Compare commits
23 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 081f0c4d94 | |||
| 247f54dc41 | |||
| 017e9834bd | |||
| 49719480a8 | |||
| f3edaa673a | |||
| f99fe36e02 | |||
| 546d44d6e7 | |||
| 901a4e183a | |||
| 72d08a2a5f | |||
| 2ac51c9c7f | |||
| b64cdb5765 | |||
| aa31f1f695 | |||
| 8353984733 | |||
| c31bdb6390 | |||
| 168f4b8f70 | |||
| 9c03571bbb | |||
| 4c79107e01 | |||
| 3f543d0fbd | |||
| 08104eb06c | |||
| b54d350e54 | |||
| b5e0886bde | |||
| 38492a5794 | |||
| b7541d56d0 |
+2
-2
@@ -29,9 +29,9 @@ In the instructions below, http://vimeo.com/34436402[`./gradlew`] is invoked fro
|
||||
a cross-platform, self-contained bootstrap mechanism for the build.
|
||||
|
||||
=== Prerequisites
|
||||
http://help.github.com/set-up-git-redirect[Git] and the http://www.oracle.com/technetwork/java/javase/downloads[JDK7 build].
|
||||
http://help.github.com/set-up-git-redirect[Git] and the http://www.oracle.com/technetwork/java/javase/downloads[JDK8 build].
|
||||
|
||||
Be sure that your `JAVA_HOME` environment variable points to the `jdk1.7.0` folder extracted from the JDK download.
|
||||
Be sure that your `JAVA_HOME` environment variable points to the `jdk1.8.0` folder extracted from the JDK download.
|
||||
|
||||
=== Check out sources
|
||||
[indent=0]
|
||||
|
||||
+2
-2
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-acl</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-acl</name>
|
||||
<description>spring-security-acl</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -51,7 +51,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
+6
-5
@@ -26,6 +26,8 @@ import org.springframework.security.acls.model.Acl;
|
||||
import org.springframework.security.acls.model.AclService;
|
||||
import org.springframework.security.acls.model.ObjectIdentity;
|
||||
import org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy;
|
||||
import org.springframework.security.acls.model.Permission;
|
||||
import org.springframework.security.acls.model.Sid;
|
||||
import org.springframework.security.acls.model.SidRetrievalStrategy;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
||||
@@ -37,7 +39,6 @@ import org.springframework.security.core.Authentication;
|
||||
public class AclPermissionEvaluatorTests {
|
||||
|
||||
@Test
|
||||
@SuppressWarnings("unchecked")
|
||||
public void hasPermissionReturnsTrueIfAclGrantsPermission() throws Exception {
|
||||
AclService service = mock(AclService.class);
|
||||
AclPermissionEvaluator pe = new AclPermissionEvaluator(service);
|
||||
@@ -48,8 +49,8 @@ public class AclPermissionEvaluatorTests {
|
||||
pe.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class));
|
||||
Acl acl = mock(Acl.class);
|
||||
|
||||
when(service.readAclById(any(ObjectIdentity.class), anyList())).thenReturn(acl);
|
||||
when(acl.isGranted(anyList(), anyList(), eq(false))).thenReturn(true);
|
||||
when(service.readAclById(any(ObjectIdentity.class), anyListOf(Sid.class))).thenReturn(acl);
|
||||
when(acl.isGranted(anyListOf(Permission.class), anyListOf(Sid.class), eq(false))).thenReturn(true);
|
||||
|
||||
assertThat(pe.hasPermission(mock(Authentication.class), new Object(), "READ")).isTrue();
|
||||
}
|
||||
@@ -68,8 +69,8 @@ public class AclPermissionEvaluatorTests {
|
||||
pe.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class));
|
||||
Acl acl = mock(Acl.class);
|
||||
|
||||
when(service.readAclById(any(ObjectIdentity.class), anyList())).thenReturn(acl);
|
||||
when(acl.isGranted(anyList(), anyList(), eq(false))).thenReturn(true);
|
||||
when(service.readAclById(any(ObjectIdentity.class), anyListOf(Sid.class))).thenReturn(acl);
|
||||
when(acl.isGranted(anyListOf(Permission.class), anyListOf(Sid.class), eq(false))).thenReturn(true);
|
||||
|
||||
assertThat(pe.hasPermission(mock(Authentication.class), new Object(), "write")).isTrue();
|
||||
|
||||
|
||||
+2
-2
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-aspects</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-aspects</name>
|
||||
<description>spring-security-aspects</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -45,7 +45,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
+8
-3
@@ -1,15 +1,16 @@
|
||||
buildscript {
|
||||
repositories {
|
||||
maven { url "https://repo.spring.io/plugins-release" }
|
||||
maven { url "https://repo.spring.io/plugins-snapshot" }
|
||||
}
|
||||
dependencies {
|
||||
classpath("org.springframework.build.gradle:propdeps-plugin:0.0.7")
|
||||
classpath("io.spring.gradle:spring-io-plugin:0.0.5.RELEASE")
|
||||
classpath("io.spring.gradle:spring-io-plugin:0.0.6.RELEASE")
|
||||
classpath("com.bmuschko:gradle-tomcat-plugin:2.2.4")
|
||||
classpath('me.champeau.gradle:gradle-javadoc-hotfix-plugin:0.1')
|
||||
classpath('org.asciidoctor:asciidoctor-gradle-plugin:1.5.1')
|
||||
classpath("io.spring.gradle:docbook-reference-plugin:0.3.1")
|
||||
classpath("org.springframework.boot:spring-boot-gradle-plugin:1.4.0.RELEASE")
|
||||
classpath("org.springframework.boot:spring-boot-gradle-plugin:1.5.0.BUILD-SNAPSHOT")
|
||||
}
|
||||
}
|
||||
|
||||
@@ -114,7 +115,11 @@ configure(coreModuleProjects) {
|
||||
dependencyManagement {
|
||||
springIoTestRuntime {
|
||||
imports {
|
||||
mavenBom "io.spring.platform:platform-bom:${springIoVersion}"
|
||||
mavenBom("io.spring.platform:platform-bom:${springIoVersion}") {
|
||||
bomProperties([
|
||||
'mockito.version': '1.10.19'
|
||||
])
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,12 +4,13 @@ import org.gradle.api.Project
|
||||
import org.gradle.api.Plugin
|
||||
import org.gradle.api.tasks.TaskAction
|
||||
import org.gradle.api.logging.LogLevel
|
||||
import org.gradle.api.file.FileCollection
|
||||
import org.gradle.api.file.*
|
||||
import org.gradle.api.tasks.SourceSet
|
||||
import org.gradle.api.DefaultTask
|
||||
import org.gradle.api.GradleException
|
||||
|
||||
import org.gradle.api.plugins.JavaPlugin
|
||||
import org.gradle.api.tasks.compile.JavaCompile
|
||||
import org.gradle.plugins.ide.eclipse.GenerateEclipseProject
|
||||
import org.gradle.plugins.ide.eclipse.GenerateEclipseClasspath
|
||||
import org.gradle.plugins.ide.eclipse.EclipsePlugin
|
||||
@@ -41,28 +42,25 @@ class AspectJPlugin implements Plugin<Project> {
|
||||
project.configurations.create('aspectpath')
|
||||
}
|
||||
|
||||
project.tasks.create(name: 'compileAspect', overwrite: true, description: 'Compiles AspectJ Source', type: Ajc) {
|
||||
dependsOn project.configurations*.getTaskDependencyFromProjectDependency(true, "compileJava")
|
||||
project.tasks.withType(JavaCompile) { javaCompileTask ->
|
||||
def javaCompileTaskName = javaCompileTask.name
|
||||
def ajCompileTask = project.tasks.create(name: javaCompileTaskName + 'Aspect', overwrite: true, description: 'Compiles AspectJ Source', type: Ajc) {
|
||||
inputs.files(javaCompileTask.inputs.files)
|
||||
inputs.properties(javaCompileTask.inputs.properties)
|
||||
|
||||
sourceRoots.addAll(project.sourceSets.main.java.srcDirs)
|
||||
if(javaCompileTaskName.contains("Test")) {
|
||||
sourceRoots.addAll(project.sourceSets.test.java.srcDirs)
|
||||
}
|
||||
compileClasspath = javaCompileTask.classpath
|
||||
destinationDir = javaCompileTask.destinationDir
|
||||
aspectPath = project.configurations.aspectpath
|
||||
}
|
||||
|
||||
javaCompileTask.deleteAllActions()
|
||||
javaCompileTask.dependsOn ajCompileTask
|
||||
|
||||
dependsOn project.processResources
|
||||
sourceSet = project.sourceSets.main
|
||||
inputs.files(sourceSet.allSource)
|
||||
outputs.dir(sourceSet.output.classesDir)
|
||||
aspectPath = project.configurations.aspectpath
|
||||
}
|
||||
project.tasks.compileJava.deleteAllActions()
|
||||
project.tasks.compileJava.dependsOn project.tasks.compileAspect
|
||||
|
||||
|
||||
project.tasks.create(name: 'compileTestAspect', overwrite: true, description: 'Compiles AspectJ Test Source', type: Ajc) {
|
||||
dependsOn project.processTestResources, project.compileJava, project.jar
|
||||
sourceSet = project.sourceSets.test
|
||||
inputs.files(sourceSet.allSource)
|
||||
outputs.dir(sourceSet.output.classesDir)
|
||||
aspectPath = project.files(project.configurations.aspectpath, project.jar.archivePath)
|
||||
}
|
||||
project.tasks.compileTestJava.deleteAllActions()
|
||||
project.tasks.compileTestJava.dependsOn project.tasks.compileTestAspect
|
||||
|
||||
project.tasks.withType(GenerateEclipseProject) {
|
||||
project.eclipse.project.file.whenMerged { p ->
|
||||
@@ -91,7 +89,9 @@ class AspectJPlugin implements Plugin<Project> {
|
||||
}
|
||||
|
||||
class Ajc extends DefaultTask {
|
||||
SourceSet sourceSet
|
||||
Set<File> sourceRoots = []
|
||||
FileCollection compileClasspath
|
||||
File destinationDir
|
||||
FileCollection aspectPath
|
||||
|
||||
Ajc() {
|
||||
@@ -103,15 +103,18 @@ class Ajc extends DefaultTask {
|
||||
logger.info("="*30)
|
||||
logger.info("="*30)
|
||||
logger.info("Running ajc ...")
