1
0
mirror of synced 2026-07-12 14:20:11 +00:00

Compare commits

...

23 Commits

Author SHA1 Message Date
Spring Buildmaster 081f0c4d94 Release version 4.2.2.RELEASE 2017-03-02 07:29:42 +00:00
Rob Winch 247f54dc41 Fix SwitchUserFilter.setSwitchFailureUrl assertion
Fixes gh-4198
2017-03-02 00:47:09 -06:00
Rob Winch 017e9834bd Fix NPE in UrlUtils with null url
Fixes gh-4233
2017-03-02 00:46:01 -06:00
Rob Winch 49719480a8 Fix configuration-source-ref doc
Fixes gh-4200
2017-03-02 00:25:51 -06:00
Rob Winch f3edaa673a Fix SecurityNamespaceHandler Version Error Message
Fixes gh-4210
2017-03-02 00:25:51 -06:00
pkovacs f99fe36e02 Refer to SimpleGrantedAuthority instead of GrantedAuthorityImpl
GrantedAuthorityImpl has been replaced a couple of years ago with
SimpleGrantedAuthority and this commit fixes the documentation items
which weren’t updated to reflect this change.

Fixes gh-4163.
2017-03-02 00:09:14 -06:00
Joris Kuipers 546d44d6e7 Fix NPE in WebSocketMessageBrokerSecurityBeanDefinitionParser
Fixes gh-4112
Closes gh-4194
2017-03-01 23:58:02 -06:00
stonio 901a4e183a Update SecurityContextHolder.java
Use StringUtils.hasText
2017-03-01 23:54:04 -06:00
Artyom Kosykh 72d08a2a5f Fix index.adoc typo 2017-03-01 23:45:50 -06:00
Kazuki Miyahara 2ac51c9c7f Fix class name in comment 2017-03-01 23:31:32 -06:00
Rob Winch b64cdb5765 Fix RoleHiearchyUtilsTests on Windows
Fixes gh-4228
2017-03-01 23:27:11 -06:00
pkovacs aa31f1f695 Update required JDK version to JDK8
Fixes gh-4154.
2017-03-01 23:18:50 -06:00
Eddú Meléndez 8353984733 Fix warning from spring-boot plugin 2017-03-01 23:13:56 -06:00
SendilKumar N c31bdb6390 SCryptPasswordEncoder to take default keyLength value
Fixes gh-4225
Closes gh-4231
2017-03-01 23:11:52 -06:00
Rob Winch 168f4b8f70 Prevent Duplicate Cache Headers
Fixes gh-4199
2017-03-01 16:14:12 -06:00
Rob Winch 9c03571bbb Use message in all Assert
This ensures compatibility with Spring 5.

Fixes gh-4193
2017-01-30 19:58:24 -06:00
Rob Winch 4c79107e01 Force mockito-core version 2017-01-09 15:30:50 -06:00
Rob Winch 3f543d0fbd Use anyListOf
Fixes compatability with Spring IO Cairo
2017-01-09 13:08:45 -06:00
Rob Winch 08104eb06c Add eclipseConfiguration Gradle task 2017-01-05 11:43:33 -06:00
Rob Winch b54d350e54 AspectJ fixes for Spring IO 2017-01-05 11:43:33 -06:00
Rob Winch b5e0886bde update to spring-io-plugin:0.0.6
- Update spring-io-plugin
- Update Spring Boot because spring-io-plugin now requires
  non passive dependency management plugin
2017-01-05 11:42:48 -06:00
Kazuki Shimizu 38492a5794 Add since version in javadoc
Issue: gh-4130
2016-12-21 16:12:39 -06:00
Spring Buildmaster b7541d56d0 Next development version 2016-12-21 17:23:37 +00:00
101 changed files with 567 additions and 386 deletions
+2 -2
View File
@@ -29,9 +29,9 @@ In the instructions below, http://vimeo.com/34436402[`./gradlew`] is invoked fro
a cross-platform, self-contained bootstrap mechanism for the build.
=== Prerequisites
http://help.github.com/set-up-git-redirect[Git] and the http://www.oracle.com/technetwork/java/javase/downloads[JDK7 build].
http://help.github.com/set-up-git-redirect[Git] and the http://www.oracle.com/technetwork/java/javase/downloads[JDK8 build].
Be sure that your `JAVA_HOME` environment variable points to the `jdk1.7.0` folder extracted from the JDK download.
Be sure that your `JAVA_HOME` environment variable points to the `jdk1.8.0` folder extracted from the JDK download.
=== Check out sources
[indent=0]
+2 -2
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-acl</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-acl</name>
<description>spring-security-acl</description>
<url>http://spring.io/spring-security</url>
@@ -51,7 +51,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -26,6 +26,8 @@ import org.springframework.security.acls.model.Acl;
import org.springframework.security.acls.model.AclService;
import org.springframework.security.acls.model.ObjectIdentity;
import org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy;
import org.springframework.security.acls.model.Permission;
import org.springframework.security.acls.model.Sid;
import org.springframework.security.acls.model.SidRetrievalStrategy;
import org.springframework.security.core.Authentication;
@@ -37,7 +39,6 @@ import org.springframework.security.core.Authentication;
public class AclPermissionEvaluatorTests {
@Test
@SuppressWarnings("unchecked")
public void hasPermissionReturnsTrueIfAclGrantsPermission() throws Exception {
AclService service = mock(AclService.class);
AclPermissionEvaluator pe = new AclPermissionEvaluator(service);
@@ -48,8 +49,8 @@ public class AclPermissionEvaluatorTests {
pe.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class));
Acl acl = mock(Acl.class);
when(service.readAclById(any(ObjectIdentity.class), anyList())).thenReturn(acl);
when(acl.isGranted(anyList(), anyList(), eq(false))).thenReturn(true);
when(service.readAclById(any(ObjectIdentity.class), anyListOf(Sid.class))).thenReturn(acl);
when(acl.isGranted(anyListOf(Permission.class), anyListOf(Sid.class), eq(false))).thenReturn(true);
assertThat(pe.hasPermission(mock(Authentication.class), new Object(), "READ")).isTrue();
}
@@ -68,8 +69,8 @@ public class AclPermissionEvaluatorTests {
pe.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class));
Acl acl = mock(Acl.class);
when(service.readAclById(any(ObjectIdentity.class), anyList())).thenReturn(acl);
when(acl.isGranted(anyList(), anyList(), eq(false))).thenReturn(true);
when(service.readAclById(any(ObjectIdentity.class), anyListOf(Sid.class))).thenReturn(acl);
when(acl.isGranted(anyListOf(Permission.class), anyListOf(Sid.class), eq(false))).thenReturn(true);
assertThat(pe.hasPermission(mock(Authentication.class), new Object(), "write")).isTrue();
+2 -2
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-aspects</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-aspects</name>
<description>spring-security-aspects</description>
<url>http://spring.io/spring-security</url>
@@ -45,7 +45,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+8 -3
View File
@@ -1,15 +1,16 @@
buildscript {
repositories {
maven { url "https://repo.spring.io/plugins-release" }
maven { url "https://repo.spring.io/plugins-snapshot" }
}
dependencies {
classpath("org.springframework.build.gradle:propdeps-plugin:0.0.7")
classpath("io.spring.gradle:spring-io-plugin:0.0.5.RELEASE")
classpath("io.spring.gradle:spring-io-plugin:0.0.6.RELEASE")
classpath("com.bmuschko:gradle-tomcat-plugin:2.2.4")
classpath('me.champeau.gradle:gradle-javadoc-hotfix-plugin:0.1')
classpath('org.asciidoctor:asciidoctor-gradle-plugin:1.5.1')
classpath("io.spring.gradle:docbook-reference-plugin:0.3.1")
classpath("org.springframework.boot:spring-boot-gradle-plugin:1.4.0.RELEASE")
classpath("org.springframework.boot:spring-boot-gradle-plugin:1.5.0.BUILD-SNAPSHOT")
}
}
@@ -114,7 +115,11 @@ configure(coreModuleProjects) {
dependencyManagement {
springIoTestRuntime {
imports {
mavenBom "io.spring.platform:platform-bom:${springIoVersion}"
mavenBom("io.spring.platform:platform-bom:${springIoVersion}") {
bomProperties([
'mockito.version': '1.10.19'
])
}
}
}
}
@@ -4,12 +4,13 @@ import org.gradle.api.Project
import org.gradle.api.Plugin
import org.gradle.api.tasks.TaskAction
import org.gradle.api.logging.LogLevel
import org.gradle.api.file.FileCollection
import org.gradle.api.file.*
import org.gradle.api.tasks.SourceSet
import org.gradle.api.DefaultTask
import org.gradle.api.GradleException
import org.gradle.api.plugins.JavaPlugin
import org.gradle.api.tasks.compile.JavaCompile
import org.gradle.plugins.ide.eclipse.GenerateEclipseProject
import org.gradle.plugins.ide.eclipse.GenerateEclipseClasspath
import org.gradle.plugins.ide.eclipse.EclipsePlugin
