LDAP-247: Using Spring Security and Spring LDAP together requires that BaseLdapPathBeanPostProcessor implements interface Ordered

BaseLdapPathBeanPostProcessor now implements Ordered.
Integration test from original issue comments to verify that the change fixes the problem.
This commit is contained in:
Mattias Hellborg Arthursson
2013-07-30 10:14:05 +02:00
parent a874a5c922
commit 895af4a44f
6 changed files with 178 additions and 5 deletions

View File

@@ -20,6 +20,7 @@ import org.springframework.beans.factory.NoSuchBeanDefinitionException;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.core.Ordered;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.util.StringUtils;
@@ -46,7 +47,7 @@ import org.springframework.util.StringUtils;
* @author Mattias Hellborg Arthursson
* @since 1.2
*/
public class BaseLdapPathBeanPostProcessor implements BeanPostProcessor, ApplicationContextAware {
public class BaseLdapPathBeanPostProcessor implements BeanPostProcessor, ApplicationContextAware, Ordered {
private ApplicationContext applicationContext;
@@ -54,7 +55,9 @@ public class BaseLdapPathBeanPostProcessor implements BeanPostProcessor, Applica
private String baseLdapPathSourceName;
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
private int order = Ordered.LOWEST_PRECEDENCE;
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
if (bean instanceof BaseLdapPathAware) {
BaseLdapPathAware baseLdapPathAware = (BaseLdapPathAware) bean;
@@ -87,7 +90,7 @@ public class BaseLdapPathBeanPostProcessor implements BeanPostProcessor, Applica
/*
* (non-Javadoc)
*
* @seeorg.springframework.beans.factory.config.BeanPostProcessor#
* @see org.springframework.beans.factory.config.BeanPostProcessor#
* postProcessAfterInitialization(java.lang.Object, java.lang.String)
*/
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
@@ -123,4 +126,18 @@ public class BaseLdapPathBeanPostProcessor implements BeanPostProcessor, Applica
this.baseLdapPathSourceName = contextSourceName;
}
/**
* Set the order value of this object for sorting purposes.
*
* @param order the order of this instance. Defaults to <code>Ordered.LOWEST_PRECEDENCE</code>.
* @see Ordered
* @since 1.3.2
*/
public void setOrder(int order) {
this.order = order;
}
public int getOrder() {
return order;
}
}

View File

@@ -3,9 +3,18 @@ repositories {
}
apply from: JAVA_SCRIPT
ext.springSecurityVersion='3.0.5.RELEASE'
dependencies {
compile project(":spring-ldap-test"),
project(":spring-ldap-core-tiger")
project(":spring-ldap-core-tiger"),
compile("org.springframework.security:spring-security-core:$springSecurityVersion") {
exclude group: "org.springframework", module: "spring-expression"
exclude group: "org.springframework", module: "spring-core"
exclude group: "org.springframework", module: "spring-context"
exclude group: "org.springframework", module: "spring-tx"
exclude group: "org.springframework", module: "spring-aop"
}
provided "commons-pool:commons-pool:$commonsPoolVersion",
"org.springframework:spring-jdbc:$springVersion",
@@ -13,9 +22,15 @@ dependencies {
testCompile "org.springframework:spring-test:$springVersion",
"org.springframework:spring-aop:$springVersion",
"org.springframework:spring-expression:$springVersion",
"org.hibernate:hibernate:3.2.6.ga",
"aspectj:aspectjrt:1.5.3",
"aspectj:aspectjweaver:1.5.3",
"hsqldb:hsqldb:1.8.0.7",
"junit:junit:$junitVersion"
"junit:junit:$junitVersion",
"org.springframework.security:spring-security-config:$springSecurityVersion"
testCompile("org.springframework.security:spring-security-ldap:$springSecurityVersion") {
exclude group: "org.springframework.ldap", module: "spring-ldap-core"
}
}

View File

@@ -0,0 +1,27 @@
package org.springframework.ldap.itest;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.support.BaseLdapPathAware;
import javax.naming.Name;
/**
*
* @author Mattias Hellborg Arthursson
*/
public class LdapGroupDao implements BaseLdapPathAware
{
private Name basePath;
public LdapGroupDao() {
super();
}
public void setBaseLdapPath(DistinguishedName baseLdapPath) {
this.basePath = baseLdapPath;
}
public Name getBasePath() {
return basePath;
}
}

View File

@@ -0,0 +1,20 @@
package org.springframework.ldap.itest.support.springsecurity;
import org.springframework.ldap.itest.LdapGroupDao;
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
/**
* @author Mattias Hellborg Arthursson
*/
public class MethodSecurityExpressionHandler extends DefaultMethodSecurityExpressionHandler {
private LdapGroupDao groupDao;
public LdapGroupDao getGroupDao() {
return groupDao;
}
public void setGroupDao(LdapGroupDao groupDao) {
this.groupDao = groupDao;
}
}

View File

@@ -0,0 +1,49 @@
/*
* Copyright 2005-2010 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.ldap.integration;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.ldap.AbstractLdapTemplateIntegrationTest;
import org.springframework.ldap.itest.LdapGroupDao;
import org.springframework.test.context.ContextConfiguration;
import static org.junit.Assert.assertNotNull;
/**
* Tests for https://jira.springsource.org/browse/LDAP-247.
* Thanks to Jürgen Failenschmid for spotting the problem and providing the code for testing this.
*
* @author Mattias Hellborg Arthursson
*/
@ContextConfiguration(locations = { "/conf/ldap-247-testContext.xml" })
public class JiraLdap247ITest extends AbstractLdapTemplateIntegrationTest {
@Autowired
private LdapGroupDao ldapGroupDao;
@Test
public void verifyThatBasePathIsProperlyPopulated() {
assertNotNull(ldapGroupDao);
// The base path should be automatically populated by BaseLdapPathBeanPostProcessor,
// but it doesn't unless it implements Ordered, which caused the assertion below to fail.
assertNotNull(
"Base path has not been populated by BaseLdapPathBeanPostProcessor",
ldapGroupDao.getBasePath());
}
}

View File

@@ -0,0 +1,45 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<import resource="classpath:/conf/commonTestContext.xml"/>
<bean id="contextSource"
class="org.springframework.ldap.test.TestContextSourceFactoryBean">
<property name="defaultPartitionSuffix" value="dc=jayway,dc=se" />
<property name="defaultPartitionName" value="jayway" />
<property name="principal" value="${userDn}" />
<property name="password" value="${password}" />
<property name="ldifFile" value="classpath:/setup_data.ldif" />
<property name="port" value="1888" />
<property name="pooled" value="false" />
</bean>
<sec:ldap-server url="${urls}" />
<sec:authentication-manager>
<sec:ldap-authentication-provider
group-search-filter="member={0}"
group-search-base="ou=groups"
user-search-base="ou=people"
user-search-filter="uid={0}"
/>
</sec:authentication-manager>
<bean id="baseLdapPathBeanPostProcessor"
class="org.springframework.ldap.core.support.BaseLdapPathBeanPostProcessor"/>
<!-- This prevents BaseLdapPathBeanPostProcessor from being applied unless it implements Ordered -->
<sec:global-method-security pre-post-annotations="enabled">
<sec:expression-handler ref="accessExpressionHandler"/>
</sec:global-method-security>
<bean id="accessExpressionHandler" class="org.springframework.ldap.itest.support.springsecurity.MethodSecurityExpressionHandler">
<property name="groupDao" ref="groupDao"/>
</bean>
<bean id="groupDao" class="org.springframework.ldap.itest.LdapGroupDao"/>
</beans>