diff --git a/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java b/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java index f036fcc55e..6e2444a4f5 100644 --- a/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java +++ b/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java @@ -399,8 +399,7 @@ public class AclImplTests { @Test public void gettersAndSettersAreConsistent() throws Exception { - Authentication auth = new TestingAuthenticationToken("ben", "ignored", new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_GENERAL") }); + Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_GENERAL"); auth.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(auth); ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, (100)); diff --git a/acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java b/acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java index 2cde836221..2163602934 100644 --- a/acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java +++ b/acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java @@ -83,16 +83,15 @@ public class AclImplementationSecurityCheckTests { @Test public void testSecurityCheckWithMultipleACEs() throws Exception { // Create a simple authentication with ROLE_GENERAL - Authentication auth = new TestingAuthenticationToken("user", "password", - new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_GENERAL") }); + Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL"); auth.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(auth); ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100)); // Authorization strategy will require a different role for each access - AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] { + AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL") }); + new GrantedAuthorityImpl("ROLE_GENERAL")); // Let's give the principal the ADMINISTRATION permission, without // granting access @@ -172,22 +171,21 @@ public class AclImplementationSecurityCheckTests { @Test public void testSecurityCheckWithInheritableACEs() throws Exception { // Create a simple authentication with ROLE_GENERAL - Authentication auth = new TestingAuthenticationToken("user", "password", - new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_GENERAL") }); + Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL"); auth.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(auth); - ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100)); + ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100); // Authorization strategy will require a different role for each access - AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] { + AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"), - new GrantedAuthorityImpl("ROLE_GENERAL") }); + new GrantedAuthorityImpl("ROLE_GENERAL")); // Let's give the principal an ADMINISTRATION permission, with granting // access - MutableAcl parentAcl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); + MutableAcl parentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger()); parentAcl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true); - MutableAcl childAcl = new AclImpl(identity, new Long(2), aclAuthorizationStrategy, new ConsoleAuditLogger()); + MutableAcl childAcl = new AclImpl(identity, 2, aclAuthorizationStrategy, new ConsoleAuditLogger()); // Check against the 'child' acl, which doesn't offer any authorization // rights on CHANGE_OWNERSHIP @@ -212,9 +210,9 @@ public class AclImplementationSecurityCheckTests { } // Create a root parent and link it to the middle parent - MutableAcl rootParentAcl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, + MutableAcl rootParentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger()); - parentAcl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); + parentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger()); rootParentAcl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true); parentAcl.setEntriesInheriting(true); parentAcl.setParent(rootParentAcl); @@ -231,18 +229,16 @@ public class AclImplementationSecurityCheckTests { @SuppressWarnings("deprecation") @Test public void testSecurityCheckPrincipalOwner() throws Exception { - Authentication auth = new TestingAuthenticationToken("user", "password", new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_ONE"), - new GrantedAuthorityImpl("ROLE_ONE") }); + Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_ONE"); auth.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(auth); - ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100)); - AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] { + ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100); + AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL") }); + new GrantedAuthorityImpl("ROLE_GENERAL")); - Acl acl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger(), null, null, + Acl acl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger(), null, null, false, new PrincipalSid(auth)); try { aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_GENERAL); diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java index e6e73d777c..a77109bbc0 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java @@ -2,22 +2,10 @@ package org.springframework.security.acls.jdbc; import static org.junit.Assert.*; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.ObjectInputStream; -import java.io.ObjectOutputStream; -import java.io.Serializable; -import java.util.Map; - import net.sf.ehcache.Cache; import net.sf.ehcache.CacheManager; import net.sf.ehcache.Ehcache; - -import org.junit.After; -import org.junit.AfterClass; -import org.junit.BeforeClass; -import org.junit.Test; +import org.junit.*; import org.springframework.security.acls.domain.AclAuthorizationStrategy; import org.springframework.security.acls.domain.AclAuthorizationStrategyImpl; import org.springframework.security.acls.domain.AclImpl; @@ -28,11 +16,18 @@ import org.springframework.security.acls.model.MutableAcl; import org.springframework.security.acls.model.ObjectIdentity; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.util.FieldUtils; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.io.Serializable; +import java.util.*; + /** * Tests {@link EhCacheBasedAclCache} * @@ -127,11 +122,11 @@ public class EhCacheBasedAclCacheTests { // SEC-527 @Test public void testDiskSerializationOfMutableAclObjectInstance() throws Exception { - ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100)); - AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] { + ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100)); + AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL") }); - MutableAcl acl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); + new GrantedAuthorityImpl("ROLE_GENERAL")); + MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); // Serialization test File file = File.createTempFile("SEC_TEST", ".object"); @@ -159,11 +154,11 @@ public class EhCacheBasedAclCacheTests { Ehcache cache = getCache(); EhCacheBasedAclCache myCache = new EhCacheBasedAclCache(cache); - ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100)); - AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] { + ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100)); + AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL") }); - MutableAcl acl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); + new GrantedAuthorityImpl("ROLE_GENERAL")); + MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); assertEquals(0, cache.getDiskStoreSize()); myCache.putInCache(acl); @@ -173,29 +168,29 @@ public class EhCacheBasedAclCacheTests { assertFalse(cache.isElementInMemory(acl.getObjectIdentity())); // Check we can get from cache the same objects we put in - assertEquals(myCache.getFromCache(new Long(1)), acl); + assertEquals(myCache.getFromCache(Long.valueOf(1)), acl); assertEquals(myCache.getFromCache(identity), acl); // Put another object in cache - ObjectIdentity identity2 = new ObjectIdentityImpl(TARGET_CLASS, new Long(101)); - MutableAcl acl2 = new AclImpl(identity2, new Long(2), aclAuthorizationStrategy, new ConsoleAuditLogger()); + ObjectIdentity identity2 = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(101)); + MutableAcl acl2 = new AclImpl(identity2, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger()); myCache.putInCache(acl2); assertEquals(cache.getSize(), 4); assertEquals(4, cache.getDiskStoreSize()); // Try to evict an entry that doesn't exist - myCache.evictFromCache(new Long(3)); - myCache.evictFromCache(new ObjectIdentityImpl(TARGET_CLASS, new Long(102))); + myCache.evictFromCache(Long.valueOf(3)); + myCache.evictFromCache(new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(102))); assertEquals(cache.getSize(), 4); assertEquals(4, cache.getDiskStoreSize()); - myCache.evictFromCache(new Long(1)); + myCache.evictFromCache(Long.valueOf(1)); assertEquals(cache.getSize(), 2); assertEquals(2, cache.getDiskStoreSize()); // Check the second object inserted - assertEquals(myCache.getFromCache(new Long(2)), acl2); + assertEquals(myCache.getFromCache(Long.valueOf(2)), acl2); assertEquals(myCache.getFromCache(identity2), acl2); myCache.evictFromCache(identity2); @@ -208,18 +203,17 @@ public class EhCacheBasedAclCacheTests { Ehcache cache = getCache(); EhCacheBasedAclCache myCache = new EhCacheBasedAclCache(cache); - Authentication auth = new TestingAuthenticationToken("user", "password", new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_GENERAL") }); + Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL"); auth.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(auth); - ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(1)); - ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, new Long(2)); - AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] { + ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(1)); + ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(2)); + AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL") }); - MutableAcl acl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); - MutableAcl parentAcl = new AclImpl(identityParent, new Long(2), aclAuthorizationStrategy, new ConsoleAuditLogger()); + new GrantedAuthorityImpl("ROLE_GENERAL")); + MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); + MutableAcl parentAcl = new AclImpl(identityParent, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger()); acl.setParent(parentAcl); @@ -240,7 +234,7 @@ public class EhCacheBasedAclCacheTests { } // Check we can get from cache the same objects we put in - AclImpl aclFromCache = (AclImpl) myCache.getFromCache(new Long(1)); + AclImpl aclFromCache = (AclImpl) myCache.getFromCache(Long.valueOf(1)); // For the checks on transient fields, we need to be sure that the object is being loaded from the cache, // not from the ehcache spool or elsewhere... assertFalse(acl == aclFromCache); @@ -250,7 +244,7 @@ public class EhCacheBasedAclCacheTests { assertNotNull(FieldUtils.getFieldValue(aclFromCache.getParentAcl(), "permissionGrantingStrategy")); assertEquals(acl, myCache.getFromCache(identity)); assertNotNull(FieldUtils.getFieldValue(aclFromCache, "aclAuthorizationStrategy")); - AclImpl parentAclFromCache = (AclImpl) myCache.getFromCache(new Long(2)); + AclImpl parentAclFromCache = (AclImpl) myCache.getFromCache(Long.valueOf(2)); assertEquals(parentAcl, parentAclFromCache); assertNotNull(FieldUtils.getFieldValue(parentAclFromCache, "aclAuthorizationStrategy")); assertEquals(parentAcl, myCache.getFromCache(identityParent)); diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java index 502ab3fa04..e2fd40aefe 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java @@ -256,8 +256,7 @@ public class CasAuthenticationProviderTests { cap.setServiceProperties(makeServiceProperties()); cap.afterPropertiesSet(); - TestingAuthenticationToken token = new TestingAuthenticationToken("user", "password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")}); + TestingAuthenticationToken token = new TestingAuthenticationToken("user", "password", "ROLE_A"); assertFalse(cap.supports(TestingAuthenticationToken.class)); // Try it anyway diff --git a/core/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java b/core/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java index c71fdc45d2..3ad1fec576 100644 --- a/core/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java +++ b/core/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java @@ -38,12 +38,7 @@ public class RunAsUserToken extends AbstractAuthenticationToken { //~ Constructors =================================================================================================== - public RunAsUserToken(String key, Object principal, Object credentials, GrantedAuthority[] authorities, - Class originalAuthentication) { - this(key, principal, credentials, Arrays.asList(authorities), originalAuthentication); - } - - public RunAsUserToken(String key, Object principal, Object credentials, Collection authorities, + public RunAsUserToken(String key, Object principal, Object credentials, Collection authorities, Class originalAuthentication) { super(authorities); this.keyHash = key.hashCode(); diff --git a/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java index 2aa3b84683..fe2f0b476d 100644 --- a/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java +++ b/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java @@ -49,10 +49,6 @@ public class TestingAuthenticationToken extends AbstractAuthenticationToken { setAuthenticated(true); } - public TestingAuthenticationToken(Object principal, Object credentials, GrantedAuthority[] authorities) { - this(principal, credentials, Arrays.asList(authorities)); - } - public TestingAuthenticationToken(Object principal, Object credentials, List authorities) { super(authorities); this.principal = principal; diff --git a/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java index a5f44c3cc1..1acb758c89 100644 --- a/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java @@ -25,6 +25,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.GrantedAuthorityImpl; @@ -32,30 +33,10 @@ import org.springframework.security.core.authority.GrantedAuthorityImpl; * Tests {@link RunAsImplAuthenticationProvider}. */ public class RunAsImplAuthenticationProviderTests extends TestCase { - //~ Constructors =================================================================================================== - - public RunAsImplAuthenticationProviderTests() { - super(); - } - - public RunAsImplAuthenticationProviderTests(String arg0) { - super(arg0); - } - - //~ Methods ======================================================================================================== - - public static void main(String[] args) { - junit.textui.TestRunner.run(RunAsImplAuthenticationProviderTests.class); - } - - public final void setUp() throws Exception { - super.setUp(); - } public void testAuthenticationFailDueToWrongKey() { - RunAsUserToken token = new RunAsUserToken("WRONG_PASSWORD", "Test", "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, - UsernamePasswordAuthenticationToken.class); + RunAsUserToken token = new RunAsUserToken("wrong_key", "Test", "Password", + AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class); RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider(); provider.setKey("hello_world"); @@ -69,8 +50,7 @@ public class RunAsImplAuthenticationProviderTests extends TestCase { public void testAuthenticationSuccess() { RunAsUserToken token = new RunAsUserToken("my_password", "Test", "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, - UsernamePasswordAuthenticationToken.class); + AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class); RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider(); provider.setKey("my_password"); diff --git a/core/src/test/java/org/springframework/security/access/intercept/RunAsUserTokenTests.java b/core/src/test/java/org/springframework/security/access/intercept/RunAsUserTokenTests.java index 9a9841449a..58e233868f 100644 --- a/core/src/test/java/org/springframework/security/access/intercept/RunAsUserTokenTests.java +++ b/core/src/test/java/org/springframework/security/access/intercept/RunAsUserTokenTests.java @@ -16,12 +16,8 @@ package org.springframework.security.access.intercept; import junit.framework.TestCase; - - -import