@@ -41,28 +42,25 @@ class AspectJPlugin implements Plugin<Project> {
project.configurations.create('aspectpath')
}
project.tasks.create(name: 'compileAspect', overwrite: true, description: 'Compiles AspectJ Source', type: Ajc) {
dependsOn project.configurations*.getTaskDependencyFromProjectDependency(true, "compileJava")
project.tasks.withType(JavaCompile) { javaCompileTask ->
def javaCompileTaskName = javaCompileTask.name
def ajCompileTask = project.tasks.create(name: javaCompileTaskName + 'Aspect', overwrite: true, description: 'Compiles AspectJ Source', type: Ajc) {
inputs.files(javaCompileTask.inputs.files)
inputs.properties(javaCompileTask.inputs.properties)
sourceRoots.addAll(project.sourceSets.main.java.srcDirs)
if(javaCompileTaskName.contains("Test")) {
sourceRoots.addAll(project.sourceSets.test.java.srcDirs)
}
compileClasspath = javaCompileTask.classpath
destinationDir = javaCompileTask.destinationDir
aspectPath = project.configurations.aspectpath
}
javaCompileTask.deleteAllActions()
javaCompileTask.dependsOn ajCompileTask
dependsOn project.processResources
sourceSet = project.sourceSets.main
inputs.files(sourceSet.allSource)
outputs.dir(sourceSet.output.classesDir)
aspectPath = project.configurations.aspectpath
}
project.tasks.compileJava.deleteAllActions()
project.tasks.compileJava.dependsOn project.tasks.compileAspect
project.tasks.create(name: 'compileTestAspect', overwrite: true, description: 'Compiles AspectJ Test Source', type: Ajc) {
dependsOn project.processTestResources, project.compileJava, project.jar
sourceSet = project.sourceSets.test
inputs.files(sourceSet.allSource)
outputs.dir(sourceSet.output.classesDir)
aspectPath = project.files(project.configurations.aspectpath, project.jar.archivePath)
}
project.tasks.compileTestJava.deleteAllActions()
project.tasks.compileTestJava.dependsOn project.tasks.compileTestAspect
project.tasks.withType(GenerateEclipseProject) {
project.eclipse.project.file.whenMerged { p ->
@@ -91,7 +89,9 @@ class AspectJPlugin implements Plugin<Project> {
}
class Ajc extends DefaultTask {
SourceSet sourceSet
Set<File> sourceRoots = []
FileCollection compileClasspath
File destinationDir
FileCollection aspectPath
Ajc() {
@@ -103,15 +103,18 @@ class Ajc extends DefaultTask {
logger.info("="*30)
logger.info("="*30)
logger.info("Running ajc ...")
logger.info("classpath: ${sourceSet.compileClasspath.asPath}")
logger.info("srcDirs $sourceSet.java.srcDirs")
logger.info("classpath: ${compileClasspath?.files}")
logger.info("srcDirs ${sourceRoots}")
ant.taskdef(resource: "org/aspectj/tools/ant/taskdefs/aspectjTaskdefs.properties", classpath: project.configurations.ajtools.asPath)
ant.iajc(classpath: sourceSet.compileClasspath.asPath, fork: 'true', destDir: sourceSet.output.classesDir.absolutePath,
if(sourceRoots.empty) {
return
}
ant.iajc(classpath: compileClasspath.asPath, fork: 'true', destDir: destinationDir.absolutePath,
source: project.convention.plugins.java.sourceCompatibility,
target: project.convention.plugins.java.targetCompatibility,
aspectPath: aspectPath.asPath, sourceRootCopyFilter: '**/*.java', showWeaveInfo: 'true') {
sourceroots {
sourceSet.java.srcDirs.each {
sourceRoots.each {
logger.info(" sourceRoot $it")
pathelement(location: it.absolutePath)
}
+3 -3
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-cas</name>
<description>spring-security-cas</description>
<url>http://spring.io/spring-security</url>
@@ -51,13 +51,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -132,7 +132,7 @@ final class DefaultServiceAuthenticationDetails extends WebAuthenticationDetails
* @return
*/
static Pattern createArtifactPattern(String artifactParameterName) {
Assert.hasLength(artifactParameterName);
Assert.hasLength(artifactParameterName, "artifactParameterName is expected to have a length");
return Pattern.compile("&?" + Pattern.quote(artifactParameterName) + "=[^&]*");
}
+8 -8
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-config</name>
<description>spring-security-config</description>
<url>http://spring.io/spring-security</url>
@@ -51,7 +51,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -97,28 +97,28 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-messaging</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-openid</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
@@ -365,13 +365,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-aspects</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
@@ -86,7 +86,7 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
if (!namespaceMatchesVersion(element)) {
pc.getReaderContext()
.fatal("You cannot use a spring-security-2.0.xsd or spring-security-3.0.xsd or spring-security-3.1.xsd schema or spring-security-3.2.xsd schema or spring-security-4.0.xsd schema "
+ "with Spring Security 4.1. Please update your schema declarations to the 4.1 schema.",
+ "with Spring Security 4.2. Please update your schema declarations to the 4.2 schema.",
element);
}
String name = pc.getDelegate().getLocalName(element);
@@ -481,7 +481,7 @@ final class AuthenticationConfigBuilder {
SimpleAttributes2GrantedAuthoritiesMapper.class));
String roles = jeeElt.getAttribute(ATT_MAPPABLE_ROLES);
Assert.state(StringUtils.hasText(roles));
Assert.hasLength(roles, "roles is expected to have length");
BeanDefinitionBuilder rolesBuilder = BeanDefinitionBuilder
.rootBeanDefinition(StringUtils.class);
rolesBuilder.addConstructorArgValue(roles);
@@ -194,7 +194,7 @@ public class FilterInvocationSecurityMetadataSourceParser implements BeanDefinit
logger.info("Creating access control expression attribute '" + access
+ "' for " + path);
// The single expression will be parsed later by the
// ExpressionFilterInvocationSecurityMetadataSource
// ExpressionBasedFilterInvocationSecurityMetadataSource
attributeBuilder.addConstructorArgValue(new String[] { access });
attributeBuilder.setFactoryMethod("createList");
@@ -163,7 +163,7 @@ final class ProtectPointcutPostProcessor implements BeanPostProcessor {
}
public void setPointcutMap(Map<String, List<ConfigAttribute>> map) {
Assert.notEmpty(map);
Assert.notEmpty(map, "configAttributes cannot be empty");
for (String expression : map.keySet()) {
List<ConfigAttribute> value = map.get(expression);
addPointcut(expression, value);
@@ -255,8 +255,8 @@ public final class WebSocketMessageBrokerSecurityBeanDefinitionParser implements
for (String beanName : beanNames) {
BeanDefinition bd = registry.getBeanDefinition(beanName);
String beanClassName = bd.getBeanClassName();
if (beanClassName.equals(SimpAnnotationMethodMessageHandler.class
.getName()) || beanClassName.equals(WEB_SOCKET_AMMH_CLASS_NAME)) {
if (SimpAnnotationMethodMessageHandler.class.getName().equals(beanClassName) ||
WEB_SOCKET_AMMH_CLASS_NAME.equals(beanClassName)) {
PropertyValue current = bd.getPropertyValues().getPropertyValue(
CUSTOM_ARG_RESOLVERS_PROP);
ManagedList<Object> argResolvers = new ManagedList<Object>();
@@ -275,16 +275,16 @@ public final class WebSocketMessageBrokerSecurityBeanDefinitionParser implements
}
}
}
else if (beanClassName
.equals("org.springframework.web.socket.server.support.WebSocketHttpRequestHandler")) {
else if ("org.springframework.web.socket.server.support.WebSocketHttpRequestHandler"
.equals(beanClassName)) {
addCsrfTokenHandshakeInterceptor(bd);
}
else if (beanClassName
.equals("org.springframework.web.socket.sockjs.transport.TransportHandlingSockJsService")) {
else if ("org.springframework.web.socket.sockjs.transport.TransportHandlingSockJsService"
.equals(beanClassName)) {
addCsrfTokenHandshakeInterceptor(bd);
}
else if (beanClassName
.equals("org.springframework.web.socket.sockjs.transport.handler.DefaultSockJsService")) {
else if ("org.springframework.web.socket.sockjs.transport.handler.DefaultSockJsService"
.equals(beanClassName)) {
addCsrfTokenHandshakeInterceptor(bd);