|
||||
logger.info("classpath: ${sourceSet.compileClasspath.asPath}")
|
||||
logger.info("srcDirs $sourceSet.java.srcDirs")
|
||||
logger.info("classpath: ${compileClasspath?.files}")
|
||||
logger.info("srcDirs ${sourceRoots}")
|
||||
ant.taskdef(resource: "org/aspectj/tools/ant/taskdefs/aspectjTaskdefs.properties", classpath: project.configurations.ajtools.asPath)
|
||||
ant.iajc(classpath: sourceSet.compileClasspath.asPath, fork: 'true', destDir: sourceSet.output.classesDir.absolutePath,
|
||||
if(sourceRoots.empty) {
|
||||
return
|
||||
}
|
||||
ant.iajc(classpath: compileClasspath.asPath, fork: 'true', destDir: destinationDir.absolutePath,
|
||||
source: project.convention.plugins.java.sourceCompatibility,
|
||||
target: project.convention.plugins.java.targetCompatibility,
|
||||
aspectPath: aspectPath.asPath, sourceRootCopyFilter: '**/*.java', showWeaveInfo: 'true') {
|
||||
sourceroots {
|
||||
sourceSet.java.srcDirs.each {
|
||||
sourceRoots.each {
|
||||
logger.info(" sourceRoot $it")
|
||||
pathelement(location: it.absolutePath)
|
||||
}
|
||||
|
||||
+3
-3
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-cas</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-cas</name>
|
||||
<description>spring-security-cas</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -51,13 +51,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
+1
-1
@@ -132,7 +132,7 @@ final class DefaultServiceAuthenticationDetails extends WebAuthenticationDetails
|
||||
* @return
|
||||
*/
|
||||
static Pattern createArtifactPattern(String artifactParameterName) {
|
||||
Assert.hasLength(artifactParameterName);
|
||||
Assert.hasLength(artifactParameterName, "artifactParameterName is expected to have a length");
|
||||
return Pattern.compile("&?" + Pattern.quote(artifactParameterName) + "=[^&]*");
|
||||
}
|
||||
|
||||
|
||||
+8
-8
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-config</name>
|
||||
<description>spring-security-config</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -51,7 +51,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -97,28 +97,28 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-ldap</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-messaging</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-openid</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
@@ -365,13 +365,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-aspects</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-cas</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
+1
-1
@@ -86,7 +86,7 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
|
||||
if (!namespaceMatchesVersion(element)) {
|
||||
pc.getReaderContext()
|
||||
.fatal("You cannot use a spring-security-2.0.xsd or spring-security-3.0.xsd or spring-security-3.1.xsd schema or spring-security-3.2.xsd schema or spring-security-4.0.xsd schema "
|
||||
+ "with Spring Security 4.1. Please update your schema declarations to the 4.1 schema.",
|
||||
+ "with Spring Security 4.2. Please update your schema declarations to the 4.2 schema.",
|
||||
element);
|
||||
}
|
||||
String name = pc.getDelegate().getLocalName(element);
|
||||
|
||||
+1
-1
@@ -481,7 +481,7 @@ final class AuthenticationConfigBuilder {
|
||||
SimpleAttributes2GrantedAuthoritiesMapper.class));
|
||||
|
||||
String roles = jeeElt.getAttribute(ATT_MAPPABLE_ROLES);
|
||||
Assert.state(StringUtils.hasText(roles));
|
||||
Assert.hasLength(roles, "roles is expected to have length");
|
||||
BeanDefinitionBuilder rolesBuilder = BeanDefinitionBuilder
|
||||
.rootBeanDefinition(StringUtils.class);
|
||||
rolesBuilder.addConstructorArgValue(roles);
|
||||
|
||||
+1
-1
@@ -194,7 +194,7 @@ public class FilterInvocationSecurityMetadataSourceParser implements BeanDefinit
|
||||
logger.info("Creating access control expression attribute '" + access
|
||||
+ "' for " + path);
|
||||
// The single expression will be parsed later by the
|
||||
// ExpressionFilterInvocationSecurityMetadataSource
|
||||
// ExpressionBasedFilterInvocationSecurityMetadataSource
|
||||
attributeBuilder.addConstructorArgValue(new String[] { access });
|
||||
attributeBuilder.setFactoryMethod("createList");
|
||||
|
||||
|
||||
+1
-1
@@ -163,7 +163,7 @@ final class ProtectPointcutPostProcessor implements BeanPostProcessor {
|
||||
}
|
||||
|
||||
public void setPointcutMap(Map<String, List<ConfigAttribute>> map) {
|
||||
Assert.notEmpty(map);
|
||||
Assert.notEmpty(map, "configAttributes cannot be empty");
|
||||
for (String expression : map.keySet()) {
|
||||
List<ConfigAttribute> value = map.get(expression);
|
||||
addPointcut(expression, value);
|
||||
|
||||
+8
-8
@@ -255,8 +255,8 @@ public final class WebSocketMessageBrokerSecurityBeanDefinitionParser implements
|
||||
for (String beanName : beanNames) {
|
||||
BeanDefinition bd = registry.getBeanDefinition(beanName);
|
||||
String beanClassName = bd.getBeanClassName();
|
||||
if (beanClassName.equals(SimpAnnotationMethodMessageHandler.class
|
||||
.getName()) || beanClassName.equals(WEB_SOCKET_AMMH_CLASS_NAME)) {
|
||||
if (SimpAnnotationMethodMessageHandler.class.getName().equals(beanClassName) ||
|
||||
WEB_SOCKET_AMMH_CLASS_NAME.equals(beanClassName)) {
|
||||
PropertyValue current = bd.getPropertyValues().getPropertyValue(
|
||||
CUSTOM_ARG_RESOLVERS_PROP);
|
||||
ManagedList<Object> argResolvers = new ManagedList<Object>();
|
||||
@@ -275,16 +275,16 @@ public final class WebSocketMessageBrokerSecurityBeanDefinitionParser implements
|
||||
}
|
||||
}
|
||||
}
|
||||
else if (beanClassName
|
||||
.equals("org.springframework.web.socket.server.support.WebSocketHttpRequestHandler")) {
|
||||
else if ("org.springframework.web.socket.server.support.WebSocketHttpRequestHandler"
|
||||
.equals(beanClassName)) {
|
||||
addCsrfTokenHandshakeInterceptor(bd);
|
||||
}
|
||||
else if (beanClassName
|
||||
.equals("org.springframework.web.socket.sockjs.transport.TransportHandlingSockJsService")) {
|
||||
else if ("org.springframework.web.socket.sockjs.transport.TransportHandlingSockJsService"
|
||||
.equals(beanClassName)) {
|
||||
addCsrfTokenHandshakeInterceptor(bd);
|
||||
}
|
||||
else if (beanClassName
|
||||
.equals("org.springframework.web.socket.sockjs.transport.handler.DefaultSockJsService")) {
|
||||
else if ("org.springframework.web.socket.sockjs.transport.handler.DefaultSockJsService"
|
||||
.equals(beanClassName)) {
|
||||
addCsrfTokenHandshakeInterceptor(bd);
|
||||
}
|
||||
}
|
||||
|
||||
+34
@@ -0,0 +1,34 @@
|
||||
/*
|
||||
* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.config.websocket;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.springframework.beans.factory.support.BeanDefinitionRegistry;
|
||||
import org.springframework.beans.factory.support.GenericBeanDefinition;
|
||||
import org.springframework.beans.factory.support.SimpleBeanDefinitionRegistry;
|
||||
|
||||
public class MessageSecurityPostProcessorTest {
|
||||
|
||||
private WebSocketMessageBrokerSecurityBeanDefinitionParser.MessageSecurityPostProcessor postProcessor =
|
||||
new WebSocketMessageBrokerSecurityBeanDefinitionParser.MessageSecurityPostProcessor("id", false);
|
||||
|
||||
@Test
|
||||
public void handlesBeansWithoutClass() {
|
||||
BeanDefinitionRegistry registry = new SimpleBeanDefinitionRegistry();
|
||||
registry.registerBeanDefinition("beanWithoutClass", new GenericBeanDefinition());
|
||||
postProcessor.postProcessBeanDefinitionRegistry(registry);
|
||||
}
|
||||
}
|
||||
+1
-1
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-core</name>
|
||||
<description>spring-security-core</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
|
||||
+1
-1
@@ -49,7 +49,7 @@ public class SecuredAnnotationSecurityMetadataSource extends
|
||||
|
||||
public SecuredAnnotationSecurityMetadataSource(
|
||||
AnnotationMetadataExtractor annotationMetadataExtractor) {
|
||||
Assert.notNull(annotationMetadataExtractor);
|
||||
Assert.notNull(annotationMetadataExtractor, "annotationMetadataExtractor cannot be null");
|
||||
annotationExtractor = annotationMetadataExtractor;
|
||||
annotationType = (Class<? extends Annotation>) GenericTypeResolver
|
||||
.resolveTypeArgument(annotationExtractor.getClass(),
|
||||
|
||||
+1
-1
@@ -41,7 +41,7 @@ public class RememberMeAuthenticationProvider implements AuthenticationProvider,
|
||||
private String key;