org.springframework.security.access.intercept.RunAsUserToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.AuthorityUtils; /** @@ -30,30 +26,10 @@ import org.springframework.security.core.authority.GrantedAuthorityImpl; * @author Ben Alex */ public class RunAsUserTokenTests extends TestCase { - //~ Constructors =================================================================================================== - - public RunAsUserTokenTests() { - super(); - } - - public RunAsUserTokenTests(String arg0) { - super(arg0); - } - - //~ Methods ======================================================================================================== - - public static void main(String[] args) { - junit.textui.TestRunner.run(RunAsUserTokenTests.class); - } - - public final void setUp() throws Exception { - super.setUp(); - } public void testAuthenticationSetting() { RunAsUserToken token = new RunAsUserToken("my_password", "Test", "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, - UsernamePasswordAuthenticationToken.class); + AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class); assertTrue(token.isAuthenticated()); token.setAuthenticated(false); assertTrue(!token.isAuthenticated()); @@ -61,8 +37,7 @@ public class RunAsUserTokenTests extends TestCase { public void testGetters() { RunAsUserToken token = new RunAsUserToken("my_password", "Test", "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, - UsernamePasswordAuthenticationToken.class); + AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class); assertEquals("Test", token.getPrincipal()); assertEquals("Password", token.getCredentials()); assertEquals("my_password".hashCode(), token.getKeyHash()); @@ -82,8 +57,7 @@ public class RunAsUserTokenTests extends TestCase { public void testToString() { RunAsUserToken token = new RunAsUserToken("my_password", "Test", "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, - UsernamePasswordAuthenticationToken.class); + AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class); assertTrue(token.toString().lastIndexOf("Original Class:") != -1); } } diff --git a/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java b/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java index c4b1b1653b..302b0df264 100644 --- a/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java +++ b/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java @@ -46,7 +46,7 @@ public class ConsensusBasedTests { mgr.setAllowIfEqualGrantedDeniedDecisions(false); assertTrue(!mgr.isAllowIfEqualGrantedDeniedDecisions()); // check changed - List config = SecurityConfig.createList(new String[]{"ROLE_1", "DENY_FOR_SURE"}); + List config = SecurityConfig.createList("ROLE_1", "DENY_FOR_SURE"); mgr.decide(auth, new Object(), config); } @@ -58,7 +58,7 @@ public class ConsensusBasedTests { assertTrue(mgr.isAllowIfEqualGrantedDeniedDecisions()); // check default - List config = SecurityConfig.createList(new String[]{"ROLE_1", "DENY_FOR_SURE"}); + List config = SecurityConfig.createList("ROLE_1", "DENY_FOR_SURE"); mgr.decide(auth, new Object(), config); assertTrue(true); @@ -107,7 +107,7 @@ public class ConsensusBasedTests { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); - mgr.decide(auth, new Object(), SecurityConfig.createList(new String[]{"ROLE_1", "ROLE_2"})); + mgr.decide(auth, new Object(), SecurityConfig.createList("ROLE_1", "ROLE_2")); } private ConsensusBased makeDecisionManager() { @@ -125,8 +125,6 @@ public class ConsensusBasedTests { } private TestingAuthenticationToken makeTestToken() { - return new TestingAuthenticationToken("somebody", "password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_1"), new GrantedAuthorityImpl( - "ROLE_2")}); + return new TestingAuthenticationToken("somebody", "password", "ROLE_1", "ROLE_2"); } } diff --git a/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java index b3ac39db73..7b51c87889 100644 --- a/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java @@ -73,8 +73,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase { AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider(); aap.setKey("qwerty"); - TestingAuthenticationToken token = new TestingAuthenticationToken("user", "password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")}); + TestingAuthenticationToken token = new TestingAuthenticationToken("user", "password", "ROLE_A"); assertFalse(aap.supports(TestingAuthenticationToken.class)); // Try it anyway diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java index 03f854a709..2e53ca72aa 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java @@ -44,10 +44,7 @@ public class AuthorizeTagAttributeTests extends TestCase { protected void setUp() throws Exception { super.setUp(); - currentUser = new TestingAuthenticationToken("abc", "123", - new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_SUPERVISOR"), new GrantedAuthorityImpl("ROLE_RESTRICTED"), - }); + currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED"); SecurityContextHolder.getContext().setAuthentication(currentUser); } diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagCustomGrantedAuthorityTests.java b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagCustomGrantedAuthorityTests.java index 233daf8a31..fa1d65a5d4 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagCustomGrantedAuthorityTests.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagCustomGrantedAuthorityTests.java @@ -15,55 +15,56 @@ package org.springframework.security.taglibs.authz; -import junit.framework.TestCase; - +import static org.junit.Assert.