}
}
@@ -0,0 +1,34 @@
/*
* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.config.websocket;
import org.junit.Test;
import org.springframework.beans.factory.support.BeanDefinitionRegistry;
import org.springframework.beans.factory.support.GenericBeanDefinition;
import org.springframework.beans.factory.support.SimpleBeanDefinitionRegistry;
public class MessageSecurityPostProcessorTest {
private WebSocketMessageBrokerSecurityBeanDefinitionParser.MessageSecurityPostProcessor postProcessor =
new WebSocketMessageBrokerSecurityBeanDefinitionParser.MessageSecurityPostProcessor("id", false);
@Test
public void handlesBeansWithoutClass() {
BeanDefinitionRegistry registry = new SimpleBeanDefinitionRegistry();
registry.registerBeanDefinition("beanWithoutClass", new GenericBeanDefinition());
postProcessor.postProcessBeanDefinitionRegistry(registry);
}
}
+1 -1
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-core</name>
<description>spring-security-core</description>
<url>http://spring.io/spring-security</url>
@@ -49,7 +49,7 @@ public class SecuredAnnotationSecurityMetadataSource extends
public SecuredAnnotationSecurityMetadataSource(
AnnotationMetadataExtractor annotationMetadataExtractor) {
Assert.notNull(annotationMetadataExtractor);
Assert.notNull(annotationMetadataExtractor, "annotationMetadataExtractor cannot be null");
annotationExtractor = annotationMetadataExtractor;
annotationType = (Class<? extends Annotation>) GenericTypeResolver
.resolveTypeArgument(annotationExtractor.getClass(),
@@ -41,7 +41,7 @@ public class RememberMeAuthenticationProvider implements AuthenticationProvider,
private String key;
public RememberMeAuthenticationProvider(String key) {
Assert.hasLength(key);
Assert.hasLength(key, "key must have a length");
this.key = key;
}
@@ -45,7 +45,7 @@ public class InteractiveAuthenticationSuccessEvent extends AbstractAuthenticatio
public InteractiveAuthenticationSuccessEvent(Authentication authentication,
Class<?> generatedBy) {
super(authentication);
Assert.notNull(generatedBy);
Assert.notNull(generatedBy, "generatedBy cannot be null");
this.generatedBy = generatedBy;
}
@@ -17,6 +17,7 @@
package org.springframework.security.core.context;
import org.springframework.util.ReflectionUtils;
import org.springframework.util.StringUtils;
import java.lang.reflect.Constructor;
@@ -93,7 +94,7 @@ public class SecurityContextHolder {
}
private static void initialize() {
if ((strategyName == null) || "".equals(strategyName)) {
if (!StringUtils.hasText(strategyName)) {
// Set default
strategyName = MODE_THREADLOCAL;
}
@@ -76,7 +76,7 @@ public class InMemoryUserDetailsManager implements UserDetailsManager {
}
public void createUser(UserDetails user) {
Assert.isTrue(!userExists(user.getUsername()));
Assert.isTrue(!userExists(user.getUsername()), "user should not exist");
users.put(user.getUsername().toLowerCase(), new MutableUser(user));
}
@@ -86,7 +86,7 @@ public class InMemoryUserDetailsManager implements UserDetailsManager {
}
public void updateUser(UserDetails user) {
Assert.isTrue(userExists(user.getUsername()));
Assert.isTrue(userExists(user.getUsername()), "user should exist");
users.put(user.getUsername().toLowerCase(), new MutableUser(user));
}
@@ -258,15 +258,15 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
}
public List<String> findUsersInGroup(String groupName) {
Assert.hasText(groupName);
Assert.hasText(groupName, "groupName should have text");
return getJdbcTemplate().queryForList(findUsersInGroupSql,
new String[] { groupName }, String.class);
}
public void createGroup(final String groupName,
final List<GrantedAuthority> authorities) {
Assert.hasText(groupName);
Assert.notNull(authorities);
Assert.hasText(groupName, "groupName should have text");
Assert.notNull(authorities, "authorities cannot be null");
logger.debug("Creating new group '" + groupName + "' with authorities "
+ AuthorityUtils.authorityListToSet(authorities));
@@ -289,7 +289,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
public void deleteGroup(String groupName) {
logger.debug("Deleting group '" + groupName + "'");
Assert.hasText(groupName);
Assert.hasText(groupName, "groupName should have text");
final int id = findGroupId(groupName);
PreparedStatementSetter groupIdPSS = new PreparedStatementSetter() {
@@ -304,16 +304,16 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
public void renameGroup(String oldName, String newName) {
logger.debug("Changing group name from '" + oldName + "' to '" + newName + "'");
Assert.hasText(oldName);
Assert.hasText(newName);
Assert.hasText(oldName,"oldName should have text");;
Assert.hasText(newName,"newName should have text");;
getJdbcTemplate().update(renameGroupSql, newName, oldName);
}
public void addUserToGroup(final String username, final String groupName) {
logger.debug("Adding user '" + username + "' to group '" + groupName + "'");
Assert.hasText(username);
Assert.hasText(groupName);
Assert.hasText(username,"username should have text");;
Assert.hasText(groupName,"groupName should have text");;
final int id = findGroupId(groupName);
getJdbcTemplate().update(insertGroupMemberSql, new PreparedStatementSetter() {
@@ -328,8 +328,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
public void removeUserFromGroup(final String username, final String groupName) {
logger.debug("Removing user '" + username + "' to group '" + groupName + "'");
Assert.hasText(username);
Assert.hasText(groupName);
Assert.hasText(username,"username should have text");;
Assert.hasText(groupName,"groupName should have text");;
final int id = findGroupId(groupName);
@@ -345,7 +345,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
public List<GrantedAuthority> findGroupAuthorities(String groupName) {
logger.debug("Loading authorities for group '" + groupName + "'");
Assert.hasText(groupName);
Assert.hasText(groupName,"groupName should have text");;
return getJdbcTemplate().query(groupAuthoritiesSql, new String[] { groupName },
new RowMapper<GrantedAuthority>() {
@@ -361,8 +361,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
public void removeGroupAuthority(String groupName, final GrantedAuthority authority) {
logger.debug("Removing authority '" + authority + "' from group '" + groupName
+ "'");
Assert.hasText(groupName);
Assert.notNull(authority);
Assert.hasText(groupName,"groupName should have text");
Assert.notNull(authority, "authority cannot be null");
final int id = findGroupId(groupName);
@@ -377,8 +377,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
public void addGroupAuthority(final String groupName, final GrantedAuthority authority) {
logger.debug("Adding authority '" + authority + "' to group '" + groupName + "'");
Assert.hasText(groupName);
Assert.notNull(authority);
Assert.hasText(groupName,"groupName should have text");;
Assert.notNull(authority, "authority cannot be null");
final int id = findGroupId(groupName);
getJdbcTemplate().update(insertGroupAuthoritySql, new PreparedStatementSetter() {
@@ -398,102 +398,102 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
}
public void setCreateUserSql(String createUserSql) {
Assert.hasText(createUserSql);
Assert.hasText(createUserSql,"createUserSql should have text");;
this.createUserSql = createUserSql;
}
public void setDeleteUserSql(String deleteUserSql) {
Assert.hasText(deleteUserSql);
Assert.hasText(deleteUserSql,"deleteUserSql should have text");;
this.deleteUserSql = deleteUserSql;
}
public void setUpdateUserSql(String updateUserSql) {
Assert.hasText(updateUserSql);
Assert.hasText(updateUserSql,"updateUserSql should have text");;
this.updateUserSql = updateUserSql;
}
public void setCreateAuthoritySql(String createAuthoritySql) {
Assert.hasText(createAuthoritySql);
Assert.hasText(createAuthoritySql,"createAuthoritySql should have text");;