|
||||
|
||||
public RememberMeAuthenticationProvider(String key) {
|
||||
Assert.hasLength(key);
|
||||
Assert.hasLength(key, "key must have a length");
|
||||
this.key = key;
|
||||
}
|
||||
|
||||
|
||||
+1
-1
@@ -45,7 +45,7 @@ public class InteractiveAuthenticationSuccessEvent extends AbstractAuthenticatio
|
||||
public InteractiveAuthenticationSuccessEvent(Authentication authentication,
|
||||
Class<?> generatedBy) {
|
||||
super(authentication);
|
||||
Assert.notNull(generatedBy);
|
||||
Assert.notNull(generatedBy, "generatedBy cannot be null");
|
||||
this.generatedBy = generatedBy;
|
||||
}
|
||||
|
||||
|
||||
+2
-1
@@ -17,6 +17,7 @@
|
||||
package org.springframework.security.core.context;
|
||||
|
||||
import org.springframework.util.ReflectionUtils;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import java.lang.reflect.Constructor;
|
||||
|
||||
@@ -93,7 +94,7 @@ public class SecurityContextHolder {
|
||||
}
|
||||
|
||||
private static void initialize() {
|
||||
if ((strategyName == null) || "".equals(strategyName)) {
|
||||
if (!StringUtils.hasText(strategyName)) {
|
||||
// Set default
|
||||
strategyName = MODE_THREADLOCAL;
|
||||
}
|
||||
|
||||
+2
-2
@@ -76,7 +76,7 @@ public class InMemoryUserDetailsManager implements UserDetailsManager {
|
||||
}
|
||||
|
||||
public void createUser(UserDetails user) {
|
||||
Assert.isTrue(!userExists(user.getUsername()));
|
||||
Assert.isTrue(!userExists(user.getUsername()), "user should not exist");
|
||||
|
||||
users.put(user.getUsername().toLowerCase(), new MutableUser(user));
|
||||
}
|
||||
@@ -86,7 +86,7 @@ public class InMemoryUserDetailsManager implements UserDetailsManager {
|
||||
}
|
||||
|
||||
public void updateUser(UserDetails user) {
|
||||
Assert.isTrue(userExists(user.getUsername()));
|
||||
Assert.isTrue(userExists(user.getUsername()), "user should exist");
|
||||
|
||||
users.put(user.getUsername().toLowerCase(), new MutableUser(user));
|
||||
}
|
||||
|
||||
+35
-35
@@ -258,15 +258,15 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
|
||||
}
|
||||
|
||||
public List<String> findUsersInGroup(String groupName) {
|
||||
Assert.hasText(groupName);
|
||||
Assert.hasText(groupName, "groupName should have text");
|
||||
return getJdbcTemplate().queryForList(findUsersInGroupSql,
|
||||
new String[] { groupName }, String.class);
|
||||
}
|
||||
|
||||
public void createGroup(final String groupName,
|
||||
final List<GrantedAuthority> authorities) {
|
||||
Assert.hasText(groupName);
|
||||
Assert.notNull(authorities);
|
||||
Assert.hasText(groupName, "groupName should have text");
|
||||
Assert.notNull(authorities, "authorities cannot be null");
|
||||
|
||||
logger.debug("Creating new group '" + groupName + "' with authorities "
|
||||
+ AuthorityUtils.authorityListToSet(authorities));
|
||||
@@ -289,7 +289,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
|
||||
|
||||
public void deleteGroup(String groupName) {
|
||||
logger.debug("Deleting group '" + groupName + "'");
|
||||
Assert.hasText(groupName);
|
||||
Assert.hasText(groupName, "groupName should have text");
|
||||
|
||||
final int id = findGroupId(groupName);
|
||||
PreparedStatementSetter groupIdPSS = new PreparedStatementSetter() {
|
||||
@@ -304,16 +304,16 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
|
||||
|
||||
public void renameGroup(String oldName, String newName) {
|
||||
logger.debug("Changing group name from '" + oldName + "' to '" + newName + "'");
|
||||
Assert.hasText(oldName);
|
||||
Assert.hasText(newName);
|
||||
Assert.hasText(oldName,"oldName should have text");;
|
||||
Assert.hasText(newName,"newName should have text");;
|
||||
|
||||
getJdbcTemplate().update(renameGroupSql, newName, oldName);
|
||||
}
|
||||
|
||||
public void addUserToGroup(final String username, final String groupName) {
|
||||
logger.debug("Adding user '" + username + "' to group '" + groupName + "'");
|
||||
Assert.hasText(username);
|
||||
Assert.hasText(groupName);
|
||||
Assert.hasText(username,"username should have text");;
|
||||
Assert.hasText(groupName,"groupName should have text");;
|
||||
|
||||
final int id = findGroupId(groupName);
|
||||
getJdbcTemplate().update(insertGroupMemberSql, new PreparedStatementSetter() {
|
||||
@@ -328,8 +328,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
|
||||
|
||||
public void removeUserFromGroup(final String username, final String groupName) {
|
||||
logger.debug("Removing user '" + username + "' to group '" + groupName + "'");
|
||||
Assert.hasText(username);
|
||||
Assert.hasText(groupName);
|
||||
Assert.hasText(username,"username should have text");;
|
||||
Assert.hasText(groupName,"groupName should have text");;
|
||||
|
||||
final int id = findGroupId(groupName);
|
||||
|
||||
@@ -345,7 +345,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
|
||||
|
||||
public List<GrantedAuthority> findGroupAuthorities(String groupName) {
|
||||
logger.debug("Loading authorities for group '" + groupName + "'");
|
||||
Assert.hasText(groupName);
|
||||
Assert.hasText(groupName,"groupName should have text");;
|
||||
|
||||
return getJdbcTemplate().query(groupAuthoritiesSql, new String[] { groupName },
|
||||
new RowMapper<GrantedAuthority>() {
|
||||
@@ -361,8 +361,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
|
||||
public void removeGroupAuthority(String groupName, final GrantedAuthority authority) {
|
||||
logger.debug("Removing authority '" + authority + "' from group '" + groupName
|
||||
+ "'");
|
||||
Assert.hasText(groupName);
|
||||
Assert.notNull(authority);
|
||||
Assert.hasText(groupName,"groupName should have text");
|
||||
Assert.notNull(authority, "authority cannot be null");
|
||||
|
||||
final int id = findGroupId(groupName);
|
||||
|
||||
@@ -377,8 +377,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
|
||||
|
||||
public void addGroupAuthority(final String groupName, final GrantedAuthority authority) {
|
||||
logger.debug("Adding authority '" + authority + "' to group '" + groupName + "'");
|
||||
Assert.hasText(groupName);
|
||||
Assert.notNull(authority);
|
||||
Assert.hasText(groupName,"groupName should have text");;
|
||||
Assert.notNull(authority, "authority cannot be null");
|
||||
|
||||
final int id = findGroupId(groupName);
|
||||
getJdbcTemplate().update(insertGroupAuthoritySql, new PreparedStatementSetter() {
|
||||
@@ -398,102 +398,102 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
|
||||
}
|
||||
|
||||
public void setCreateUserSql(String createUserSql) {
|
||||
Assert.hasText(createUserSql);
|
||||
Assert.hasText(createUserSql,"createUserSql should have text");;
|
||||
this.createUserSql = createUserSql;
|
||||
}
|
||||
|
||||
public void setDeleteUserSql(String deleteUserSql) {
|
||||
Assert.hasText(deleteUserSql);
|
||||
Assert.hasText(deleteUserSql,"deleteUserSql should have text");;
|
||||
this.deleteUserSql = deleteUserSql;
|
||||
}
|
||||
|
||||
public void setUpdateUserSql(String updateUserSql) {
|
||||
Assert.hasText(updateUserSql);
|
||||
Assert.hasText(updateUserSql,"updateUserSql should have text");;
|
||||
this.updateUserSql = updateUserSql;
|
||||
}
|
||||
|
||||
public void setCreateAuthoritySql(String createAuthoritySql) {
|
||||
Assert.hasText(createAuthoritySql);
|
||||
Assert.hasText(createAuthoritySql,"createAuthoritySql should have text");;
|
||||
this.createAuthoritySql = createAuthoritySql;
|
||||
}
|
||||
|
||||
public void setDeleteUserAuthoritiesSql(String deleteUserAuthoritiesSql) {
|
||||
Assert.hasText(deleteUserAuthoritiesSql);
|
||||
Assert.hasText(deleteUserAuthoritiesSql,"deleteUserAuthoritiesSql should have text");;
|
||||
this.deleteUserAuthoritiesSql = deleteUserAuthoritiesSql;
|
||||
}
|
||||
|
||||
public void setUserExistsSql(String userExistsSql) {
|
||||
Assert.hasText(userExistsSql);
|
||||
Assert.hasText(userExistsSql,"userExistsSql should have text");;
|
||||
this.userExistsSql = userExistsSql;
|
||||
}
|
||||
|
||||
public void setChangePasswordSql(String changePasswordSql) {
|
||||
Assert.hasText(changePasswordSql);
|
||||
Assert.hasText(changePasswordSql,"changePasswordSql should have text");;
|
||||
this.changePasswordSql = changePasswordSql;
|
||||
}
|
||||
|
||||
public void setFindAllGroupsSql(String findAllGroupsSql) {
|
||||
Assert.hasText(findAllGroupsSql);
|
||||
