From 74896f217b6cbc5b9b5eebf6487b20a947fa8a82 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Thu, 15 Apr 2010 01:47:29 +0100 Subject: [PATCH] SEC-1459: Generifying AuthenticationUserDetailsService. Now parameterized with . --- .../CasAuthenticationProvider.java | 5 ++-- ...bstractCasAssertionUserDetailsService.java | 15 ++++------ .../CasAuthenticationProviderTests.java | 1 + .../AuthenticationUserDetailsService.java | 4 +-- .../UserDetailsByNameServiceWrapper.java | 4 +-- .../UserDetailsByNameServiceWrapperTests.java | 1 + ...reAuthenticatedAuthenticationProvider.java | 30 +++++++++---------- ...dGrantedAuthoritiesUserDetailsService.java | 5 ++-- ...henticatedAuthenticationProviderTests.java | 7 +++-- ...ngSecurityPropagationInterceptorTests.java | 1 + 10 files changed, 38 insertions(+), 35 deletions(-) diff --git a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationProvider.java b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationProvider.java index 68b82652b5..13bb319c9e 100644 --- a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationProvider.java +++ b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationProvider.java @@ -51,7 +51,7 @@ public class CasAuthenticationProvider implements AuthenticationProvider, Initia //~ Instance fields ================================================================================================ - private AuthenticationUserDetailsService authenticationUserDetailsService; + private AuthenticationUserDetailsService authenticationUserDetailsService; private UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker(); protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); @@ -150,6 +150,7 @@ public class CasAuthenticationProvider implements AuthenticationProvider, Initia } @Deprecated + @SuppressWarnings("unchecked") /** * @deprecated as of 3.0. Use the {@link org.springframework.security.cas.authentication.CasAuthenticationProvider#setAuthenticationUserDetailsService(org.springframework.security.core.userdetails.AuthenticationUserDetailsService)} instead. */ @@ -157,7 +158,7 @@ public class CasAuthenticationProvider implements AuthenticationProvider, Initia this.authenticationUserDetailsService = new UserDetailsByNameServiceWrapper(userDetailsService); } - public void setAuthenticationUserDetailsService(final AuthenticationUserDetailsService authenticationUserDetailsService) { + public void setAuthenticationUserDetailsService(final AuthenticationUserDetailsService authenticationUserDetailsService) { this.authenticationUserDetailsService = authenticationUserDetailsService; } diff --git a/cas/src/main/java/org/springframework/security/cas/userdetails/AbstractCasAssertionUserDetailsService.java b/cas/src/main/java/org/springframework/security/cas/userdetails/AbstractCasAssertionUserDetailsService.java index c62885b104..0e19ef0e7d 100644 --- a/cas/src/main/java/org/springframework/security/cas/userdetails/AbstractCasAssertionUserDetailsService.java +++ b/cas/src/main/java/org/springframework/security/cas/userdetails/AbstractCasAssertionUserDetailsService.java @@ -14,13 +14,10 @@ */ package org.springframework.security.cas.userdetails; +import org.jasig.cas.client.validation.Assertion; +import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken; import org.springframework.security.core.userdetails.AuthenticationUserDetailsService; import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.core.Authentication; -import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken; -import org.springframework.util.Assert; -import org.jasig.cas.client.validation.Assertion; /** * Abstract class for using the provided CAS assertion to construct a new User object. This generally is most @@ -29,11 +26,11 @@ import org.jasig.cas.client.validation.Assertion; * @author Scott Battaglia * @since 3.0 */ -public abstract class AbstractCasAssertionUserDetailsService implements AuthenticationUserDetailsService { +public abstract class AbstractCasAssertionUserDetailsService + implements AuthenticationUserDetailsService { - public final UserDetails loadUserDetails(final Authentication token) throws UsernameNotFoundException { - Assert.isInstanceOf(CasAssertionAuthenticationToken.class, token, "The provided token MUST be an instance of CasAssertionAuthenticationToken.class"); - return loadUserDetails(((CasAssertionAuthenticationToken) token).getAssertion()); + public final UserDetails loadUserDetails(final CasAssertionAuthenticationToken token) { + return