this.createAuthoritySql = createAuthoritySql;
}
public void setDeleteUserAuthoritiesSql(String deleteUserAuthoritiesSql) {
Assert.hasText(deleteUserAuthoritiesSql);
Assert.hasText(deleteUserAuthoritiesSql,"deleteUserAuthoritiesSql should have text");;
this.deleteUserAuthoritiesSql = deleteUserAuthoritiesSql;
}
public void setUserExistsSql(String userExistsSql) {
Assert.hasText(userExistsSql);
Assert.hasText(userExistsSql,"userExistsSql should have text");;
this.userExistsSql = userExistsSql;
}
public void setChangePasswordSql(String changePasswordSql) {
Assert.hasText(changePasswordSql);
Assert.hasText(changePasswordSql,"changePasswordSql should have text");;
this.changePasswordSql = changePasswordSql;
}
public void setFindAllGroupsSql(String findAllGroupsSql) {
Assert.hasText(findAllGroupsSql);
Assert.hasText(findAllGroupsSql,"findAllGroupsSql should have text");;
this.findAllGroupsSql = findAllGroupsSql;
}
public void setFindUsersInGroupSql(String findUsersInGroupSql) {
Assert.hasText(findUsersInGroupSql);
Assert.hasText(findUsersInGroupSql,"findUsersInGroupSql should have text");;
this.findUsersInGroupSql = findUsersInGroupSql;
}
public void setInsertGroupSql(String insertGroupSql) {
Assert.hasText(insertGroupSql);
Assert.hasText(insertGroupSql,"insertGroupSql should have text");;
this.insertGroupSql = insertGroupSql;
}
public void setFindGroupIdSql(String findGroupIdSql) {
Assert.hasText(findGroupIdSql);
Assert.hasText(findGroupIdSql,"findGroupIdSql should have text");;
this.findGroupIdSql = findGroupIdSql;
}
public void setInsertGroupAuthoritySql(String insertGroupAuthoritySql) {
Assert.hasText(insertGroupAuthoritySql);
Assert.hasText(insertGroupAuthoritySql,"insertGroupAuthoritySql should have text");;
this.insertGroupAuthoritySql = insertGroupAuthoritySql;
}
public void setDeleteGroupSql(String deleteGroupSql) {
Assert.hasText(deleteGroupSql);
Assert.hasText(deleteGroupSql,"deleteGroupSql should have text");;
this.deleteGroupSql = deleteGroupSql;
}
public void setDeleteGroupAuthoritiesSql(String deleteGroupAuthoritiesSql) {
Assert.hasText(deleteGroupAuthoritiesSql);
Assert.hasText(deleteGroupAuthoritiesSql,"deleteGroupAuthoritiesSql should have text");;
this.deleteGroupAuthoritiesSql = deleteGroupAuthoritiesSql;
}
public void setDeleteGroupMembersSql(String deleteGroupMembersSql) {
Assert.hasText(deleteGroupMembersSql);
Assert.hasText(deleteGroupMembersSql,"deleteGroupMembersSql should have text");;
this.deleteGroupMembersSql = deleteGroupMembersSql;
}
public void setRenameGroupSql(String renameGroupSql) {
Assert.hasText(renameGroupSql);
Assert.hasText(renameGroupSql,"renameGroupSql should have text");;
this.renameGroupSql = renameGroupSql;
}
public void setInsertGroupMemberSql(String insertGroupMemberSql) {
Assert.hasText(insertGroupMemberSql);
Assert.hasText(insertGroupMemberSql,"insertGroupMemberSql should have text");;
this.insertGroupMemberSql = insertGroupMemberSql;
}
public void setDeleteGroupMemberSql(String deleteGroupMemberSql) {
Assert.hasText(deleteGroupMemberSql);
Assert.hasText(deleteGroupMemberSql,"deleteGroupMemberSql should have text");;
this.deleteGroupMemberSql = deleteGroupMemberSql;
}
public void setGroupAuthoritiesSql(String groupAuthoritiesSql) {
Assert.hasText(groupAuthoritiesSql);
Assert.hasText(groupAuthoritiesSql,"groupAuthoritiesSql should have text");;
this.groupAuthoritiesSql = groupAuthoritiesSql;
}
public void setDeleteGroupAuthoritySql(String deleteGroupAuthoritySql) {
Assert.hasText(deleteGroupAuthoritySql);
Assert.hasText(deleteGroupAuthoritySql,"deleteGroupAuthoritySql should have text");;
this.deleteGroupAuthoritySql = deleteGroupAuthoritySql;
}
@@ -52,7 +52,7 @@ public class InMemoryResource extends AbstractResource {
}
public InMemoryResource(byte[] source, String description) {
Assert.notNull(source);
Assert.notNull(source, "source cannot be null");
this.source = source;
this.description = description;
}
@@ -74,7 +74,7 @@ public abstract class HierarchicalRolesTestHelper {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(roles.length);
for (final String role : roles) {
// Use non GrantedAuthorityImpl (SEC-863)
// Use non SimpleGrantedAuthority (SEC-863)
authorities.add(new GrantedAuthority() {
public String getAuthority() {
return role;
@@ -28,10 +28,16 @@ import static org.assertj.core.api.Assertions.assertThat;
* @author Joe Grandja
*/
public class RoleHierarchyUtilsTests {
private static final String EOL = System.lineSeparator();
@Test
public void roleHierarchyFromMapWhenMapValidThenConvertsCorrectly() throws Exception {
String expectedRoleHierarchy = "ROLE_A > ROLE_B\nROLE_A > ROLE_C\nROLE_B > ROLE_D\nROLE_C > ROLE_D\n";
// @formatter:off
String expectedRoleHierarchy = "ROLE_A > ROLE_B" + EOL +
"ROLE_A > ROLE_C" + EOL +
"ROLE_B > ROLE_D" + EOL +
"ROLE_C > ROLE_D" + EOL;
// @formatter:on
Map<String, List<String>> roleHierarchyMap = new TreeMap<String, List<String>>();
roleHierarchyMap.put("ROLE_A", asList("ROLE_B", "ROLE_C"));
+1 -1
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-crypto</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-crypto</name>
<description>spring-security-crypto</description>
<url>http://spring.io/spring-security</url>
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2016 the original author or authors.
* Copyright 2002-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -163,7 +163,7 @@ public class SCryptPasswordEncoder implements PasswordEncoder {
}
private String digest(CharSequence rawPassword, byte[] salt) {
byte[] derived = SCrypt.generate(Utf8.encode(rawPassword), salt, cpuCost, memoryCost, parallelization, 32);
byte[] derived = SCrypt.generate(Utf8.encode(rawPassword), salt, cpuCost, memoryCost, parallelization, keyLength);
String params = Long
.toString(((int) (Math.log(cpuCost) / Math.log(2)) << 16L) | memoryCost << 8 | parallelization, 16);
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2016 the original author or authors.
* Copyright 2002-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -65,7 +65,7 @@ public class SCryptPasswordEncoderTests {
@Test
public void samePasswordWithDifferentParams() {
SCryptPasswordEncoder oldEncoder = new SCryptPasswordEncoder(512, 8, 4, 64, 16);
SCryptPasswordEncoder oldEncoder = new SCryptPasswordEncoder(16384, 8, 1, 32,64);
SCryptPasswordEncoder newEncoder = new SCryptPasswordEncoder();
String password = "secret";
+2 -2
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-data</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-data</name>
<description>spring-security-data</description>
<url>http://spring.io/spring-security</url>
@@ -51,7 +51,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -431,7 +431,7 @@ To use JDBC instead, you can implement the interface yourself, using whatever SQ
* prefix "ROLE_" to mark attributes which are supported by Spring Security's RoleVoter.
*/
public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException {
return new GrantedAuthorityImpl("ROLE_" + rs.getString(1);
return new SimpleGrantedAuthority("ROLE_" + rs.getString(1);
}
}
}
+4 -4
View File
@@ -2777,7 +2777,7 @@ It's also possible to supply a custom `AccessDeniedHandler` when you're using th
[[request-caching]]
==== SavedRequest s and the RequestCache Interface
Another responsibility of `ExceptionTranslationFilter` responsibilities is to save the current request before invoking the `AuthenticationEntryPoint`. This allows the request to be restored after the use has authenticated (see previous overview of <<tech-intro-web-authentication,web authentication>>). A typical example would be where the user logs in with a form, and is then redirected to the original URL by the default `SavedRequestAwareAuthenticationSuccessHandler` (see <<form-login-flow-handling,below>>).