Assert.hasText(findAllGroupsSql,"findAllGroupsSql should have text");;
|
||||
this.findAllGroupsSql = findAllGroupsSql;
|
||||
}
|
||||
|
||||
public void setFindUsersInGroupSql(String findUsersInGroupSql) {
|
||||
Assert.hasText(findUsersInGroupSql);
|
||||
Assert.hasText(findUsersInGroupSql,"findUsersInGroupSql should have text");;
|
||||
this.findUsersInGroupSql = findUsersInGroupSql;
|
||||
}
|
||||
|
||||
public void setInsertGroupSql(String insertGroupSql) {
|
||||
Assert.hasText(insertGroupSql);
|
||||
Assert.hasText(insertGroupSql,"insertGroupSql should have text");;
|
||||
this.insertGroupSql = insertGroupSql;
|
||||
}
|
||||
|
||||
public void setFindGroupIdSql(String findGroupIdSql) {
|
||||
Assert.hasText(findGroupIdSql);
|
||||
Assert.hasText(findGroupIdSql,"findGroupIdSql should have text");;
|
||||
this.findGroupIdSql = findGroupIdSql;
|
||||
}
|
||||
|
||||
public void setInsertGroupAuthoritySql(String insertGroupAuthoritySql) {
|
||||
Assert.hasText(insertGroupAuthoritySql);
|
||||
Assert.hasText(insertGroupAuthoritySql,"insertGroupAuthoritySql should have text");;
|
||||
this.insertGroupAuthoritySql = insertGroupAuthoritySql;
|
||||
}
|
||||
|
||||
public void setDeleteGroupSql(String deleteGroupSql) {
|
||||
Assert.hasText(deleteGroupSql);
|
||||
Assert.hasText(deleteGroupSql,"deleteGroupSql should have text");;
|
||||
this.deleteGroupSql = deleteGroupSql;
|
||||
}
|
||||
|
||||
public void setDeleteGroupAuthoritiesSql(String deleteGroupAuthoritiesSql) {
|
||||
Assert.hasText(deleteGroupAuthoritiesSql);
|
||||
Assert.hasText(deleteGroupAuthoritiesSql,"deleteGroupAuthoritiesSql should have text");;
|
||||
this.deleteGroupAuthoritiesSql = deleteGroupAuthoritiesSql;
|
||||
}
|
||||
|
||||
public void setDeleteGroupMembersSql(String deleteGroupMembersSql) {
|
||||
Assert.hasText(deleteGroupMembersSql);
|
||||
Assert.hasText(deleteGroupMembersSql,"deleteGroupMembersSql should have text");;
|
||||
this.deleteGroupMembersSql = deleteGroupMembersSql;
|
||||
}
|
||||
|
||||
public void setRenameGroupSql(String renameGroupSql) {
|
||||
Assert.hasText(renameGroupSql);
|
||||
Assert.hasText(renameGroupSql,"renameGroupSql should have text");;
|
||||
this.renameGroupSql = renameGroupSql;
|
||||
}
|
||||
|
||||
public void setInsertGroupMemberSql(String insertGroupMemberSql) {
|
||||
Assert.hasText(insertGroupMemberSql);
|
||||
Assert.hasText(insertGroupMemberSql,"insertGroupMemberSql should have text");;
|
||||
this.insertGroupMemberSql = insertGroupMemberSql;
|
||||
}
|
||||
|
||||
public void setDeleteGroupMemberSql(String deleteGroupMemberSql) {
|
||||
Assert.hasText(deleteGroupMemberSql);
|
||||
Assert.hasText(deleteGroupMemberSql,"deleteGroupMemberSql should have text");;
|
||||
this.deleteGroupMemberSql = deleteGroupMemberSql;
|
||||
}
|
||||
|
||||
public void setGroupAuthoritiesSql(String groupAuthoritiesSql) {
|
||||
Assert.hasText(groupAuthoritiesSql);
|
||||
Assert.hasText(groupAuthoritiesSql,"groupAuthoritiesSql should have text");;
|
||||
this.groupAuthoritiesSql = groupAuthoritiesSql;
|
||||
}
|
||||
|
||||
public void setDeleteGroupAuthoritySql(String deleteGroupAuthoritySql) {
|
||||
Assert.hasText(deleteGroupAuthoritySql);
|
||||
Assert.hasText(deleteGroupAuthoritySql,"deleteGroupAuthoritySql should have text");;
|
||||
this.deleteGroupAuthoritySql = deleteGroupAuthoritySql;
|
||||
}
|
||||
|
||||
|
||||
@@ -52,7 +52,7 @@ public class InMemoryResource extends AbstractResource {
|
||||
}
|
||||
|
||||
public InMemoryResource(byte[] source, String description) {
|
||||
Assert.notNull(source);
|
||||
Assert.notNull(source, "source cannot be null");
|
||||
this.source = source;
|
||||
this.description = description;
|
||||
}
|
||||
|
||||
+1
-1
@@ -74,7 +74,7 @@ public abstract class HierarchicalRolesTestHelper {
|
||||
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(roles.length);
|
||||
|
||||
for (final String role : roles) {
|
||||
// Use non GrantedAuthorityImpl (SEC-863)
|
||||
// Use non SimpleGrantedAuthority (SEC-863)
|
||||
authorities.add(new GrantedAuthority() {
|
||||
public String getAuthority() {
|
||||
return role;
|
||||
|
||||
+7
-1
@@ -28,10 +28,16 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
* @author Joe Grandja
|
||||
*/
|
||||
public class RoleHierarchyUtilsTests {
|
||||
private static final String EOL = System.lineSeparator();
|
||||
|
||||
@Test
|
||||
public void roleHierarchyFromMapWhenMapValidThenConvertsCorrectly() throws Exception {
|
||||
String expectedRoleHierarchy = "ROLE_A > ROLE_B\nROLE_A > ROLE_C\nROLE_B > ROLE_D\nROLE_C > ROLE_D\n";
|
||||
// @formatter:off
|
||||
String expectedRoleHierarchy = "ROLE_A > ROLE_B" + EOL +
|
||||
"ROLE_A > ROLE_C" + EOL +
|
||||
"ROLE_B > ROLE_D" + EOL +
|
||||
"ROLE_C > ROLE_D" + EOL;
|
||||
// @formatter:on
|
||||
|
||||
Map<String, List<String>> roleHierarchyMap = new TreeMap<String, List<String>>();
|
||||
roleHierarchyMap.put("ROLE_A", asList("ROLE_B", "ROLE_C"));
|
||||
|
||||
+1
-1
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-crypto</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-crypto</name>
|
||||
<description>spring-security-crypto</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2017 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -163,7 +163,7 @@ public class SCryptPasswordEncoder implements PasswordEncoder {
|
||||
}
|
||||
|
||||
private String digest(CharSequence rawPassword, byte[] salt) {
|
||||
byte[] derived = SCrypt.generate(Utf8.encode(rawPassword), salt, cpuCost, memoryCost, parallelization, 32);
|
||||
byte[] derived = SCrypt.generate(Utf8.encode(rawPassword), salt, cpuCost, memoryCost, parallelization, keyLength);
|
||||
|
||||
String params = Long
|
||||
.toString(((int) (Math.log(cpuCost) / Math.log(2)) << 16L) | memoryCost << 8 | parallelization, 16);
|
||||
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2017 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -65,7 +65,7 @@ public class SCryptPasswordEncoderTests {
|
||||
|
||||
@Test
|
||||
public void samePasswordWithDifferentParams() {
|
||||
SCryptPasswordEncoder oldEncoder = new SCryptPasswordEncoder(512, 8, 4, 64, 16);
|
||||
SCryptPasswordEncoder oldEncoder = new SCryptPasswordEncoder(16384, 8, 1, 32,64);
|
||||
SCryptPasswordEncoder newEncoder = new SCryptPasswordEncoder();
|
||||
|
||||
String password = "secret";
|
||||
|
||||
+2
-2
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-data</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-data</name>
|
||||
<description>spring-security-data</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -51,7 +51,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -431,7 +431,7 @@ To use JDBC instead, you can implement the interface yourself, using whatever SQ
|
||||
* prefix "ROLE_" to mark attributes which are supported by Spring Security's RoleVoter.
|
||||
*/
|
||||
public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException {
|
||||
return new GrantedAuthorityImpl("ROLE_" + rs.getString(1);
|
||||
return new SimpleGrantedAuthority("ROLE_" + rs.getString(1);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2777,7 +2777,7 @@ It's also possible to supply a custom `AccessDeniedHandler` when you're using th
|
||||
|
||||
[[request-caching]]
|
||||
==== SavedRequest s and the RequestCache Interface
|
||||
Another responsibility of `ExceptionTranslationFilter` responsibilities is to save the current request before invoking the `AuthenticationEntryPoint`. This allows the request to be restored after the use has authenticated (see previous overview of <<tech-intro-web-authentication,web authentication>>). A typical example would be where the user logs in with a form, and is then redirected to the original URL by the default `SavedRequestAwareAuthenticationSuccessHandler` (see <<form-login-flow-handling,below>>).
|
||||
Another responsibility of `ExceptionTranslationFilter` responsibilities is to save the current request before invoking the `AuthenticationEntryPoint`. This allows the request to be restored after the user has authenticated (see previous overview of <<tech-intro-web-authentication,web authentication>>). A typical example would be where the user logs in with a form, and is then redirected to the original URL by the default `SavedRequestAwareAuthenticationSuccessHandler` (see <<form-login-flow-handling,below>>).
