From 992cf44b36a3ebd85e752f847e739f4eb95f319d Mon Sep 17 00:00:00 2001
From: Ben Alex AbstractSecurityInterceptor
+ * is re-called and tidies up correctly.
+ * AbstractSecurityInterceptor via the {@link
+ * #afterInvocation(InterceptorStatusToken)} method.
* RunAsManager replaced the Authentication
@@ -98,17 +106,20 @@ import java.util.Set;
* object to false.
* InterceptorStatusToken which is subsequently re-presented to
+ * the AbstractSecurityInterceptor after the secure object has
+ * been executed. The AbstractSecurityInterceptor will take no
+ * further action when its {@link #afterInvocation(InterceptorStatusToken)} is
+ * called.
* SecurityInterceptorCallback to the
- * method that called {@link AbstractSecurityInterceptor#interceptor(Object,
- * SecurityInterceptorCallback)}. This is almost always a concrete subclass of
- * the AbstractSecurityInterceptor.
+ * Control again returns to the concrete subclass, which will return to the
+ * caller any result or exception that occurred when it proceeded with the
+ * execution of the secure object.
*
- * Throws {@link net.sf.acegisecurity.AcegiSecurityException} and its - * subclasses. - *
- * - * @param object details of a secure object invocation - * @param callback the object that will complete the target secure object - * invocation - * - * @return The value that was returned by the - *SecurityInterceptorCallback
- *
- * @throws Throwable if any error occurs during the
- * SecurityInterceptorCallback
- * @throws IllegalArgumentException if a required argument was missing or
- * invalid
- * @throws AuthenticationCredentialsNotFoundException if the
- * ContextHolder is not populated with a valid
- * SecureContext
- */
- public Object interceptor(Object object,
- SecurityInterceptorCallback callback) throws Throwable {
- if (object == null) {
- throw new IllegalArgumentException("Object was null");
+ protected void afterInvocation(InterceptorStatusToken token) {
+ if (token == null) {
+ return;
}
- if (callback == null) {
- throw new IllegalArgumentException("Callback was null");
+ if (logger.isDebugEnabled()) {
+ logger.debug("Reverting to original Authentication: "
+ + token.getAuthenticated().toString());
+ }
+
+ SecureContext secureContext = (SecureContext) ContextHolder.getContext();
+ secureContext.setAuthentication(token.getAuthenticated());
+ ContextHolder.setContext(secureContext);
+ }
+
+ protected InterceptorStatusToken beforeInvocation(Object object) {
+ if (object == null) {
+ throw new IllegalArgumentException("Object was null");
}
if (!this.obtainObjectDefinitionSource().supports(object.getClass())) {
@@ -294,7 +292,11 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean {
Authentication authenticated = this.authenticationManager
.authenticate(context.getAuthentication());
authenticated.setAuthenticated(true);
- logger.debug("Authenticated: " + authenticated.toString());
+
+ if (logger.isDebugEnabled()) {
+ logger.debug("Authenticated: " + authenticated.toString());
+ }
+
context.setAuthentication(authenticated);
ContextHolder.setContext((Context) context);
@@ -315,31 +317,20 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean {
"RunAsManager did not change Authentication object");
}
- return callback.proceedWithObject(object);
+ return null; // no further work post-invocation
} else {
if (logger.isDebugEnabled()) {
logger.debug("Switching to RunAs Authentication: "
+ runAs.toString());
}
- SecureContext origSecureContext = null;
+ context.setAuthentication(runAs);
+ ContextHolder.setContext((Context) context);
- try {
- origSecureContext = (SecureContext) ContextHolder
- .getContext();
- context.setAuthentication(runAs);
- ContextHolder.setContext((Context) context);
+ InterceptorStatusToken token = new InterceptorStatusToken();
+ token.setAuthenticated(authenticated);
- return callback.proceedWithObject(object);
- } finally {
- if (logger.isDebugEnabled()) {
- logger.debug("Reverting to original Authentication: "
- + authenticated.toString());
- }
-
- origSecureContext.setAuthentication(authenticated);
- ContextHolder.setContext(origSecureContext);
- }
+ return token; // revert to token.Authenticated post-invocation
}
} else {
if (logger.isDebugEnabled()) {
@@ -365,7 +356,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean {
}
}
- return callback.proceedWithObject(object);
+ return null; // no further work post-invocation
}
}
}
diff --git a/core/src/main/java/org/acegisecurity/intercept/InterceptorStatusToken.java b/core/src/main/java/org/acegisecurity/intercept/InterceptorStatusToken.java
new file mode 100644
index 0000000000..0d73384dde
--- /dev/null
+++ b/core/src/main/java/org/acegisecurity/intercept/InterceptorStatusToken.java
@@ -0,0 +1,53 @@
+/* Copyright 2004 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.sf.acegisecurity.intercept;
+
+import net.sf.acegisecurity.Authentication;
+
+
+/**
+ * A return object received by {@link AbstractSecurityInterceptor} subclasses.