Another responsibility of `ExceptionTranslationFilter` responsibilities is to save the current request before invoking the `AuthenticationEntryPoint`. This allows the request to be restored after the user has authenticated (see previous overview of <<tech-intro-web-authentication,web authentication>>). A typical example would be where the user logs in with a form, and is then redirected to the original URL by the default `SavedRequestAwareAuthenticationSuccessHandler` (see <<form-login-flow-handling,below>>).
The `RequestCache` encapsulates the functionality required for storing and retrieving `HttpServletRequest` instances. By default the `HttpSessionRequestCache` is used, which stores the request in the `HttpSession`. The `RequestCacheFilter` has the job of actually restoring the saved request from the cache when the user is redirected to the original URL.
@@ -4788,7 +4788,7 @@ This method allows
An example of a "complex" `GrantedAuthority` would be an implementation that stores a list of operations and authority thresholds that apply to different customer account numbers. Representing this complex `GrantedAuthority` as a `String` would be quite difficult, and as a result the `getAuthority()` method should return `null`. This will indicate to any `AccessDecisionManager` that it will need to specifically support the `GrantedAuthority` implementation in order to understand its contents.
Spring Security includes one concrete `GrantedAuthority` implementation, `GrantedAuthorityImpl`. This allows any user-specified `String` to be converted into a `GrantedAuthority`. All `AuthenticationProvider` s included with the security architecture use `GrantedAuthorityImpl` to populate the `Authentication` object.
Spring Security includes one concrete `GrantedAuthority` implementation, `SimpleGrantedAuthority`. This allows any user-specified `String` to be converted into a `GrantedAuthority`. All `AuthenticationProvider` s included with the security architecture use `SimpleGrantedAuthority` to populate the `Authentication` object.
[[authz-pre-invocation]]
@@ -6554,7 +6554,7 @@ boolean supports(Class clazz);
The first method returns the `Authentication` object that should replace the existing `Authentication` object for the duration of the method invocation. If the method returns `null`, it indicates no replacement should be made. The second method is used by the `AbstractSecurityInterceptor` as part of its startup validation of configuration attributes. The `supports(Class)` method is called by a security interceptor implementation to ensure the configured `RunAsManager` supports the type of secure object that the security interceptor will present.
One concrete implementation of a `RunAsManager` is provided with Spring Security. The `RunAsManagerImpl` class returns a replacement `RunAsUserToken` if any `ConfigAttribute` starts with `RUN_AS_`. If any such `ConfigAttribute` is found, the replacement `RunAsUserToken` will contain the same principal, credentials and granted authorities as the original `Authentication` object, along with a new `GrantedAuthorityImpl` for each `RUN_AS_` `ConfigAttribute`. Each new `GrantedAuthorityImpl` will be prefixed with `ROLE_`, followed by the `RUN_AS` `ConfigAttribute`. For example, a `RUN_AS_SERVER` will result in the replacement `RunAsUserToken` containing a `ROLE_RUN_AS_SERVER` granted authority.
One concrete implementation of a `RunAsManager` is provided with Spring Security. The `RunAsManagerImpl` class returns a replacement `RunAsUserToken` if any `ConfigAttribute` starts with `RUN_AS_`. If any such `ConfigAttribute` is found, the replacement `RunAsUserToken` will contain the same principal, credentials and granted authorities as the original `Authentication` object, along with a new `SimpleGrantedAuthority` for each `RUN_AS_` `ConfigAttribute`. Each new `SimpleGrantedAuthority` will be prefixed with `ROLE_`, followed by the `RUN_AS` `ConfigAttribute`. For example, a `RUN_AS_SERVER` will result in the replacement `RunAsUserToken` containing a `ROLE_RUN_AS_SERVER` granted authority.
The replacement `RunAsUserToken` is just like any other `Authentication` object. It needs to be authenticated by the `AuthenticationManager`, probably via delegation to a suitable `AuthenticationProvider`. The `RunAsImplAuthenticationProvider` performs such authentication. It simply accepts as valid any `RunAsUserToken` presented.
@@ -7715,7 +7715,7 @@ The attributes on the `<cors>` element control the headers element.
Optional attribute that specifies the bean name of a `CorsFilter`.
[[nsa-cors-configuration-source-ref]]
* **ref**
* **cors-configuration-source-ref**
Optional attribute that specifies the bean name of a `CorsConfigurationSource` to be injected into a `CorsFilter` created by the XML namespace.
[[nsa-cors-parents]]
+1 -1
View File
@@ -1 +1 @@
version=4.2.1.RELEASE
version=4.2.2.RELEASE
+1 -1
View File
@@ -1,4 +1,4 @@
apply plugin: 'spring-boot'
apply plugin: 'org.springframework.boot'
sonarqube {
skipProject = true
+2
View File
@@ -50,6 +50,8 @@ tasks["eclipseJdt"].dependsOn(eclipseJdtPrepare)
tasks["cleanEclipse"].dependsOn(cleanEclipseJdtUi)
tasks["eclipse"].dependsOn(eclipseCheckstyle, eclipseSettings, eclipseWstComponent)
task eclipseConfiguration(dependsOn: [eclipseCheckstyle, eclipseSettings, eclipseWstComponent]) {
}
eclipse {
classpath {
+1 -1
View File
@@ -36,7 +36,7 @@ ext.springDataCommonsVersion = '1.12.2.RELEASE'
ext.springDataJpaVersion = '1.10.2.RELEASE'
ext.springDataRedisVersion = '1.7.2.RELEASE'
ext.springSessionVersion = '1.2.1.RELEASE'
ext.springBootVersion = '1.4.0.RELEASE'
ext.springBootVersion = '1.5.0.BUILD-SNAPSHOT'
ext.thymeleafVersion = '3.0.2.RELEASE'
ext.jsonassertVersion = '1.3.0'
ext.validationApiVersion = '1.1.0.Final'
+4 -4
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>itest-context</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>itest-context</name>
<description>itest-context</description>
<url>http://spring.io/spring-security</url>
@@ -57,7 +57,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -132,13 +132,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
+6 -6
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>itest-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>itest-web</name>
<description>itest-web</description>
<url>http://spring.io/spring-security</url>
@@ -98,31 +98,31 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
+2 -2
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-ldap</name>
<description>spring-security-ldap</description>
<url>http://spring.io/spring-security</url>
@@ -73,7 +73,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -157,7 +157,7 @@ public final class LdapUtils {
* @return the root DN
*/
public static String parseRootDnFromUrl(String url) {
Assert.hasLength(url);
Assert.hasLength(url, "url must have length");
String urlRootDn;
@@ -187,7 +187,7 @@ public final class LdapUtils {
*/
private static URI parseLdapUrl(String url) {
Assert.hasLength(url);
Assert.hasLength(url, "url must have length");
try {
return new URI(url);
@@ -119,7 +119,7 @@ public abstract class AbstractLdapAuthenticator implements LdapAuthenticator,
}
public void setMessageSource(MessageSource messageSource) {
Assert.notNull("Message source must not be null");
Assert.notNull(messageSource, "Message source must not be null");
this.messages = new MessageSourceAccessor(messageSource);
}
@@ -159,7 +159,7 @@ public class ApacheDSContainer implements InitializingBean, DisposableBean, Life
}
public void setWorkingDirectory(File workingDir) {
Assert.notNull(workingDir);
Assert.notNull(workingDir, "workingDir cannot be null");
logger.info("Setting working directory for LDAP_PROVIDER: "
+ workingDir.getAbsolutePath());
@@ -239,7 +239,7 @@ public class ApacheDSContainer implements InitializingBean, DisposableBean, Life
catch (LdapNameNotFoundException e) {
try {
LdapDN dn = new LdapDN(root);
Assert.isTrue(root.startsWith("dc="));
Assert.isTrue(root.startsWith("dc="), "root must start with dc=");
String dc = root.substring(3, root.indexOf(','));
ServerEntry entry = service.newEntry(dn);
entry.add("objectClass", "top", "domain", "extensibleObject");
@@ -387,7 +387,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
}
public void setAttributesToRetrieve(String[] attributesToRetrieve) {
Assert.notNull(attributesToRetrieve);
Assert.notNull(attributesToRetrieve, "attributesToRetrieve cannot be null");
this.attributesToRetrieve = attributesToRetrieve;
}
@@ -406,7 +406,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
* members.
