+ fixed exception unwrapping

+ optimized path for getBean (and thus fixed another test)
This commit is contained in:
Costin Leau
2009-08-06 19:08:14 +00:00
parent 65e00f7540
commit 81eb11486d
8 changed files with 126 additions and 14 deletions

View File

@@ -16,10 +16,18 @@
package org.springframework.beans.factory;
import static org.junit.Assert.*;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNotSame;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import java.lang.reflect.Field;
import java.net.MalformedURLException;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
@@ -2018,6 +2026,7 @@ public final class DefaultListableBeanFactoryTests {
lbf.registerBeanDefinition("test", bd);
final Subject subject = new Subject();
subject.getPrincipals().add(new TestPrincipal("user1"));
TestSecuredBean bean = (TestSecuredBean) Subject.doAsPrivileged(subject,
new PrivilegedAction() {
public Object run() {
@@ -2326,7 +2335,8 @@ public final class DefaultListableBeanFactoryTests {
private String userName;
public void init() {
Subject subject = Subject.getSubject(AccessController.getContext());
AccessControlContext acc = AccessController.getContext();
Subject subject = Subject.getSubject(acc);
if (subject == null) {
return;
}

View File

@@ -21,14 +21,22 @@ import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.Permissions;
import java.security.Policy;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.security.ProtectionDomain;
import java.util.Iterator;
import java.util.PropertyPermission;
import java.util.Set;
import javax.security.auth.Subject;
import junit.framework.TestCase;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.support.AbstractBeanFactory;
import org.springframework.beans.factory.config.ConfigurableBeanFactory;
import org.springframework.beans.factory.support.DefaultListableBeanFactory;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.support.SecurityContextProvider;
import org.springframework.beans.factory.support.security.support.ConstructorBean;
import org.springframework.beans.factory.support.security.support.CustomCallbackBean;
@@ -39,12 +47,71 @@ import org.springframework.core.io.Resource;
/**
* @author Costin Leau
*/
public class CallbacksSecurityTest extends TestCase {
public class CallbacksSecurityTests extends TestCase {
private XmlBeanFactory beanFactory;
private SecurityContextProvider provider;
public CallbacksSecurityTest() {
private static class TestSecuredBean {
private String userName;
public void init() {
AccessControlContext acc = AccessController.getContext();
Subject subject = Subject.getSubject(acc);
System.out.println("Current acc is " +acc +" subject = " + subject);
if (subject == null) {
return;
}
setNameFromPrincipal(subject.getPrincipals());
}
private void setNameFromPrincipal(Set<Principal> principals) {
if (principals == null) {
return;
}
for (Iterator<Principal> it = principals.iterator(); it.hasNext();) {
Principal p = it.next();
this.userName = p.getName();
return;
}
}
public String getUserName() {
return this.userName;
}
}
private static class TestPrincipal implements Principal {
private String name;
public TestPrincipal(String name) {
this.name = name;
}
public String getName() {
return this.name;
}
public boolean equals(Object obj) {
if (obj == this) {
return true;
}
if (!(obj instanceof TestPrincipal)) {
return false;
}
TestPrincipal p = (TestPrincipal) obj;
return this.name.equals(p.name);
}
public int hashCode() {
return this.name.hashCode();
}
}
public CallbacksSecurityTests() {
// setup security
if (System.getSecurityManager() == null) {
Policy policy = Policy.getPolicy();
@@ -220,4 +287,23 @@ public class CallbacksSecurityTest extends TestCase {
beanFactory.getBean("working-property-injection");
}
public void testInitSecurityAwarePrototypeBean() {
final DefaultListableBeanFactory lbf = new DefaultListableBeanFactory();
RootBeanDefinition bd = new RootBeanDefinition(TestSecuredBean.class);
bd.setScope(ConfigurableBeanFactory.SCOPE_PROTOTYPE);
bd.setInitMethodName("init");
lbf.registerBeanDefinition("test", bd);
final Subject subject = new Subject();
subject.getPrincipals().add(new TestPrincipal("user1"));
TestSecuredBean bean = (TestSecuredBean) Subject.doAsPrivileged(subject,
new PrivilegedAction() {
public Object run() {
return lbf.getBean("test");
}
}, null);
assertNotNull(bean);
assertEquals(null, bean.getUserName());
}
}