*; +import org.junit.*; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; - import javax.servlet.jsp.JspException; import javax.servlet.jsp.tagext.Tag; +import java.util.*; + /** * * @author Francois Beausoleil */ -public class AuthorizeTagCustomGrantedAuthorityTests extends TestCase { +public class AuthorizeTagCustomGrantedAuthorityTests { //~ Instance fields ================================================================================================ private final JspAuthorizeTag authorizeTag = new JspAuthorizeTag(); - private TestingAuthenticationToken currentUser; //~ Methods ======================================================================================================== - protected void setUp() throws Exception { - super.setUp(); - - currentUser = new TestingAuthenticationToken("abc", "123", - new GrantedAuthority[] {new CustomGrantedAuthority("ROLE_TELLER")}); - - SecurityContextHolder.getContext().setAuthentication(currentUser); + @Before + public void setUp() { + SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", "ROLE_TELLER")); } - protected void tearDown() throws Exception { + @After + public void tearDown() { SecurityContextHolder.clearContext(); } - public void testAllowsRequestWhenCustomAuthorityPresentsCorrectRole() - throws JspException { + @Test + public void testAllowsRequestWhenCustomAuthorityPresentsCorrectRole() throws JspException { authorizeTag.setIfAnyGranted("ROLE_TELLER"); assertEquals("authorized - ROLE_TELLER in both sets", Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag()); } - public void testRejectsRequestWhenCustomAuthorityReturnsNull() - throws JspException { + @Test + public void testRejectsRequestWhenCustomAuthorityReturnsNull() throws JspException { authorizeTag.setIfAnyGranted("ROLE_TELLER"); - SecurityContextHolder.getContext() - .setAuthentication(new TestingAuthenticationToken("abc", "123", - new GrantedAuthority[] {new CustomGrantedAuthority(null)})); + List authorities = new ArrayList(); + authorities.add(new GrantedAuthority() { + public String getAuthority() { + return null; + } + }); + SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", authorities)); try { authorizeTag.doStartTag(); @@ -72,18 +73,4 @@ public class AuthorizeTagCustomGrantedAuthorityTests extends TestCase { assertTrue("expected", true); } } - - //~ Inner Classes ================================================================================================== - - private static class CustomGrantedAuthority implements GrantedAuthority { - private final String authority; - - public CustomGrantedAuthority(String authority) { - this.authority = authority; - } - - public String getAuthority() { - return authority; - } - } } diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java index df34d51b9a..7c66a72a11 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java @@ -47,8 +47,7 @@ public class AuthorizeTagExpressionLanguageTests extends TestCase { }; authorizeTag.setPageContext(pageContext); - currentUser = new TestingAuthenticationToken("abc", "123", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_TELLER"),}); + currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_TELLER"); SecurityContextHolder.getContext().setAuthentication(currentUser); } diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java b/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java index 9889d1c2e9..54f666cd2b 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java @@ -41,10 +41,7 @@ public class AuthzImplAttributeTest extends TestCase { protected void setUp() throws Exception { super.setUp(); - currentUser = new TestingAuthenticationToken("abc", "123", - new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_SUPERVISOR"), new GrantedAuthorityImpl("ROLE_RESTRICTED"), - }); + currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED"); SecurityContextHolder.getContext().setAuthentication(currentUser); } diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java b/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java index 0122ea5809..29021f9741 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java @@ -37,12 +37,7 @@ public class AuthzImplAuthorizeTagTest extends TestCase { //~ Methods ======================================================================================================== protected void setUp() throws Exception { - super.setUp(); - - currentUser = new TestingAuthenticationToken("abc", "123", - new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_SUPERVISOR"), new GrantedAuthorityImpl("ROLE_TELLER"), - }); + currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR", "ROLE_TELLER"); SecurityContextHolder.getContext().setAuthentication(currentUser); } diff --git a/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java index 0ca3f9302e..471763d75f 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java @@ -98,8 +98,7 @@ public class AnonymousAuthenticationFilterTests { public void testOperationWhenAuthenticationExistsInContextHolder() throws Exception { // Put an Authentication object into the SecurityContextHolder - Authentication originalAuth = new TestingAuthenticationToken("user", "password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")}); + Authentication originalAuth = new TestingAuthenticationToken("user", "password", "ROLE_A"); SecurityContextHolder.getContext().setAuthentication(originalAuth); // Setup our filter correctly