/src/main/java/org/springframework/security/web/context/SecurityContextRepository.java @@ -17,7 +17,7 @@ import org.springframework.security.core.context.SecurityContext; * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 * * @see SecurityContextPersistenceFilter * @see HttpSessionSecurityContextRepository diff --git a/web/src/test/java/org/springframework/security/web/access/expression/WebSecurityExpressionRootTests.java b/web/src/test/java/org/springframework/security/web/access/expression/WebSecurityExpressionRootTests.java index ddc57e88d6..2e23167c83 100644 --- a/web/src/test/java/org/springframework/security/web/access/expression/WebSecurityExpressionRootTests.java +++ b/web/src/test/java/org/springframework/security/web/access/expression/WebSecurityExpressionRootTests.java @@ -17,7 +17,7 @@ import org.springframework.security.web.access.expression.WebSecurityExpressionR * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class WebSecurityExpressionRootTests { diff --git a/web/src/test/java/org/springframework/security/web/authentication/AnonymousProcessingFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/AnonymousProcessingFilterTests.java index 43a71c6dd1..f770a64ac6 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/AnonymousProcessingFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/AnonymousProcessingFilterTests.java @@ -16,22 +16,6 @@ package org.springframework.security.web.authentication; import static org.mockito.Mockito.mock; -import junit.framework.TestCase; - -import org.springframework.security.MockFilterConfig; - -import org.springframework.security.authentication.TestingAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.memory.UserAttribute; - - -import org.springframework.security.web.authentication.AnonymousProcessingFilter; - -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; import java.io.IOException; @@ -42,6 +26,17 @@ import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; +import junit.framework.TestCase; + +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.security.authentication.TestingAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.memory.UserAttribute; + /** * Tests {@link AnonymousProcessingFilter}. diff --git a/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java index 205c1d970d..9fbb86a04a 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java @@ -23,7 +23,7 @@ import org.springframework.security.web.authentication.ui.DefaultLoginPageGenera * * @author Luke Taylor * @version $Id$ - * @since 2.5 + * @since 3.0 */ public class DefaultLoginPageGeneratingFilterTests { FilterChain chain = mock(FilterChain.class);