*/
public void setGroupMemberAttributeName(String groupMemberAttributeName) {
Assert.hasText(groupMemberAttributeName);
Assert.hasText(groupMemberAttributeName, "groupMemberAttributeName should have text");
this.groupMemberAttributeName = groupMemberAttributeName;
this.groupSearchFilter = "(" + groupMemberAttributeName + "={0})";
}
@@ -139,8 +139,8 @@ public class Person extends LdapUserDetailsImpl {
public LdapUserDetails createUserDetails() {
Person p = (Person) super.createUserDetails();
Assert.notNull(p.cn);
Assert.notEmpty(p.cn);
Assert.notNull(p.cn, "person.sn cannot be null");
Assert.notEmpty(p.cn, "person.cn cannot be empty");
// TODO: Check contents for null entries
return p;
}
+3 -3
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-messaging</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-messaging</name>
<description>spring-security-messaging</description>
<url>http://spring.io/spring-security</url>
@@ -51,7 +51,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -102,7 +102,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
+3 -3
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-openid</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-openid</name>
<description>spring-security-openid</description>
<url>http://spring.io/spring-security</url>
@@ -63,13 +63,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -45,7 +45,7 @@ public class OpenIDAttribute implements Serializable {
}
public OpenIDAttribute(String name, String type, List<String> values) {
Assert.notEmpty(values);
Assert.notEmpty(values, "values cannot be empty");
this.name = name;
this.typeIdentifier = type;
this.values = values;
+2 -2
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-remoting</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-remoting</name>
<description>spring-security-remoting</description>
<url>http://spring.io/spring-security</url>
@@ -51,7 +51,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+4 -4
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-boot-helloworld</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-samples-boot-helloworld</name>
<description>spring-security-samples-boot-helloworld</description>
<url>http://spring.io/spring-security</url>
@@ -55,13 +55,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -115,7 +115,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
@@ -15,25 +15,22 @@
*/
package org.springframework.security.samples;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.SpringApplicationConfiguration;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.mock.web.MockHttpSession;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
import static org.assertj.core.api.Assertions.assertThat;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated;
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@@ -43,78 +40,79 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
* @author Joe Grandja
*/
@RunWith(SpringJUnit4ClassRunner.class)
@SpringApplicationConfiguration(HelloWorldApplication.class)
@WebAppConfiguration
@SpringBootTest
@AutoConfigureMockMvc
public class HelloWorldApplicationTests {
@Autowired
private WebApplicationContext context;
private MockMvc mockMvc;
@Before
public void setup() {
mockMvc = MockMvcBuilders
.webAppContextSetup(context)
.apply(springSecurity())
.build();
}
@Test
public void accessUnprotected() throws Exception {
this.mockMvc.perform(get("/index")).andExpect(status().isOk());
// @formatter:off
this.mockMvc.perform(get("/index"))
.andExpect(status().isOk());
// @formatter:on
}
@Test
public void accessProtectedRedirectsToLogin() throws Exception {
// @formatter:off
MvcResult mvcResult = this.mockMvc.perform(get("/user/index"))
.andExpect(status().is3xxRedirection())
.andReturn();
// @formatter:on
assertThat(mvcResult.getResponse().getRedirectedUrl()).endsWith("/login");
}
@Test
public void loginUser() throws Exception {
// @formatter:off
this.mockMvc.perform(formLogin().user("user").password("password"))
.andExpect(authenticated());
// @formatter:on
}
@Test
public void loginInvalidUser() throws Exception {
// @formatter:off
this.mockMvc.perform(formLogin().user("invalid").password("invalid"))
.andExpect(unauthenticated())
.andExpect(status().is3xxRedirection());
// @formatter:on
}
@Test
public void loginUserAccessProtected() throws Exception {
// @formatter:off
MvcResult mvcResult = this.mockMvc.perform(formLogin().user("user").password("password"))
.andExpect(authenticated())
.andReturn();
.andExpect(authenticated()).andReturn();
// @formatter:on
MockHttpSession httpSession = MockHttpSession.class.cast(mvcResult.getRequest().getSession(false));
MockHttpSession httpSession = (MockHttpSession) mvcResult.getRequest().getSession(false);
this.mockMvc.perform(get("/user/index")
.session(httpSession))
// @formatter:off
this.mockMvc.perform(get("/user/index").session(httpSession))
.andExpect(status().isOk());
// @formatter:on
}
@Test
public void loginUserValidateLogout() throws Exception {
// @formatter:off
MvcResult mvcResult = this.mockMvc.perform(formLogin().user("user").password("password"))
.andExpect(authenticated())
.andReturn();
.andExpect(authenticated()).andReturn();
// @formatter:on
MockHttpSession httpSession = MockHttpSession.class.cast(mvcResult.getRequest().getSession(false));
MockHttpSession httpSession = (MockHttpSession) mvcResult.getRequest().getSession(false);
this.mockMvc.perform(post("/logout").with(csrf())
.session(httpSession))
// @formatter:off
this.mockMvc.perform(post("/logout").with(csrf()).session(httpSession))
.andExpect(unauthenticated());
this.mockMvc.perform(get("/user/index")
.session(httpSession))
this.mockMvc.perform(get("/user/index").session(httpSession))
.andExpect(unauthenticated())
.andExpect(status().is3xxRedirection());
// @formatter:on
}
}
+1 -1
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-boot-insecure</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-samples-boot-insecure</name>
<description>spring-security-samples-boot-insecure</description>
<url>http://spring.io/spring-security</url>
@@ -15,16 +15,14 @@
*/
package org.springframework.security.samples;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.SpringApplicationConfiguration;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@@ -34,22 +32,13 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
* @author Joe Grandja
*/
@RunWith(SpringJUnit4ClassRunner.class)
@SpringApplicationConfiguration(InsecureApplication.class)
@WebAppConfiguration
@SpringBootTest
@AutoConfigureMockMvc
public class InsecureApplicationTests {
@Autowired
private WebApplicationContext context;
private MockMvc mockMvc;
@Before
public void setup() {
mockMvc = MockMvcBuilders
.webAppContextSetup(context)
.build();
}
@Test
public void accessUnprotected() throws Exception {
this.mockMvc.perform(get("/index")).andExpect(status().isOk());
+4 -4
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-aspectj</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-samples-javaconfig-aspectj</name>
<description>spring-security-samples-javaconfig-aspectj</description>
<url>http://spring.io/spring-security</url>
@@ -45,13 +45,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -71,7 +71,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-aspects</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-concurrency</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-concurrency</name>
<description>spring-security-samples-javaconfig-concurrency</description>
@@ -91,25 +91,25 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+3 -3
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-data</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-samples-javaconfig-data</name>
<description>spring-security-samples-javaconfig-data</description>
<url>http://spring.io/spring-security</url>
@@ -81,13 +81,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-data</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-form</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-form</name>
<description>spring-security-samples-javaconfig-form</description>
@@ -91,25 +91,25 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-hellojs</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-hellojs</name>
<description>spring-security-samples-javaconfig-hellojs</description>
@@ -97,25 +97,25 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+6 -6
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-hellomvc</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-hellomvc</name>
<description>spring-security-samples-javaconfig-hellomvc</description>
@@ -91,25 +91,25 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -180,7 +180,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
+3 -3
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-helloworld</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-helloworld</name>
<description>spring-security-samples-javaconfig-helloworld</description>
@@ -67,13 +67,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+6 -6
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-inmemory</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-inmemory</name>
<description>spring-security-samples-javaconfig-inmemory</description>
@@ -91,25 +91,25 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -180,7 +180,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-jdbc</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-jdbc</name>
<description>spring-security-samples-javaconfig-jdbc</description>
@@ -91,25 +91,25 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+6 -6
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-ldap</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-ldap</name>
<description>spring-security-samples-javaconfig-ldap</description>
@@ -127,31 +127,31 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+3 -3
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-samples-javaconfig-messages</name>
<description>spring-security-samples-javaconfig-messages</description>
<url>http://spring.io/spring-security</url>
@@ -99,13 +99,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+6 -6
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-openid</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-openid</name>
<description>spring-security-samples-javaconfig-openid</description>
@@ -91,31 +91,31 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-openid</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-preauth</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-preauth</name>
<description>spring-security-samples-javaconfig-preauth</description>
@@ -91,25 +91,25 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-rememberme</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-rememberme</name>
<description>spring-security-samples-javaconfig-rememberme</description>