|
||||
|
||||
The `RequestCache` encapsulates the functionality required for storing and retrieving `HttpServletRequest` instances. By default the `HttpSessionRequestCache` is used, which stores the request in the `HttpSession`. The `RequestCacheFilter` has the job of actually restoring the saved request from the cache when the user is redirected to the original URL.
|
||||
|
||||
@@ -4788,7 +4788,7 @@ This method allows
|
||||
|
||||
An example of a "complex" `GrantedAuthority` would be an implementation that stores a list of operations and authority thresholds that apply to different customer account numbers. Representing this complex `GrantedAuthority` as a `String` would be quite difficult, and as a result the `getAuthority()` method should return `null`. This will indicate to any `AccessDecisionManager` that it will need to specifically support the `GrantedAuthority` implementation in order to understand its contents.
|
||||
|
||||
Spring Security includes one concrete `GrantedAuthority` implementation, `GrantedAuthorityImpl`. This allows any user-specified `String` to be converted into a `GrantedAuthority`. All `AuthenticationProvider` s included with the security architecture use `GrantedAuthorityImpl` to populate the `Authentication` object.
|
||||
Spring Security includes one concrete `GrantedAuthority` implementation, `SimpleGrantedAuthority`. This allows any user-specified `String` to be converted into a `GrantedAuthority`. All `AuthenticationProvider` s included with the security architecture use `SimpleGrantedAuthority` to populate the `Authentication` object.
|
||||
|
||||
|
||||
[[authz-pre-invocation]]
|
||||
@@ -6554,7 +6554,7 @@ boolean supports(Class clazz);
|
||||
|
||||
The first method returns the `Authentication` object that should replace the existing `Authentication` object for the duration of the method invocation. If the method returns `null`, it indicates no replacement should be made. The second method is used by the `AbstractSecurityInterceptor` as part of its startup validation of configuration attributes. The `supports(Class)` method is called by a security interceptor implementation to ensure the configured `RunAsManager` supports the type of secure object that the security interceptor will present.
|
||||
|
||||
One concrete implementation of a `RunAsManager` is provided with Spring Security. The `RunAsManagerImpl` class returns a replacement `RunAsUserToken` if any `ConfigAttribute` starts with `RUN_AS_`. If any such `ConfigAttribute` is found, the replacement `RunAsUserToken` will contain the same principal, credentials and granted authorities as the original `Authentication` object, along with a new `GrantedAuthorityImpl` for each `RUN_AS_` `ConfigAttribute`. Each new `GrantedAuthorityImpl` will be prefixed with `ROLE_`, followed by the `RUN_AS` `ConfigAttribute`. For example, a `RUN_AS_SERVER` will result in the replacement `RunAsUserToken` containing a `ROLE_RUN_AS_SERVER` granted authority.
|
||||
One concrete implementation of a `RunAsManager` is provided with Spring Security. The `RunAsManagerImpl` class returns a replacement `RunAsUserToken` if any `ConfigAttribute` starts with `RUN_AS_`. If any such `ConfigAttribute` is found, the replacement `RunAsUserToken` will contain the same principal, credentials and granted authorities as the original `Authentication` object, along with a new `SimpleGrantedAuthority` for each `RUN_AS_` `ConfigAttribute`. Each new `SimpleGrantedAuthority` will be prefixed with `ROLE_`, followed by the `RUN_AS` `ConfigAttribute`. For example, a `RUN_AS_SERVER` will result in the replacement `RunAsUserToken` containing a `ROLE_RUN_AS_SERVER` granted authority.
|
||||
|
||||
The replacement `RunAsUserToken` is just like any other `Authentication` object. It needs to be authenticated by the `AuthenticationManager`, probably via delegation to a suitable `AuthenticationProvider`. The `RunAsImplAuthenticationProvider` performs such authentication. It simply accepts as valid any `RunAsUserToken` presented.
|
||||
|
||||
@@ -7715,7 +7715,7 @@ The attributes on the `<cors>` element control the headers element.
|
||||
Optional attribute that specifies the bean name of a `CorsFilter`.
|
||||
|
||||
[[nsa-cors-configuration-source-ref]]
|
||||
* **ref**
|
||||
* **cors-configuration-source-ref**
|
||||
Optional attribute that specifies the bean name of a `CorsConfigurationSource` to be injected into a `CorsFilter` created by the XML namespace.
|
||||
|
||||
[[nsa-cors-parents]]
|
||||
|
||||
+1
-1
@@ -1 +1 @@
|
||||
version=4.2.1.RELEASE
|
||||
version=4.2.2.RELEASE
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
apply plugin: 'spring-boot'
|
||||
apply plugin: 'org.springframework.boot'
|
||||
|
||||
sonarqube {
|
||||
skipProject = true
|
||||
|
||||
@@ -50,6 +50,8 @@ tasks["eclipseJdt"].dependsOn(eclipseJdtPrepare)
|
||||
tasks["cleanEclipse"].dependsOn(cleanEclipseJdtUi)
|
||||
tasks["eclipse"].dependsOn(eclipseCheckstyle, eclipseSettings, eclipseWstComponent)
|
||||
|
||||
task eclipseConfiguration(dependsOn: [eclipseCheckstyle, eclipseSettings, eclipseWstComponent]) {
|
||||
}
|
||||
|
||||
eclipse {
|
||||
classpath {
|
||||
|
||||
@@ -36,7 +36,7 @@ ext.springDataCommonsVersion = '1.12.2.RELEASE'
|
||||
ext.springDataJpaVersion = '1.10.2.RELEASE'
|
||||
ext.springDataRedisVersion = '1.7.2.RELEASE'
|
||||
ext.springSessionVersion = '1.2.1.RELEASE'
|
||||
ext.springBootVersion = '1.4.0.RELEASE'
|
||||
ext.springBootVersion = '1.5.0.BUILD-SNAPSHOT'
|
||||
ext.thymeleafVersion = '3.0.2.RELEASE'
|
||||
ext.jsonassertVersion = '1.3.0'
|
||||
ext.validationApiVersion = '1.1.0.Final'
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>itest-context</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>itest-context</name>
|
||||
<description>itest-context</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -57,7 +57,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -132,13 +132,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
+6
-6
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>itest-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>itest-web</name>
|
||||
<description>itest-web</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -98,31 +98,31 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-ldap</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-test</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
+2
-2
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-ldap</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-ldap</name>
|
||||
<description>spring-security-ldap</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -73,7 +73,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -157,7 +157,7 @@ public final class LdapUtils {
|
||||
* @return the root DN
|
||||
*/
|
||||
public static String parseRootDnFromUrl(String url) {
|
||||
Assert.hasLength(url);
|
||||
Assert.hasLength(url, "url must have length");
|
||||
|
||||
String urlRootDn;
|
||||
|
||||
@@ -187,7 +187,7 @@ public final class LdapUtils {
|
||||
*/
|
||||
|
||||
private static URI parseLdapUrl(String url) {
|
||||
Assert.hasLength(url);
|
||||
Assert.hasLength(url, "url must have length");
|
||||
|
||||
try {
|
||||
return new URI(url);
|
||||
|
||||
+1
-1
@@ -119,7 +119,7 @@ public abstract class AbstractLdapAuthenticator implements LdapAuthenticator,
|
||||
}
|
||||
|
||||
public void setMessageSource(MessageSource messageSource) {
|
||||
Assert.notNull("Message source must not be null");
|
||||
Assert.notNull(messageSource, "Message source must not be null");
|
||||
this.messages = new MessageSourceAccessor(messageSource);
|
||||
}
|
||||
|
||||
|
||||
@@ -159,7 +159,7 @@ public class ApacheDSContainer implements InitializingBean, DisposableBean, Life
|
||||
}
|
||||
|
||||
public void setWorkingDirectory(File workingDir) {
|
||||
Assert.notNull(workingDir);
|
||||
Assert.notNull(workingDir, "workingDir cannot be null");
|
||||
|
||||
logger.info("Setting working directory for LDAP_PROVIDER: "
|
||||
+ workingDir.getAbsolutePath());
|
||||
@@ -239,7 +239,7 @@ public class ApacheDSContainer implements InitializingBean, DisposableBean, Life
|
||||
catch (LdapNameNotFoundException e) {
|
||||
try {
|
||||
LdapDN dn = new LdapDN(root);
|
||||
Assert.isTrue(root.startsWith("dc="));
|
||||
Assert.isTrue(root.startsWith("dc="), "root must start with dc=");
|
||||
String dc = root.substring(3, root.indexOf(','));
|
||||
ServerEntry entry = service.newEntry(dn);
|
||||
entry.add("objectClass", "top", "domain", "extensibleObject");
|
||||
|
||||
+2
-2
@@ -387,7 +387,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
|
||||
}
|
||||
|
||||
public void setAttributesToRetrieve(String[] attributesToRetrieve) {
|
||||
Assert.notNull(attributesToRetrieve);
|
||||
Assert.notNull(attributesToRetrieve, "attributesToRetrieve cannot be null");
|
||||
this.attributesToRetrieve = attributesToRetrieve;
|
||||
}
|
||||
|
||||
@@ -406,7 +406,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
|
||||
* members.