+ *
+ *
+ * This class reflects the status of the security interception, so that the
+ * final call to AbstractSecurityInterceptor can tidy up
+ * correctly.
+ *
+ * Whilst this class currently only wraps a single object, it has been modelled
+ * as a class so that future changes to the operation of
+ * AbstractSecurityInterceptor are abstracted from subclasses.
+ *
- * Concrete AbstractSecurityInterceptor subclasses are required to
- * provide a SecurityInterceptorCallback. This is called by the
- * AbstractSecurityInterceptor at the exact time the secure
- * object should have its processing continued. The exact way processing is
- * continued is specific to the type of secure object. For example, it may
- * involve proceeding with a method invocation, servicing a request, or
- * continuing a filter chain.
- *
- * The result from processing the secure object should be returned to the
- * AbstractSecurityInterceptor, which in turn will ultimately
- * return it to the calling class.
- *
MethodDefinitionSource.
@@ -39,26 +44,55 @@ public abstract class AbstractMethodDefinitionSource
public ConfigAttributeDefinition getAttributes(Object object)
throws IllegalArgumentException {
- if ((object == null) || !this.supports(object.getClass())) {
- throw new IllegalArgumentException(
- "Object must be a MethodInvocation");
+ if (object == null) {
+ throw new IllegalArgumentException("Object cannot be null");
}
- return this.lookupAttributes((MethodInvocation) object);
+ if (object instanceof MethodInvocation) {
+ return this.lookupAttributes(((MethodInvocation) object).getMethod());
+ }
+
+ if (object instanceof JoinPoint) {
+ JoinPoint jp = (JoinPoint) object;
+ Class targetClazz = jp.getTarget().getClass();
+ String targetMethodName = jp.getStaticPart().getSignature().getName();
+ Class[] types = ((CodeSignature) jp.getStaticPart().getSignature())
+ .getParameterTypes();
+
+ if (logger.isDebugEnabled()) {
+ logger.debug("Target Class: " + targetClazz);
+ logger.debug("Target Method Name: " + targetMethodName);
+
+ for (int i = 0; i < types.length; i++) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("Target Method Arg #" + i + ": "
+ + types[i]);
+ }
+ }
+ }
+
+ try {
+ return this.lookupAttributes(targetClazz.getMethod(
+ targetMethodName, types));
+ } catch (NoSuchMethodException nsme) {
+ throw new IllegalArgumentException(
+ "Could not obtain target method from JoinPoint: " + jp);
+ }
+ }
+
+ throw new IllegalArgumentException(
+ "Object must be a MethodInvocation or JoinPoint");
}
public boolean supports(Class clazz) {
- if (MethodInvocation.class.isAssignableFrom(clazz)) {
- return true;
- } else {
- return false;
- }
+ return (MethodInvocation.class.isAssignableFrom(clazz)
+ || JoinPoint.class.isAssignableFrom(clazz));
}
/**
* Performs the actual lookup of the relevant
* ConfigAttributeDefinition for the specified
- * MethodInvocation.
+ * Method which is subject of the method invocation.
*
* * Provided so subclasses need only to provide one basic method to properly @@ -67,15 +101,14 @@ public abstract class AbstractMethodDefinitionSource * *
* Returns null if there are no matching attributes for the
- * method invocation.
+ * method.