@@ -91,25 +91,25 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-x509</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-javaconfig-x509</name>
<description>spring-security-samples-javaconfig-x509</description>
@@ -91,25 +91,25 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+4 -4
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-aspectj</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-samples-xml-aspectj</name>
<description>spring-security-samples-xml-aspectj</description>
<url>http://spring.io/spring-security</url>
@@ -45,7 +45,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -65,13 +65,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-aspects</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-cassample</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-cassample</name>
<description>spring-security-samples-xml-cassample</description>
@@ -55,13 +55,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -98,13 +98,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
+1 -1
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-casserver</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-casserver</name>
<description>spring-security-samples-xml-casserver</description>
+6 -6
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-contacts</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-contacts</name>
<description>spring-security-samples-xml-contacts</description>
@@ -49,13 +49,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-acl</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -145,19 +145,19 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
+4 -4
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-dms</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-samples-xml-dms</name>
<description>spring-security-samples-xml-dms</description>
<url>http://spring.io/spring-security</url>
@@ -45,13 +45,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-acl</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -92,7 +92,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-gae</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-gae</name>
<description>spring-security-samples-xml-gae</description>
@@ -73,13 +73,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -147,13 +147,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
@@ -39,7 +39,7 @@ public class InMemoryUserRegistry implements UserRegistry {
public void registerUser(GaeUser newUser) {
logger.debug("Attempting to create new user " + newUser);
Assert.state(!users.containsKey(newUser.getUserId()));
Assert.isTrue(!users.containsKey(newUser.getUserId()), "user should not exist");
users.put(newUser.getUserId(), newUser);
}
+3 -3
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-helloworld</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-helloworld</name>
<description>spring-security-samples-xml-helloworld</description>
@@ -67,13 +67,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+1 -1
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-insecure</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-insecure</name>
<description>spring-security-samples-xml-insecure</description>
+2 -2
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-insecuremvc</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-insecuremvc</name>
<description>spring-security-samples-xml-insecuremvc</description>
@@ -91,7 +91,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-javaconfig-messages</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-jaas</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-jaas</name>
<description>spring-security-samples-xml-jaas</description>
@@ -49,7 +49,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -107,19 +107,19 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-ldap</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-ldap</name>
<description>spring-security-samples-xml-ldap</description>
@@ -61,7 +61,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -128,19 +128,19 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-openid</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-openid</name>
<description>spring-security-samples-xml-openid</description>
@@ -49,13 +49,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-openid</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -103,13 +103,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
+3 -3
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-preauth</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-preauth</name>
<description>spring-security-samples-xml-preauth</description>
@@ -74,13 +74,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-servletapi</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-servletapi</name>
<description>spring-security-samples-xml-servletapi</description>
@@ -55,13 +55,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -118,13 +118,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
+5 -5
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-xml-tutorial</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<packaging>war</packaging>
<name>spring-security-samples-xml-tutorial</name>
<description>spring-security-samples-xml-tutorial</description>
@@ -55,7 +55,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -119,19 +119,19 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>runtime</scope>
</dependency>
<dependency>
@@ -21,7 +21,7 @@ public class BankServiceImpl implements BankService {
private final BankDao bankDao;
public BankServiceImpl(BankDao bankDao) {
Assert.notNull(bankDao);
Assert.notNull(bankDao, "bankDao cannot be null");
this.bankDao = bankDao;
}
@@ -30,7 +30,7 @@ public class BankServiceImpl implements BankService {
}
public Account post(Account account, double amount) {
Assert.notNull(account);
Assert.notNull(account, "account cannot be null");
// We read account back from DAO so it reflects the latest balance
Account a = bankDao.readAccount(account.getId());
@@ -22,7 +22,7 @@ public class SeedData implements InitializingBean {
private BankDao bankDao;
public void afterPropertiesSet() throws Exception {
Assert.notNull(bankDao);
Assert.notNull(bankDao, "bankDao cannot be null");
bankDao.createOrUpdateAccount(new Account("rod"));
bankDao.createOrUpdateAccount(new Account("dianne"));
bankDao.createOrUpdateAccount(new Account("scott"));
@@ -29,7 +29,7 @@ public class ListAccounts implements Controller {
private final BankService bankService;
public ListAccounts(BankService bankService) {
Assert.notNull(bankService);
Assert.notNull(bankService, "bankService cannot be null");
this.bankService = bankService;
}
@@ -31,7 +31,7 @@ public class PostAccounts implements Controller {
private final BankService bankService;
public PostAccounts(BankService bankService) {
Assert.notNull(bankService);
Assert.notNull(bankService, "bankService cannot be null");
this.bankService = bankService;
}
+4 -4
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-taglibs</name>
<description>spring-security-taglibs</description>
<url>http://spring.io/spring-security</url>
@@ -45,19 +45,19 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-acl</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
+4 -4
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-test</name>
<description>spring-security-test</description>
<url>http://spring.io/spring-security</url>
@@ -45,13 +45,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -80,7 +80,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
@@ -286,7 +286,7 @@ public final class SecurityMockMvcRequestPostProcessors {
private final X509Certificate[] certificates;
private X509RequestPostProcessor(X509Certificate... certificates) {
Assert.notNull("X509Certificate cannot be null");
Assert.notNull(certificates, "X509Certificate cannot be null");
this.certificates = certificates;
}
+2 -2
View File
@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<name>spring-security-web</name>
<description>spring-security-web</description>
<url>http://spring.io/spring-security</url>
@@ -51,7 +51,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.1.RELEASE</version>
<version>4.2.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -84,7 +84,7 @@ public class AnonymousAuthenticationFilter extends GenericFilterBean implements
@Override
public void afterPropertiesSet() {
Assert.hasLength(key);
Assert.hasLength(key, "key must have length");
Assert.notNull(principal, "Anonymous authentication principal must be set");
Assert.notNull(authorities, "Anonymous authorities must be set");
}
@@ -54,7 +54,7 @@ public class PreAuthenticatedGrantedAuthoritiesUserDetailsService implements
*/
public final UserDetails loadUserDetails(PreAuthenticatedAuthenticationToken token)
throws AuthenticationException {
Assert.notNull(token.getDetails());
Assert.notNull(token.getDetails(), "token.getDetails() cannot be null");
Assert.isInstanceOf(GrantedAuthoritiesContainer.class, token.getDetails());
Collection<? extends GrantedAuthority> authorities = ((GrantedAuthoritiesContainer) token
.getDetails()).getGrantedAuthorities();
@@ -48,8 +48,8 @@ public class SessionFixationProtectionEvent extends AbstractAuthenticationEvent
public SessionFixationProtectionEvent(Authentication authentication,
String oldSessionId, String newSessionId) {
super(authentication);
Assert.hasLength(oldSessionId);
Assert.hasLength(newSessionId);
Assert.hasLength(oldSessionId, "oldSessionId must have length");
Assert.hasLength(newSessionId, "newSessionId must have length");
this.oldSessionId = oldSessionId;
this.newSessionId = newSessionId;
}
@@ -58,7 +58,6 @@ import org.springframework.security.web.authentication.SimpleUrlAuthenticationSu
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.GenericFilterBean;
/**
@@ -494,10 +493,8 @@ public class SwitchUserFilter extends GenericFilterBean
* @param switchFailureUrl the url to redirect to.
*/
public void setSwitchFailureUrl(String switchFailureUrl) {
Assert.isTrue(
StringUtils.hasText(this.switchUserUrl)
&& UrlUtils.isValidRedirectUrl(switchFailureUrl),
"switchFailureUrl cannot be empty and must be a valid redirect URL");
Assert.isTrue(UrlUtils.isValidRedirectUrl(switchFailureUrl),
"switchFailureUrl must be a valid redirect URL");
this.switchFailureUrl = switchFailureUrl;
}
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2013 the original author or authors.
* Copyright 2002-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -15,14 +15,20 @@
*/
package org.springframework.security.web.header.writers;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.web.header.Header;
import org.springframework.security.web.header.HeaderWriter;
import org.springframework.util.ReflectionUtils;
/**
* A {@link StaticHeadersWriter} that inserts headers to prevent caching. Specifically it
* adds the following headers:
* Inserts headers to prevent caching if no cache control headers have been specified.
