LDAP-247: Using Spring Security and Spring LDAP together requires that BaseLdapPathBeanPostProcessor implements interface Ordered
BaseLdapPathBeanPostProcessor now implements Ordered. Integration test from original issue comments to verify that the change fixes the problem.
This commit is contained in:
@@ -20,6 +20,7 @@ import org.springframework.beans.factory.NoSuchBeanDefinitionException;
|
||||
import org.springframework.beans.factory.config.BeanPostProcessor;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.ApplicationContextAware;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.ldap.core.DistinguishedName;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
@@ -46,7 +47,7 @@ import org.springframework.util.StringUtils;
|
||||
* @author Mattias Hellborg Arthursson
|
||||
* @since 1.2
|
||||
*/
|
||||
public class BaseLdapPathBeanPostProcessor implements BeanPostProcessor, ApplicationContextAware {
|
||||
public class BaseLdapPathBeanPostProcessor implements BeanPostProcessor, ApplicationContextAware, Ordered {
|
||||
|
||||
private ApplicationContext applicationContext;
|
||||
|
||||
@@ -54,7 +55,9 @@ public class BaseLdapPathBeanPostProcessor implements BeanPostProcessor, Applica
|
||||
|
||||
private String baseLdapPathSourceName;
|
||||
|
||||
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
|
||||
private int order = Ordered.LOWEST_PRECEDENCE;
|
||||
|
||||
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
|
||||
if (bean instanceof BaseLdapPathAware) {
|
||||
BaseLdapPathAware baseLdapPathAware = (BaseLdapPathAware) bean;
|
||||
|
||||
@@ -87,7 +90,7 @@ public class BaseLdapPathBeanPostProcessor implements BeanPostProcessor, Applica
|
||||
/*
|
||||
* (non-Javadoc)
|
||||
*
|
||||
* @seeorg.springframework.beans.factory.config.BeanPostProcessor#
|
||||
* @see org.springframework.beans.factory.config.BeanPostProcessor#
|
||||
* postProcessAfterInitialization(java.lang.Object, java.lang.String)
|
||||
*/
|
||||
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
|
||||
@@ -123,4 +126,18 @@ public class BaseLdapPathBeanPostProcessor implements BeanPostProcessor, Applica
|
||||
this.baseLdapPathSourceName = contextSourceName;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the order value of this object for sorting purposes.
|
||||
*
|
||||
* @param order the order of this instance. Defaults to <code>Ordered.LOWEST_PRECEDENCE</code>.
|
||||
* @see Ordered
|
||||
* @since 1.3.2
|
||||
*/
|
||||
public void setOrder(int order) {
|
||||
this.order = order;
|
||||
}
|
||||
|
||||
public int getOrder() {
|
||||
return order;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,9 +3,18 @@ repositories {
|
||||
}
|
||||
apply from: JAVA_SCRIPT
|
||||
|
||||
ext.springSecurityVersion='3.0.5.RELEASE'
|
||||
|
||||
dependencies {
|
||||
compile project(":spring-ldap-test"),
|
||||
project(":spring-ldap-core-tiger")
|
||||
project(":spring-ldap-core-tiger"),
|
||||
compile("org.springframework.security:spring-security-core:$springSecurityVersion") {
|
||||
exclude group: "org.springframework", module: "spring-expression"
|
||||
exclude group: "org.springframework", module: "spring-core"
|
||||
exclude group: "org.springframework", module: "spring-context"
|
||||
exclude group: "org.springframework", module: "spring-tx"
|
||||
exclude group: "org.springframework", module: "spring-aop"
|
||||
}
|
||||
|
||||
provided "commons-pool:commons-pool:$commonsPoolVersion",
|
||||
"org.springframework:spring-jdbc:$springVersion",
|
||||
@@ -13,9 +22,15 @@ dependencies {
|
||||
|
||||
testCompile "org.springframework:spring-test:$springVersion",
|
||||
"org.springframework:spring-aop:$springVersion",
|
||||
"org.springframework:spring-expression:$springVersion",
|
||||
"org.hibernate:hibernate:3.2.6.ga",
|
||||
"aspectj:aspectjrt:1.5.3",
|
||||
"aspectj:aspectjweaver:1.5.3",
|
||||
"hsqldb:hsqldb:1.8.0.7",
|
||||
"junit:junit:$junitVersion"
|
||||
"junit:junit:$junitVersion",
|
||||
"org.springframework.security:spring-security-config:$springSecurityVersion"
|
||||
|
||||
testCompile("org.springframework.security:spring-security-ldap:$springSecurityVersion") {
|
||||
exclude group: "org.springframework.ldap", module: "spring-ldap-core"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,27 @@
|
||||
package org.springframework.ldap.itest;
|
||||
|
||||
import org.springframework.ldap.core.DistinguishedName;
|
||||