|
||||
*/
|
||||
public void setGroupMemberAttributeName(String groupMemberAttributeName) {
|
||||
Assert.hasText(groupMemberAttributeName);
|
||||
Assert.hasText(groupMemberAttributeName, "groupMemberAttributeName should have text");
|
||||
this.groupMemberAttributeName = groupMemberAttributeName;
|
||||
this.groupSearchFilter = "(" + groupMemberAttributeName + "={0})";
|
||||
}
|
||||
|
||||
@@ -139,8 +139,8 @@ public class Person extends LdapUserDetailsImpl {
|
||||
|
||||
public LdapUserDetails createUserDetails() {
|
||||
Person p = (Person) super.createUserDetails();
|
||||
Assert.notNull(p.cn);
|
||||
Assert.notEmpty(p.cn);
|
||||
Assert.notNull(p.cn, "person.sn cannot be null");
|
||||
Assert.notEmpty(p.cn, "person.cn cannot be empty");
|
||||
// TODO: Check contents for null entries
|
||||
return p;
|
||||
}
|
||||
|
||||
+3
-3
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-messaging</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-messaging</name>
|
||||
<description>spring-security-messaging</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -51,7 +51,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -102,7 +102,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
+3
-3
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-openid</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-openid</name>
|
||||
<description>spring-security-openid</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -63,13 +63,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -45,7 +45,7 @@ public class OpenIDAttribute implements Serializable {
|
||||
}
|
||||
|
||||
public OpenIDAttribute(String name, String type, List<String> values) {
|
||||
Assert.notEmpty(values);
|
||||
Assert.notEmpty(values, "values cannot be empty");
|
||||
this.name = name;
|
||||
this.typeIdentifier = type;
|
||||
this.values = values;
|
||||
|
||||
+2
-2
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-remoting</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-remoting</name>
|
||||
<description>spring-security-remoting</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -51,7 +51,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-boot-helloworld</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-samples-boot-helloworld</name>
|
||||
<description>spring-security-samples-boot-helloworld</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -55,13 +55,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -115,7 +115,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-test</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
+30
-32
@@ -15,25 +15,22 @@
|
||||
*/
|
||||
package org.springframework.security.samples;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.SpringApplicationConfiguration;
|
||||
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.mock.web.MockHttpSession;
|
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
|
||||
import org.springframework.test.context.web.WebAppConfiguration;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.MvcResult;
|
||||
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||
import org.springframework.web.context.WebApplicationContext;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
|
||||
import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
|
||||
import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated;
|
||||
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
@@ -43,78 +40,79 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
* @author Joe Grandja
|
||||
*/
|
||||
@RunWith(SpringJUnit4ClassRunner.class)
|
||||
@SpringApplicationConfiguration(HelloWorldApplication.class)
|
||||
@WebAppConfiguration
|
||||
@SpringBootTest
|
||||
@AutoConfigureMockMvc
|
||||
public class HelloWorldApplicationTests {
|
||||
|
||||
@Autowired
|
||||
private WebApplicationContext context;
|
||||
|
||||
private MockMvc mockMvc;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
mockMvc = MockMvcBuilders
|
||||
.webAppContextSetup(context)
|
||||
.apply(springSecurity())
|
||||
.build();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void accessUnprotected() throws Exception {
|
||||
this.mockMvc.perform(get("/index")).andExpect(status().isOk());
|
||||
// @formatter:off
|
||||
this.mockMvc.perform(get("/index"))
|
||||
.andExpect(status().isOk());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Test
|
||||
public void accessProtectedRedirectsToLogin() throws Exception {
|
||||
// @formatter:off
|
||||
MvcResult mvcResult = this.mockMvc.perform(get("/user/index"))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
// @formatter:on
|
||||
|
||||
assertThat(mvcResult.getResponse().getRedirectedUrl()).endsWith("/login");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loginUser() throws Exception {
|
||||
// @formatter:off
|
||||
this.mockMvc.perform(formLogin().user("user").password("password"))
|
||||
.andExpect(authenticated());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loginInvalidUser() throws Exception {
|
||||
// @formatter:off
|
||||
this.mockMvc.perform(formLogin().user("invalid").password("invalid"))
|
||||
.andExpect(unauthenticated())
|
||||
.andExpect(status().is3xxRedirection());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loginUserAccessProtected() throws Exception {
|
||||
// @formatter:off
|
||||
MvcResult mvcResult = this.mockMvc.perform(formLogin().user("user").password("password"))
|
||||
.andExpect(authenticated())
|
||||
.andReturn();
|
||||
.andExpect(authenticated()).andReturn();
|
||||
// @formatter:on
|
||||
|
||||
MockHttpSession httpSession = MockHttpSession.class.cast(mvcResult.getRequest().getSession(false));
|
||||
MockHttpSession httpSession = (MockHttpSession) mvcResult.getRequest().getSession(false);
|
||||
|
||||
this.mockMvc.perform(get("/user/index")
|
||||
.session(httpSession))
|
||||
// @formatter:off
|
||||
this.mockMvc.perform(get("/user/index").session(httpSession))
|
||||
.andExpect(status().isOk());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loginUserValidateLogout() throws Exception {
|
||||
// @formatter:off
|
||||
MvcResult mvcResult = this.mockMvc.perform(formLogin().user("user").password("password"))
|
||||
.andExpect(authenticated())
|
||||
.andReturn();
|
||||
.andExpect(authenticated()).andReturn();
|
||||
// @formatter:on
|
||||
|
||||
MockHttpSession httpSession = MockHttpSession.class.cast(mvcResult.getRequest().getSession(false));
|
||||
MockHttpSession httpSession = (MockHttpSession) mvcResult.getRequest().getSession(false);
|
||||
|
||||
this.mockMvc.perform(post("/logout").with(csrf())
|
||||
.session(httpSession))
|
||||
// @formatter:off
|
||||
this.mockMvc.perform(post("/logout").with(csrf()).session(httpSession))
|
||||
.andExpect(unauthenticated());
|
||||
|
||||
this.mockMvc.perform(get("/user/index")
|
||||
.session(httpSession))
|
||||
this.mockMvc.perform(get("/user/index").session(httpSession))
|
||||
.andExpect(unauthenticated())
|
||||
.andExpect(status().is3xxRedirection());
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-boot-insecure</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-samples-boot-insecure</name>
|
||||
<description>spring-security-samples-boot-insecure</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
|
||||
+5
-16
@@ -15,16 +15,14 @@
|
||||
*/
|
||||
package org.springframework.security.samples;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.SpringApplicationConfiguration;
|
||||
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
|
||||
import org.springframework.test.context.web.WebAppConfiguration;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||
import org.springframework.web.context.WebApplicationContext;
|
||||
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
@@ -34,22 +32,13 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
* @author Joe Grandja
|
||||
*/
|
||||
@RunWith(SpringJUnit4ClassRunner.class)
|
||||
@SpringApplicationConfiguration(InsecureApplication.class)
|
||||
@WebAppConfiguration
|
||||
@SpringBootTest
|
||||
@AutoConfigureMockMvc
|
||||
public class InsecureApplicationTests {
|
||||
|
||||
@Autowired
|
||||
private WebApplicationContext context;
|
||||
|
||||
private MockMvc mockMvc;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
mockMvc = MockMvcBuilders
|
||||
.webAppContextSetup(context)
|
||||
.build();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void accessUnprotected() throws Exception {
|
||||
this.mockMvc.perform(get("/index")).andExpect(status().isOk());
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-aspectj</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-samples-javaconfig-aspectj</name>
|
||||
<description>spring-security-samples-javaconfig-aspectj</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -45,13 +45,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -71,7 +71,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-aspects</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-concurrency</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-concurrency</name>
|
||||
<description>spring-security-samples-javaconfig-concurrency</description>
|
||||
@@ -91,25 +91,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-data</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-samples-javaconfig-data</name>
|
||||
<description>spring-security-samples-javaconfig-data</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -81,13 +81,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-data</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-form</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-form</name>
|
||||
<description>spring-security-samples-javaconfig-form</description>
|
||||
@@ -91,25 +91,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-hellojs</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-hellojs</name>
|
||||
<description>spring-security-samples-javaconfig-hellojs</description>
|
||||
@@ -97,25 +97,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-hellomvc</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-hellomvc</name>
|
||||
<description>spring-security-samples-javaconfig-hellomvc</description>
|
||||
@@ -91,25 +91,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -180,7 +180,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-test</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-helloworld</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-helloworld</name>
|
||||
<description>spring-security-samples-javaconfig-helloworld</description>
|
||||
@@ -67,13 +67,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-inmemory</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-inmemory</name>
|
||||
<description>spring-security-samples-javaconfig-inmemory</description>
|
||||
@@ -91,25 +91,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -180,7 +180,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-test</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-jdbc</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-jdbc</name>
|
||||
<description>spring-security-samples-javaconfig-jdbc</description>
|
||||
@@ -91,25 +91,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-ldap</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-ldap</name>
|
||||
<description>spring-security-samples-javaconfig-ldap</description>
|
||||
@@ -127,31 +127,31 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-ldap</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-samples-javaconfig-messages</name>
|
||||
<description>spring-security-samples-javaconfig-messages</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -99,13 +99,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-openid</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-openid</name>
|
||||
<description>spring-security-samples-javaconfig-openid</description>
|
||||
@@ -91,31 +91,31 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-openid</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-preauth</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-preauth</name>