*
ConfigAttributeDefinition that applies to the
- * specified MethodInvocation
+ * specified Method
*/
- protected abstract ConfigAttributeDefinition lookupAttributes(
- MethodInvocation mi);
+ protected abstract ConfigAttributeDefinition lookupAttributes(Method method);
}
diff --git a/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionAttributes.java b/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionAttributes.java
index 94d37d9155..5f8089d99c 100644
--- a/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionAttributes.java
+++ b/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionAttributes.java
@@ -18,8 +18,6 @@ package net.sf.acegisecurity.intercept.method;
import net.sf.acegisecurity.ConfigAttribute;
import net.sf.acegisecurity.ConfigAttributeDefinition;
-import org.aopalliance.intercept.MethodInvocation;
-
import org.springframework.metadata.Attributes;
import java.lang.reflect.Method;
@@ -85,11 +83,10 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource {
return null;
}
- protected ConfigAttributeDefinition lookupAttributes(
- MethodInvocation invocation) {
+ protected ConfigAttributeDefinition lookupAttributes(Method method) {
ConfigAttributeDefinition definition = new ConfigAttributeDefinition();
- Class interceptedClass = invocation.getMethod().getDeclaringClass();
+ Class interceptedClass = method.getDeclaringClass();
// add the class level attributes for the implementing class
addClassAttributes(definition, interceptedClass);
@@ -98,10 +95,10 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource {
addClassAttributes(definition, interceptedClass.getInterfaces());
// add the method level attributes for the implemented method
- addMethodAttributes(definition, invocation.getMethod());
+ addMethodAttributes(definition, method);
// add the method level attributes for the implemented intreface methods
- addInterfaceMethodAttributes(definition, invocation.getMethod());
+ addInterfaceMethodAttributes(definition, method);
if (definition.size() == 0) {
return null;
diff --git a/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionMap.java b/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionMap.java
index 51e66a1df9..492d350d44 100644
--- a/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionMap.java
+++ b/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionMap.java
@@ -38,9 +38,9 @@ import java.util.Map;
*
*
* For consistency with {@link MethodDefinitionAttributes} as well as support
- * for {@link MethodDefinitionSourceAdvisor}, this implementation will return
- * a ConfigAttributeDefinition containing all configuration
- * attributes defined against:
+ * for MethodDefinitionSourceAdvisor, this implementation will
+ * return a ConfigAttributeDefinition containing all
+ * configuration attributes defined against:
*
*
ObjectDefinitionSource implementations
- * that are designed to perform lookups keyed on
- * MethodInvocations.
+ * that are designed to perform lookups keyed on Methods.
*
* @author Ben Alex
* @version $Id$
diff --git a/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionSourceAdvisor.java b/core/src/main/java/org/acegisecurity/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java
similarity index 96%
rename from core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionSourceAdvisor.java
rename to core/src/main/java/org/acegisecurity/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java
index f347e3dd42..1fd67eb4f8 100644
--- a/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionSourceAdvisor.java
+++ b/core/src/main/java/org/acegisecurity/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java
@@ -13,7 +13,9 @@
* limitations under the License.
*/
-package net.sf.acegisecurity.intercept.method;
+package net.sf.acegisecurity.intercept.method.aopalliance;
+
+import net.sf.acegisecurity.intercept.method.MethodDefinitionSource;
import org.aopalliance.intercept.MethodInvocation;
@@ -46,7 +48,7 @@ import java.lang.reflect.Method;
* * Based on Spring's TransactionAttributeSourceAdvisor. *
- * + * * @author Ben Alex * @version $Id$ */ diff --git a/core/src/main/java/org/acegisecurity/intercept/method/MethodSecurityInterceptor.java b/core/src/main/java/org/acegisecurity/intercept/method/aopalliance/MethodSecurityInterceptor.java similarity index 77% rename from core/src/main/java/org/acegisecurity/intercept/method/MethodSecurityInterceptor.java rename to core/src/main/java/org/acegisecurity/intercept/method/aopalliance/MethodSecurityInterceptor.java index 779ebd4622..f0a4a3ccce 100644 --- a/core/src/main/java/org/acegisecurity/intercept/method/MethodSecurityInterceptor.java +++ b/core/src/main/java/org/acegisecurity/intercept/method/aopalliance/MethodSecurityInterceptor.java @@ -13,22 +13,26 @@ * limitations under the License. */ -package net.sf.acegisecurity.intercept.method; +package net.sf.acegisecurity.intercept.method.aopalliance; import net.sf.acegisecurity.intercept.AbstractSecurityInterceptor; +import net.sf.acegisecurity.intercept.InterceptorStatusToken; import net.sf.acegisecurity.intercept.ObjectDefinitionSource; -import net.sf.acegisecurity.intercept.SecurityInterceptorCallback; +import net.sf.acegisecurity.intercept.method.MethodDefinitionSource; import org.aopalliance.intercept.MethodInterceptor; import org.aopalliance.intercept.MethodInvocation; /** - * Provides security interception of method invocations. + * Provides security interception of AOP Alliance based method invocations. * *
* The ObjectDefinitionSource required by this security
- * interceptor is of type {@link MethodDefinitionSource}.
+ * interceptor is of type {@link MethodDefinitionSource}. This is shared with
+ * the AspectJ based security interceptor
+ * (AspectJSecurityInterceptor), since both work with Java
+ * Methods.