import org.springframework.ldap.core.support.BaseLdapPathAware;
|
||||
|
||||
import javax.naming.Name;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Mattias Hellborg Arthursson
|
||||
*/
|
||||
public class LdapGroupDao implements BaseLdapPathAware
|
||||
{
|
||||
private Name basePath;
|
||||
|
||||
public LdapGroupDao() {
|
||||
super();
|
||||
}
|
||||
|
||||
public void setBaseLdapPath(DistinguishedName baseLdapPath) {
|
||||
this.basePath = baseLdapPath;
|
||||
}
|
||||
|
||||
public Name getBasePath() {
|
||||
return basePath;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,20 @@
|
||||
package org.springframework.ldap.itest.support.springsecurity;
|
||||
|
||||
import org.springframework.ldap.itest.LdapGroupDao;
|
||||
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
|
||||
|
||||
/**
|
||||
* @author Mattias Hellborg Arthursson
|
||||
*/
|
||||
public class MethodSecurityExpressionHandler extends DefaultMethodSecurityExpressionHandler {
|
||||
private LdapGroupDao groupDao;
|
||||
|
||||
public LdapGroupDao getGroupDao() {
|
||||
return groupDao;
|
||||
}
|
||||
|
||||
public void setGroupDao(LdapGroupDao groupDao) {
|
||||
this.groupDao = groupDao;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,49 @@
|
||||
/*
|
||||
* Copyright 2005-2010 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.ldap.integration;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.ldap.AbstractLdapTemplateIntegrationTest;
|
||||
import org.springframework.ldap.itest.LdapGroupDao;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
|
||||
/**
|
||||
* Tests for https://jira.springsource.org/browse/LDAP-247.
|
||||
* Thanks to Jürgen Failenschmid for spotting the problem and providing the code for testing this.
|
||||
*
|
||||
* @author Mattias Hellborg Arthursson
|
||||
*/
|
||||
@ContextConfiguration(locations = { "/conf/ldap-247-testContext.xml" })
|
||||
public class JiraLdap247ITest extends AbstractLdapTemplateIntegrationTest {
|
||||
|
||||
@Autowired
|
||||
private LdapGroupDao ldapGroupDao;
|
||||
|
||||
@Test
|
||||
public void verifyThatBasePathIsProperlyPopulated() {
|
||||
assertNotNull(ldapGroupDao);
|
||||
|
||||
// The base path should be automatically populated by BaseLdapPathBeanPostProcessor,
|
||||
// but it doesn't unless it implements Ordered, which caused the assertion below to fail.
|
||||
assertNotNull(
|
||||
"Base path has not been populated by BaseLdapPathBeanPostProcessor",
|
||||
ldapGroupDao.getBasePath());
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,45 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:sec="http://www.springframework.org/schema/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
|
||||
|
||||
<import resource="classpath:/conf/commonTestContext.xml"/>
|
||||
|
||||
<bean id="contextSource"
|
||||
class="org.springframework.ldap.test.TestContextSourceFactoryBean">
|
||||
<property name="defaultPartitionSuffix" value="dc=jayway,dc=se" />
|
||||
<property name="defaultPartitionName" value="jayway" />
|
||||
<property name="principal" value="${userDn}" />
|
||||
<property name="password" value="${password}" />
|
||||
<property name="ldifFile" value="classpath:/setup_data.ldif" />
|
||||
<property name="port" value="1888" />
|
||||
<property name="pooled" value="false" />
|
||||
</bean>
|
||||
|
||||
<sec:ldap-server url="${urls}" />
|
||||
<sec:authentication-manager>
|
||||
<sec:ldap-authentication-provider
|
||||
group-search-filter="member={0}"
|
||||
group-search-base="ou=groups"
|
||||
user-search-base="ou=people"
|
||||
user-search-filter="uid={0}"
|
||||
/>
|
||||
</sec:authentication-manager>
|
||||
|
||||
<bean id="baseLdapPathBeanPostProcessor"
|
||||
class="org.springframework.ldap.core.support.BaseLdapPathBeanPostProcessor"/>
|
||||
|
||||
<!-- This prevents BaseLdapPathBeanPostProcessor from being applied unless it implements Ordered -->
|
||||
|
||||
<sec:global-method-security pre-post-annotations="enabled">
|
||||
<sec:expression-handler ref="accessExpressionHandler"/>
|
||||
</sec:global-method-security>
|
||||
|
||||
<bean id="accessExpressionHandler" class="org.springframework.ldap.itest.support.springsecurity.MethodSecurityExpressionHandler">
|
||||
<property name="groupDao" ref="groupDao"/>
|
||||
</bean>
|
||||
|
||||
<bean id="groupDao" class="org.springframework.ldap.itest.LdapGroupDao"/>
|
||||
</beans>
|
||||
Reference in New Issue
Block a user