|
||||
<description>spring-security-samples-javaconfig-preauth</description>
|
||||
@@ -91,25 +91,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-rememberme</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-rememberme</name>
|
||||
<description>spring-security-samples-javaconfig-rememberme</description>
|
||||
@@ -91,25 +91,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-x509</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-javaconfig-x509</name>
|
||||
<description>spring-security-samples-javaconfig-x509</description>
|
||||
@@ -91,25 +91,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-aspectj</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-samples-xml-aspectj</name>
|
||||
<description>spring-security-samples-xml-aspectj</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -45,7 +45,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -65,13 +65,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-aspects</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-cassample</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-cassample</name>
|
||||
<description>spring-security-samples-xml-cassample</description>
|
||||
@@ -55,13 +55,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-cas</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -98,13 +98,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-casserver</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-casserver</name>
|
||||
<description>spring-security-samples-xml-casserver</description>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-contacts</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-contacts</name>
|
||||
<description>spring-security-samples-xml-contacts</description>
|
||||
@@ -49,13 +49,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-acl</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -145,19 +145,19 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-dms</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-samples-xml-dms</name>
|
||||
<description>spring-security-samples-xml-dms</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -45,13 +45,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-acl</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -92,7 +92,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-gae</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-gae</name>
|
||||
<description>spring-security-samples-xml-gae</description>
|
||||
@@ -73,13 +73,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -147,13 +147,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -39,7 +39,7 @@ public class InMemoryUserRegistry implements UserRegistry {
|
||||
public void registerUser(GaeUser newUser) {
|
||||
logger.debug("Attempting to create new user " + newUser);
|
||||
|
||||
Assert.state(!users.containsKey(newUser.getUserId()));
|
||||
Assert.isTrue(!users.containsKey(newUser.getUserId()), "user should not exist");
|
||||
|
||||
users.put(newUser.getUserId(), newUser);
|
||||
}
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-helloworld</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-helloworld</name>
|
||||
<description>spring-security-samples-xml-helloworld</description>
|
||||
@@ -67,13 +67,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-insecure</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-insecure</name>
|
||||
<description>spring-security-samples-xml-insecure</description>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-insecuremvc</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-insecuremvc</name>
|
||||
<description>spring-security-samples-xml-insecuremvc</description>
|
||||
@@ -91,7 +91,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-jaas</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-jaas</name>
|
||||
<description>spring-security-samples-xml-jaas</description>
|
||||
@@ -49,7 +49,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -107,19 +107,19 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-ldap</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-ldap</name>
|
||||
<description>spring-security-samples-xml-ldap</description>
|
||||
@@ -61,7 +61,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -128,19 +128,19 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-ldap</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-openid</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-openid</name>
|
||||
<description>spring-security-samples-xml-openid</description>
|
||||
@@ -49,13 +49,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-openid</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -103,13 +103,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-preauth</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-preauth</name>
|
||||
<description>spring-security-samples-xml-preauth</description>
|
||||
@@ -74,13 +74,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-servletapi</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-servletapi</name>
|
||||
<description>spring-security-samples-xml-servletapi</description>
|
||||
@@ -55,13 +55,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -118,13 +118,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-xml-tutorial</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-xml-tutorial</name>
|
||||
<description>spring-security-samples-xml-tutorial</description>
|
||||
@@ -55,7 +55,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -119,19 +119,19 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
@@ -21,7 +21,7 @@ public class BankServiceImpl implements BankService {
|
||||
private final BankDao bankDao;
|
||||
|
||||
public BankServiceImpl(BankDao bankDao) {
|
||||
Assert.notNull(bankDao);
|
||||
Assert.notNull(bankDao, "bankDao cannot be null");
|
||||
this.bankDao = bankDao;
|
||||
}
|
||||
|
||||
@@ -30,7 +30,7 @@ public class BankServiceImpl implements BankService {
|
||||
}
|
||||
|
||||
public Account post(Account account, double amount) {
|
||||
Assert.notNull(account);
|
||||
Assert.notNull(account, "account cannot be null");
|
||||
|
||||
// We read account back from DAO so it reflects the latest balance
|
||||
Account a = bankDao.readAccount(account.getId());
|
||||
|
||||
@@ -22,7 +22,7 @@ public class SeedData implements InitializingBean {
|
||||
private BankDao bankDao;
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
Assert.notNull(bankDao);
|
||||
Assert.notNull(bankDao, "bankDao cannot be null");
|
||||
bankDao.createOrUpdateAccount(new Account("rod"));
|
||||
bankDao.createOrUpdateAccount(new Account("dianne"));
|
||||
bankDao.createOrUpdateAccount(new Account("scott"));
|
||||
|
||||
@@ -29,7 +29,7 @@ public class ListAccounts implements Controller {
|
||||
private final BankService bankService;
|
||||
|
||||
public ListAccounts(BankService bankService) {
|
||||
Assert.notNull(bankService);
|
||||
Assert.notNull(bankService, "bankService cannot be null");
|
||||
this.bankService = bankService;
|
||||
}
|
||||
|
||||
|
||||
@@ -31,7 +31,7 @@ public class PostAccounts implements Controller {
|
||||
private final BankService bankService;
|
||||
|
||||
public PostAccounts(BankService bankService) {
|
||||
Assert.notNull(bankService);
|
||||
Assert.notNull(bankService, "bankService cannot be null");
|
||||
this.bankService = bankService;
|
||||
}
|
||||
|
||||
|
||||
+4
-4
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-taglibs</name>
|
||||
<description>spring-security-taglibs</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -45,19 +45,19 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-acl</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
+4
-4
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-test</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-test</name>
|
||||
<description>spring-security-test</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -45,13 +45,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -80,7 +80,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
+1
-1
@@ -286,7 +286,7 @@ public final class SecurityMockMvcRequestPostProcessors {
|
||||
private final X509Certificate[] certificates;
|
||||
|
||||
private X509RequestPostProcessor(X509Certificate... certificates) {
|
||||
Assert.notNull("X509Certificate cannot be null");
|
||||
Assert.notNull(certificates, "X509Certificate cannot be null");
|
||||
this.certificates = certificates;
|
||||
}
|
||||
|
||||
|
||||
+2
-2
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<name>spring-security-web</name>
|
||||
<description>spring-security-web</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -51,7 +51,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.2.1.RELEASE</version>
|
||||
<version>4.2.2.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
||||
+1
-1
@@ -84,7 +84,7 @@ public class AnonymousAuthenticationFilter extends GenericFilterBean implements
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.hasLength(key);
|
||||
Assert.hasLength(key, "key must have length");
|
||||
Assert.notNull(principal, "Anonymous authentication principal must be set");
|
||||
Assert.notNull(authorities, "Anonymous authorities must be set");
|
||||
}
|
||||
|
||||
+1
-1
@@ -54,7 +54,7 @@ public class PreAuthenticatedGrantedAuthoritiesUserDetailsService implements
|
||||
*/
|
||||
public final UserDetails loadUserDetails(PreAuthenticatedAuthenticationToken token)
|
||||
throws AuthenticationException {
|
||||
Assert.notNull(token.getDetails());
|
||||
Assert.notNull(token.getDetails(), "token.getDetails() cannot be null");
|
||||
Assert.isInstanceOf(GrantedAuthoritiesContainer.class, token.getDetails());
|
||||
Collection<? extends GrantedAuthority> authorities = ((GrantedAuthoritiesContainer) token
|
||||
.getDetails()).getGrantedAuthorities();
|
||||
|
||||
+2
-2
@@ -48,8 +48,8 @@ public class SessionFixationProtectionEvent extends AbstractAuthenticationEvent
|
||||
public SessionFixationProtectionEvent(Authentication authentication,
|
||||
String oldSessionId, String newSessionId) {
|
||||
super(authentication);
|
||||
Assert.hasLength(oldSessionId);
|
||||
Assert.hasLength(newSessionId);
|
||||
Assert.hasLength(oldSessionId, "oldSessionId must have length");
|
||||
Assert.hasLength(newSessionId, "newSessionId must have length");
|
||||
this.oldSessionId = oldSessionId;
|
||||
this.newSessionId = newSessionId;
|
||||
}
|
||||
|
||||
+2
-5
@@ -58,7 +58,6 @@ import org.springframework.security.web.authentication.SimpleUrlAuthenticationSu
|
||||
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
||||
import org.springframework.security.web.util.UrlUtils;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
/**
|
||||
@@ -494,10 +493,8 @@ public class SwitchUserFilter extends GenericFilterBean
|
||||
* @param switchFailureUrl the url to redirect to.
|
||||
*/
|
||||
public void setSwitchFailureUrl(String switchFailureUrl) {
|
||||
Assert.isTrue(
|
||||
StringUtils.hasText(this.switchUserUrl)
|
||||
&& UrlUtils.isValidRedirectUrl(switchFailureUrl),
|
||||
"switchFailureUrl cannot be empty and must be a valid redirect URL");
|
||||
Assert.isTrue(UrlUtils.isValidRedirectUrl(switchFailureUrl),
|
||||
"switchFailureUrl must be a valid redirect URL");
|
||||
this.switchFailureUrl = switchFailureUrl;
|
||||
}
|
||||
|
||||
|
||||
+40
-8
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2013 the original author or authors.
|
||||
* Copyright 2002-2017 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -15,14 +15,20 @@
|
||||
*/
|
||||
package org.springframework.security.web.header.writers;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.security.web.header.Header;
|
||||
import org.springframework.security.web.header.HeaderWriter;
|
||||
import org.springframework.util.ReflectionUtils;
|
||||
|
||||
/**
|
||||
* A {@link StaticHeadersWriter} that inserts headers to prevent caching. Specifically it
|
||||
* adds the following headers:
|
||||
* Inserts headers to prevent caching if no cache control headers have been specified.