loadUserDetails(token.getAssertion()); } /** diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java index 41818e9955..502ab3fa04 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java @@ -47,6 +47,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; * @author Ben Alex * @author Scott Battaglia */ +@SuppressWarnings("unchecked") public class CasAuthenticationProviderTests { //~ Methods ======================================================================================================== diff --git a/core/src/main/java/org/springframework/security/core/userdetails/AuthenticationUserDetailsService.java b/core/src/main/java/org/springframework/security/core/userdetails/AuthenticationUserDetailsService.java index 56d10d9205..db50d586a3 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/AuthenticationUserDetailsService.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/AuthenticationUserDetailsService.java @@ -9,7 +9,7 @@ import org.springframework.security.core.Authentication; * @author Ruud Senden * @since 2.0 */ -public interface AuthenticationUserDetailsService { +public interface AuthenticationUserDetailsService { /** * @@ -19,5 +19,5 @@ public interface AuthenticationUserDetailsService { * if no user details can be found for the given authentication * token */ - UserDetails loadUserDetails(Authentication token) throws UsernameNotFoundException; + UserDetails loadUserDetails(T token) throws UsernameNotFoundException; } diff --git a/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsByNameServiceWrapper.java b/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsByNameServiceWrapper.java index 73b32014cf..6410edd324 100755 --- a/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsByNameServiceWrapper.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsByNameServiceWrapper.java @@ -13,7 +13,7 @@ import org.springframework.util.Assert; * @author Scott Battaglia * @since 2.0 */ -public class UserDetailsByNameServiceWrapper implements AuthenticationUserDetailsService, InitializingBean { +public class UserDetailsByNameServiceWrapper implements AuthenticationUserDetailsService, InitializingBean { private UserDetailsService userDetailsService = null; /** @@ -47,7 +47,7 @@ public class UserDetailsByNameServiceWrapper implements AuthenticationUserDetail * Get the UserDetails object from the wrapped UserDetailsService * implementation */ - public UserDetails loadUserDetails(Authentication authentication) throws UsernameNotFoundException { + public UserDetails loadUserDetails(T authentication) throws UsernameNotFoundException { return this.userDetailsService.loadUserByUsername(authentication.getName()); } diff --git a/core/src/test/java/org/springframework/security/core/userdetails/UserDetailsByNameServiceWrapperTests.java b/core/src/test/java/org/springframework/security/core/userdetails/UserDetailsByNameServiceWrapperTests.java index ad02fdbbf8..a28349ef34 100755 --- a/core/src/test/java/org/springframework/security/core/userdetails/UserDetailsByNameServiceWrapperTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/UserDetailsByNameServiceWrapperTests.java @@ -10,6 +10,7 @@ import org.springframework.security.core.authority.AuthorityUtils; * @author TSARDD * @since 18-okt-2007 */ +@SuppressWarnings("unchecked") public class UserDetailsByNameServiceWrapperTests extends TestCase { public final void testAfterPropertiesSet() { diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProvider.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProvider.java index 46a1096595..d19dc79ad1 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProvider.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProvider.java @@ -31,7 +31,7 @@ import org.springframework.util.Assert; public class PreAuthenticatedAuthenticationProvider implements AuthenticationProvider, InitializingBean, Ordered { private static final Log logger = LogFactory.getLog(PreAuthenticatedAuthenticationProvider.class); - private AuthenticationUserDetailsService preAuthenticatedUserDetailsService = null; + private AuthenticationUserDetailsService preAuthenticatedUserDetailsService = null; private UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker(); private boolean throwExceptionWhenTokenRejected = false; @@ -77,7 +77,7 @@ public class PreAuthenticatedAuthenticationProvider implements AuthenticationPro return null; } - UserDetails ud = preAuthenticatedUserDetailsService.loadUserDetails(authentication); + UserDetails ud = preAuthenticatedUserDetailsService.loadUserDetails((PreAuthenticatedAuthenticationToken)authentication); userDetailsChecker.check(ud); @@ -91,25 +91,17 @@ public class PreAuthenticatedAuthenticationProvider implements AuthenticationPro /** * Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes. */ - public boolean supports(Class authentication) { + public final boolean supports(Class authentication) { return PreAuthenticatedAuthenticationToken.class.isAssignableFrom(authentication); } /** - * Set the AuthenticatedUserDetailsServices to be used. + * Set the AuthenticatedUserDetailsService to be used to load the {@code UserDetails} for the authenticated user. * - * @param aPreAuthenticatedUserDetailsService + * @param uds */ - public void setPreAuthenticatedUserDetailsService(AuthenticationUserDetailsService aPreAuthenticatedUserDetailsService) { - this.preAuthenticatedUserDetailsService = aPreAuthenticatedUserDetailsService; - } - - public int getOrder() { - return order; - } - - public void setOrder(int i) { - order = i; + public void setPreAuthenticatedUserDetailsService(AuthenticationUserDetailsService uds) { + this.preAuthenticatedUserDetailsService = uds; } /** @@ -130,4 +122,12 @@ public class PreAuthenticatedAuthenticationProvider implements AuthenticationPro Assert.notNull(userDetailsChecker, "userDetailsChacker cannot be null"); this.userDetailsChecker = userDetailsChecker; } + + public int getOrder() { + return order; + } + + public void setOrder(int i) { + order = i; + } } diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java index b4e66adf5d..d754a5760b 100755 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java @@ -30,14 +30,15 @@ import org.springframework.util.Assert; * @author Ruud Senden * @since 2.0 */ -public class PreAuthenticatedGrantedAuthoritiesUserDetailsService implements AuthenticationUserDetailsService { +public class PreAuthenticatedGrantedAuthoritiesUserDetailsService + implements AuthenticationUserDetailsService { /** * Get a UserDetails object based on the user name contained in the given * token, and the GrantedAuthorities as returned by the * GrantedAuthoritiesContainer implementation as returned by * the token.getDetails() method. */ - public final UserDetails loadUserDetails(Authentication token) throws AuthenticationException { + public final UserDetails loadUserDetails(PreAuthenticatedAuthenticationToken token) throws AuthenticationException { Assert.notNull(token.getDetails()); Assert.isInstanceOf(GrantedAuthoritiesContainer.class, token.getDetails()); List authorities = ((GrantedAuthoritiesContainer) token.getDetails()).getGrantedAuthorities(); diff --git a/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProviderTests.java b/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProviderTests.java index 6843acf778..8b66359045 100755 --- a/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProviderTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProviderTests.java @@ -104,9 +104,10 @@ public class PreAuthenticatedAuthenticationProviderTests { return result; } - private AuthenticationUserDetailsService getPreAuthenticatedUserDetailsService(final UserDetails aUserDetails) { - return new AuthenticationUserDetailsService() { - public UserDetails loadUserDetails(Authentication token) throws UsernameNotFoundException { + private AuthenticationUserDetailsService + getPreAuthenticatedUserDetailsService(final UserDetails aUserDetails) { + return new AuthenticationUserDetailsService() { + public UserDetails loadUserDetails(PreAuthenticatedAuthenticationToken token) throws UsernameNotFoundException { if (aUserDetails != null && aUserDetails.getUsername().equals(token.getName())) { return aUserDetails; } diff --git a/web/src/test/java/org/springframework/security/web/authentication/preauth/websphere/WebSphere2SpringSecurityPropagationInterceptorTests.java b/web/src/test/java/org/springframework/security/web/authentication/preauth/websphere/WebSphere2SpringSecurityPropagationInterceptorTests.java index 4963b52d4e..6bf0b0a7dd 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/preauth/websphere/WebSphere2SpringSecurityPropagationInterceptorTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/preauth/websphere/WebSphere2SpringSecurityPropagationInterceptorTests.java @@ -31,6 +31,7 @@ public class WebSphere2SpringSecurityPropagationInterceptorTests { } /** SEC-1078 */ + @SuppressWarnings("unchecked") @Test public void createdAuthenticationTokenIsAcceptableToPreauthProvider () throws Throwable { WASUsernameAndGroupsExtractor helper = mock(WASUsernameAndGroupsExtractor.class);