* Specifically it adds the following headers:
* <ul>
* <li>Cache-Control: no-cache, no-store, max-age=0, must-revalidate</li>
* <li>Pragma: no-cache</li>
@@ -32,21 +38,47 @@ import org.springframework.security.web.header.Header;
* @author Rob Winch
* @since 3.2
*/
public final class CacheControlHeadersWriter extends StaticHeadersWriter {
public final class CacheControlHeadersWriter implements HeaderWriter {
private static final String EXPIRES = "Expires";
private static final String PRAGMA = "Pragma";
private static final String CACHE_CONTROL = "Cache-Control";
private final Method getHeaderMethod;
private final HeaderWriter delegate;
/**
* Creates a new instance
*/
public CacheControlHeadersWriter() {
super(createHeaders());
this.delegate = new StaticHeadersWriter(createHeaders());
this.getHeaderMethod = ReflectionUtils.findMethod(HttpServletResponse.class,
"getHeader", String.class);
}
@Override
public void writeHeaders(HttpServletRequest request, HttpServletResponse response) {
if (hasHeader(response, CACHE_CONTROL) || hasHeader(response, EXPIRES)
|| hasHeader(response, PRAGMA)) {
return;
}
this.delegate.writeHeaders(request, response);
}
private boolean hasHeader(HttpServletResponse response, String headerName) {
if (this.getHeaderMethod == null) {
return false;
}
return ReflectionUtils.invokeMethod(this.getHeaderMethod, response,
headerName) != null;
}
private static List<Header> createHeaders() {
List<Header> headers = new ArrayList<Header>(2);
headers.add(new Header("Cache-Control",
headers.add(new Header(CACHE_CONTROL,
"no-cache, no-store, max-age=0, must-revalidate"));
headers.add(new Header("Pragma", "no-cache"));
headers.add(new Header("Expires", "0"));
headers.add(new Header(PRAGMA, "no-cache"));
headers.add(new Header(EXPIRES, "0"));
return headers;
}
}
@@ -138,6 +138,7 @@ public class HttpSessionRequestCache implements RequestCache {
* "SPRING_SECURITY_SAVED_REQUEST".
*
* @param sessionAttrName a new session attribute name.
* @since 4.2.1
*/
public void setSessionAttrName(String sessionAttrName) {
this.sessionAttrName = sessionAttrName;
@@ -68,8 +68,8 @@ public class RedirectUrlBuilder {
public String getUrl() {
StringBuilder sb = new StringBuilder();
Assert.notNull(scheme);
Assert.notNull(serverName);
Assert.notNull(scheme, "scheme cannot be null");
Assert.notNull(serverName, "serverName cannot be null");
sb.append(scheme).append("://").append(serverName);
@@ -129,7 +129,7 @@ public final class UrlUtils {
* Returns true if the supplied URL starts with a "/" or is absolute.
*/
public static boolean isValidRedirectUrl(String url) {
return url != null && url.startsWith("/") || isAbsoluteUrl(url);
return url != null && (url.startsWith("/") || isAbsoluteUrl(url));
}
/**
@@ -137,6 +137,9 @@ public final class UrlUtils {
* defined in RFC 1738.
*/
public static boolean isAbsoluteUrl(String url) {
if(url == null) {
return false;
}
final Pattern ABSOLUTE_URL = Pattern.compile("\\A[a-z0-9.+-]+://.*",
Pattern.CASE_INSENSITIVE);
@@ -464,6 +464,23 @@ public class SwitchUserFilterTests {
assertThat(switchAuthorityRole).isEqualTo(switchedFrom.getAuthority());
}
@Test(expected = IllegalArgumentException.class)
public void setSwitchFailureUrlWhenNullThenThrowException() {
SwitchUserFilter filter = new SwitchUserFilter();
filter.setSwitchFailureUrl(null);
}
@Test(expected = IllegalArgumentException.class)
public void setSwitchFailureUrlWhenEmptyThenThrowException() {
SwitchUserFilter filter = new SwitchUserFilter();
filter.setSwitchFailureUrl("");
}
@Test
public void setSwitchFailureUrlWhenValidThenNoException() {
SwitchUserFilter filter = new SwitchUserFilter();
filter.setSwitchFailureUrl("/foo");
}
// ~ Inner Classes
// ==================================================================================================
@@ -15,19 +15,32 @@
*/
package org.springframework.security.web.header.writers;
import static org.assertj.core.api.Assertions.assertThat;
import java.util.Arrays;
import javax.servlet.http.HttpServletResponse;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.powermock.core.classloader.annotations.PrepareOnlyThisForTest;
import org.powermock.modules.junit4.PowerMockRunner;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.util.ReflectionUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Matchers.anyString;
import static org.mockito.Mockito.doThrow;
import static org.mockito.Mockito.when;
import static org.powermock.api.mockito.PowerMockito.spy;
/**
* @author Rob Winch
*
*/
@RunWith(PowerMockRunner.class)
@PrepareOnlyThisForTest(ReflectionUtils.class)
public class CacheControlHeadersWriterTests {
private MockHttpServletRequest request;
@@ -38,20 +51,79 @@ public class CacheControlHeadersWriterTests {
@Before
public void setup() {
request = new MockHttpServletRequest();
response = new MockHttpServletResponse();
writer = new CacheControlHeadersWriter();
this.request = new MockHttpServletRequest();
this.response = new MockHttpServletResponse();
this.writer = new CacheControlHeadersWriter();
}
@Test
public void writeHeaders() {
writer.writeHeaders(request, response);
this.writer.writeHeaders(this.request, this.response);
assertThat(response.getHeaderNames().size()).isEqualTo(3);
assertThat(response.getHeaderValues("Cache-Control")).isEqualTo(
assertThat(this.response.getHeaderNames().size()).isEqualTo(3);
assertThat(this.response.getHeaderValues("Cache-Control")).isEqualTo(
Arrays.asList("no-cache, no-store, max-age=0, must-revalidate"));
assertThat(response.getHeaderValues("Pragma")).isEqualTo(
Arrays.asList("no-cache"));
assertThat(response.getHeaderValues("Expires")).isEqualTo(Arrays.asList("0"));
assertThat(this.response.getHeaderValues("Pragma"))
.isEqualTo(Arrays.asList("no-cache"));
assertThat(this.response.getHeaderValues("Expires"))
.isEqualTo(Arrays.asList("0"));
}
@Test
public void writeHeadersServlet25() {
spy(ReflectionUtils.class);
when(ReflectionUtils.findMethod(HttpServletResponse.class, "getHeader",
String.class)).thenReturn(null);
this.response = spy(this.response);
doThrow(NoSuchMethodError.class).when(this.response).getHeader(anyString());
this.writer = new CacheControlHeadersWriter();
this.writer.writeHeaders(this.request, this.response);
assertThat(this.response.getHeaderNames().size()).isEqualTo(3);
assertThat(this.response.getHeaderValues("Cache-Control")).isEqualTo(
Arrays.asList("no-cache, no-store, max-age=0, must-revalidate"));
assertThat(this.response.getHeaderValues("Pragma"))
.isEqualTo(Arrays.asList("no-cache"));
assertThat(this.response.getHeaderValues("Expires"))
.isEqualTo(Arrays.asList("0"));
}
// gh-2953
@Test
public void writeHeadersDisabledIfCacheControl() {
this.response.setHeader("Cache-Control", "max-age: 123");
this.writer.writeHeaders(this.request, this.response);
assertThat(this.response.getHeaderNames()).hasSize(1);
assertThat(this.response.getHeaderValues("Cache-Control"))
.containsOnly("max-age: 123");
assertThat(this.response.getHeaderValue("Pragma")).isNull();
assertThat(this.response.getHeaderValue("Expires")).isNull();
}
@Test
public void writeHeadersDisabledIfPragma() {
this.response.setHeader("Pragma", "mock");
this.writer.writeHeaders(this.request, this.response);
assertThat(this.response.getHeaderNames()).hasSize(1);
assertThat(this.response.getHeaderValues("Pragma")).containsOnly("mock");
assertThat(this.response.getHeaderValue("Expires")).isNull();
assertThat(this.response.getHeaderValue("Cache-Control")).isNull();
}
@Test
public void writeHeadersDisabledIfExpires() {
this.response.setHeader("Expires", "mock");
this.writer.writeHeaders(this.request, this.response);
assertThat(this.response.getHeaderNames()).hasSize(1);
assertThat(this.response.getHeaderValues("Expires")).containsOnly("mock");
assertThat(this.response.getHeaderValue("Cache-Control")).isNull();
assertThat(this.response.getHeaderValue("Pragma")).isNull();
}
}

Some files were not shown because too many files have changed in this diff Show More