|
||||
* Specifically it adds the following headers:
|
||||
* <ul>
|
||||
* <li>Cache-Control: no-cache, no-store, max-age=0, must-revalidate</li>
|
||||
* <li>Pragma: no-cache</li>
|
||||
@@ -32,21 +38,47 @@ import org.springframework.security.web.header.Header;
|
||||
* @author Rob Winch
|
||||
* @since 3.2
|
||||
*/
|
||||
public final class CacheControlHeadersWriter extends StaticHeadersWriter {
|
||||
public final class CacheControlHeadersWriter implements HeaderWriter {
|
||||
private static final String EXPIRES = "Expires";
|
||||
private static final String PRAGMA = "Pragma";
|
||||
private static final String CACHE_CONTROL = "Cache-Control";
|
||||
|
||||
private final Method getHeaderMethod;
|
||||
|
||||
private final HeaderWriter delegate;
|
||||
|
||||
/**
|
||||
* Creates a new instance
|
||||
*/
|
||||
public CacheControlHeadersWriter() {
|
||||
super(createHeaders());
|
||||
this.delegate = new StaticHeadersWriter(createHeaders());
|
||||
this.getHeaderMethod = ReflectionUtils.findMethod(HttpServletResponse.class,
|
||||
"getHeader", String.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void writeHeaders(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (hasHeader(response, CACHE_CONTROL) || hasHeader(response, EXPIRES)
|
||||
|| hasHeader(response, PRAGMA)) {
|
||||
return;
|
||||
}
|
||||
this.delegate.writeHeaders(request, response);
|
||||
}
|
||||
|
||||
private boolean hasHeader(HttpServletResponse response, String headerName) {
|
||||
if (this.getHeaderMethod == null) {
|
||||
return false;
|
||||
}
|
||||
return ReflectionUtils.invokeMethod(this.getHeaderMethod, response,
|
||||
headerName) != null;
|
||||
}
|
||||
|
||||
private static List<Header> createHeaders() {
|
||||
List<Header> headers = new ArrayList<Header>(2);
|
||||
headers.add(new Header("Cache-Control",
|
||||
headers.add(new Header(CACHE_CONTROL,
|
||||
"no-cache, no-store, max-age=0, must-revalidate"));
|
||||
headers.add(new Header("Pragma", "no-cache"));
|
||||
headers.add(new Header("Expires", "0"));
|
||||
headers.add(new Header(PRAGMA, "no-cache"));
|
||||
headers.add(new Header(EXPIRES, "0"));
|
||||
return headers;
|
||||
}
|
||||
}
|
||||
|
||||
+1
@@ -138,6 +138,7 @@ public class HttpSessionRequestCache implements RequestCache {
|
||||
* "SPRING_SECURITY_SAVED_REQUEST".
|
||||
*
|
||||
* @param sessionAttrName a new session attribute name.
|
||||
* @since 4.2.1
|
||||
*/
|
||||
public void setSessionAttrName(String sessionAttrName) {
|
||||
this.sessionAttrName = sessionAttrName;
|
||||
|
||||
@@ -68,8 +68,8 @@ public class RedirectUrlBuilder {
|
||||
public String getUrl() {
|
||||
StringBuilder sb = new StringBuilder();
|
||||
|
||||
Assert.notNull(scheme);
|
||||
Assert.notNull(serverName);
|
||||
Assert.notNull(scheme, "scheme cannot be null");
|
||||
Assert.notNull(serverName, "serverName cannot be null");
|
||||
|
||||
sb.append(scheme).append("://").append(serverName);
|
||||
|
||||
|
||||
@@ -129,7 +129,7 @@ public final class UrlUtils {
|
||||
* Returns true if the supplied URL starts with a "/" or is absolute.
|
||||
*/
|
||||
public static boolean isValidRedirectUrl(String url) {
|
||||
return url != null && url.startsWith("/") || isAbsoluteUrl(url);
|
||||
return url != null && (url.startsWith("/") || isAbsoluteUrl(url));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -137,6 +137,9 @@ public final class UrlUtils {
|
||||
* defined in RFC 1738.
|
||||
*/
|
||||
public static boolean isAbsoluteUrl(String url) {
|
||||
if(url == null) {
|
||||
return false;
|
||||
}
|
||||
final Pattern ABSOLUTE_URL = Pattern.compile("\\A[a-z0-9.+-]+://.*",
|
||||
Pattern.CASE_INSENSITIVE);
|
||||
|
||||
|
||||
+17
@@ -464,6 +464,23 @@ public class SwitchUserFilterTests {
|
||||
assertThat(switchAuthorityRole).isEqualTo(switchedFrom.getAuthority());
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
public void setSwitchFailureUrlWhenNullThenThrowException() {
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchFailureUrl(null);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
public void setSwitchFailureUrlWhenEmptyThenThrowException() {
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchFailureUrl("");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void setSwitchFailureUrlWhenValidThenNoException() {
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchFailureUrl("/foo");
|
||||
}
|
||||
// ~ Inner Classes
|
||||
// ==================================================================================================
|
||||
|
||||
|
||||
+83
-11
@@ -15,19 +15,32 @@
|
||||
*/
|
||||
package org.springframework.security.web.header.writers;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.powermock.core.classloader.annotations.PrepareOnlyThisForTest;
|
||||
import org.powermock.modules.junit4.PowerMockRunner;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.util.ReflectionUtils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.Matchers.anyString;
|
||||
import static org.mockito.Mockito.doThrow;
|
||||
import static org.mockito.Mockito.when;
|
||||
import static org.powermock.api.mockito.PowerMockito.spy;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
@RunWith(PowerMockRunner.class)
|
||||
@PrepareOnlyThisForTest(ReflectionUtils.class)
|
||||
public class CacheControlHeadersWriterTests {
|
||||
|
||||
private MockHttpServletRequest request;
|
||||
@@ -38,20 +51,79 @@ public class CacheControlHeadersWriterTests {
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
request = new MockHttpServletRequest();
|
||||
response = new MockHttpServletResponse();
|
||||
writer = new CacheControlHeadersWriter();
|
||||
this.request = new MockHttpServletRequest();
|
||||
this.response = new MockHttpServletResponse();
|
||||
this.writer = new CacheControlHeadersWriter();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void writeHeaders() {
|
||||
writer.writeHeaders(request, response);
|
||||
this.writer.writeHeaders(this.request, this.response);
|
||||
|
||||
assertThat(response.getHeaderNames().size()).isEqualTo(3);
|
||||
assertThat(response.getHeaderValues("Cache-Control")).isEqualTo(
|
||||
assertThat(this.response.getHeaderNames().size()).isEqualTo(3);
|
||||
assertThat(this.response.getHeaderValues("Cache-Control")).isEqualTo(
|
||||
Arrays.asList("no-cache, no-store, max-age=0, must-revalidate"));
|
||||
assertThat(response.getHeaderValues("Pragma")).isEqualTo(
|
||||
Arrays.asList("no-cache"));
|
||||
assertThat(response.getHeaderValues("Expires")).isEqualTo(Arrays.asList("0"));
|
||||
assertThat(this.response.getHeaderValues("Pragma"))
|
||||
.isEqualTo(Arrays.asList("no-cache"));
|
||||
assertThat(this.response.getHeaderValues("Expires"))
|
||||
.isEqualTo(Arrays.asList("0"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void writeHeadersServlet25() {
|
||||
spy(ReflectionUtils.class);
|
||||
when(ReflectionUtils.findMethod(HttpServletResponse.class, "getHeader",
|
||||
String.class)).thenReturn(null);
|
||||
this.response = spy(this.response);
|
||||
doThrow(NoSuchMethodError.class).when(this.response).getHeader(anyString());
|
||||
this.writer = new CacheControlHeadersWriter();
|
||||
|
||||
this.writer.writeHeaders(this.request, this.response);
|
||||
|
||||
assertThat(this.response.getHeaderNames().size()).isEqualTo(3);
|
||||
assertThat(this.response.getHeaderValues("Cache-Control")).isEqualTo(
|
||||
Arrays.asList("no-cache, no-store, max-age=0, must-revalidate"));
|
||||
assertThat(this.response.getHeaderValues("Pragma"))
|
||||
.isEqualTo(Arrays.asList("no-cache"));
|
||||
assertThat(this.response.getHeaderValues("Expires"))
|
||||
.isEqualTo(Arrays.asList("0"));
|
||||
}
|
||||
|
||||
// gh-2953
|
||||
@Test
|
||||
public void writeHeadersDisabledIfCacheControl() {
|
||||
this.response.setHeader("Cache-Control", "max-age: 123");
|
||||
|
||||
this.writer.writeHeaders(this.request, this.response);
|
||||
|
||||
assertThat(this.response.getHeaderNames()).hasSize(1);
|
||||
assertThat(this.response.getHeaderValues("Cache-Control"))
|
||||
.containsOnly("max-age: 123");
|
||||
assertThat(this.response.getHeaderValue("Pragma")).isNull();
|
||||
assertThat(this.response.getHeaderValue("Expires")).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void writeHeadersDisabledIfPragma() {
|
||||
this.response.setHeader("Pragma", "mock");
|
||||
|
||||
this.writer.writeHeaders(this.request, this.response);
|
||||
|
||||
assertThat(this.response.getHeaderNames()).hasSize(1);
|
||||
assertThat(this.response.getHeaderValues("Pragma")).containsOnly("mock");
|
||||
assertThat(this.response.getHeaderValue("Expires")).isNull();
|
||||
assertThat(this.response.getHeaderValue("Cache-Control")).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void writeHeadersDisabledIfExpires() {
|
||||
this.response.setHeader("Expires", "mock");
|
||||
|
||||
this.writer.writeHeaders(this.request, this.response);
|
||||
|
||||
assertThat(this.response.getHeaderNames()).hasSize(1);
|
||||
assertThat(this.response.getHeaderValues("Expires")).containsOnly("mock");
|
||||
assertThat(this.response.getHeaderValue("Cache-Control")).isNull();
|
||||
assertThat(this.response.getHeaderValue("Pragma")).isNull();
|
||||
}
|
||||
}
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user