*
@@ -39,7 +43,7 @@ import org.aopalliance.intercept.MethodInvocation; * @version $Id$ */ public class MethodSecurityInterceptor extends AbstractSecurityInterceptor - implements MethodInterceptor, SecurityInterceptorCallback { + implements MethodInterceptor { //~ Instance fields ======================================================== private MethodDefinitionSource objectDefinitionSource; @@ -79,14 +83,19 @@ public class MethodSecurityInterceptor extends AbstractSecurityInterceptor * @throws Throwable if any error occurs */ public Object invoke(MethodInvocation mi) throws Throwable { - return super.interceptor(mi, this); + Object result; + InterceptorStatusToken token = super.beforeInvocation(mi); + + try { + result = mi.proceed(); + } finally { + super.afterInvocation(token); + } + + return result; } public ObjectDefinitionSource obtainObjectDefinitionSource() { return this.objectDefinitionSource; } - - public Object proceedWithObject(Object object) throws Throwable { - return ((MethodInvocation) object).proceed(); - } } diff --git a/core/src/main/java/org/acegisecurity/intercept/method/aopalliance/package.html b/core/src/main/java/org/acegisecurity/intercept/method/aopalliance/package.html new file mode 100644 index 0000000000..fb9e2a88f3 --- /dev/null +++ b/core/src/main/java/org/acegisecurity/intercept/method/aopalliance/package.html @@ -0,0 +1,6 @@ + +
+Enforces security for AOP AllianceMethodInvocations, such as via
+Spring AOP.
+
+
diff --git a/core/src/main/java/org/acegisecurity/intercept/method/package.html b/core/src/main/java/org/acegisecurity/intercept/method/package.html
index 6b7bd51b8b..78719a0b39 100644
--- a/core/src/main/java/org/acegisecurity/intercept/method/package.html
+++ b/core/src/main/java/org/acegisecurity/intercept/method/package.html
@@ -1,6 +1,6 @@
-Enforces security for MethodInvocations, such as via
-Spring AOP.
+Provides support objects for securing Java method invocations
+via different AOP libraries.
diff --git a/core/src/main/java/org/acegisecurity/intercept/web/FilterSecurityInterceptor.java b/core/src/main/java/org/acegisecurity/intercept/web/FilterSecurityInterceptor.java
index 1873cce939..c54b00314a 100644
--- a/core/src/main/java/org/acegisecurity/intercept/web/FilterSecurityInterceptor.java
+++ b/core/src/main/java/org/acegisecurity/intercept/web/FilterSecurityInterceptor.java
@@ -16,8 +16,8 @@
package net.sf.acegisecurity.intercept.web;
import net.sf.acegisecurity.intercept.AbstractSecurityInterceptor;
+import net.sf.acegisecurity.intercept.InterceptorStatusToken;
import net.sf.acegisecurity.intercept.ObjectDefinitionSource;
-import net.sf.acegisecurity.intercept.SecurityInterceptorCallback;
/**
@@ -43,8 +43,7 @@ import net.sf.acegisecurity.intercept.SecurityInterceptorCallback;
* @author Ben Alex
* @version $Id$
*/
-public class FilterSecurityInterceptor extends AbstractSecurityInterceptor
- implements SecurityInterceptorCallback {
+public class FilterSecurityInterceptor extends AbstractSecurityInterceptor {
//~ Instance fields ========================================================
private FilterInvocationDefinitionSource objectDefinitionSource;
@@ -75,17 +74,16 @@ public class FilterSecurityInterceptor extends AbstractSecurityInterceptor
}
public void invoke(FilterInvocation fi) throws Throwable {
- super.interceptor(fi, this);
+ InterceptorStatusToken token = super.beforeInvocation(fi);
+
+ try {
+ fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
+ } finally {
+ super.afterInvocation(token);
+ }
}
public ObjectDefinitionSource obtainObjectDefinitionSource() {
return this.objectDefinitionSource;
}
-
- public Object proceedWithObject(Object object) throws Throwable {
- FilterInvocation fi = (FilterInvocation) object;
- fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
-
- return null;
- }
}
diff --git a/core/src/test/java/org/acegisecurity/intercept/method/MethodDefinitionAttributesTests.java b/core/src/test/java/org/acegisecurity/intercept/method/MethodDefinitionAttributesTests.java
index 4f3ec7b748..31a0eb7a45 100644
--- a/core/src/test/java/org/acegisecurity/intercept/method/MethodDefinitionAttributesTests.java
+++ b/core/src/test/java/org/acegisecurity/intercept/method/MethodDefinitionAttributesTests.java
@@ -246,7 +246,7 @@ public class MethodDefinitionAttributesTests extends TestCase {
"attributes");
p.setProperty(PREFIX + "securityInterceptor.class",
- "net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor");
+ "net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor");
p.setProperty(PREFIX + "securityInterceptor.authenticationManager(ref)",
"authentication");
p.setProperty(PREFIX + "securityInterceptor.accessDecisionManager(ref)",
diff --git a/core/src/test/java/org/acegisecurity/intercept/method/MockMethodDefinitionSource.java b/core/src/test/java/org/acegisecurity/intercept/method/MockMethodDefinitionSource.java
index ef221f05e2..94f824ccdc 100644
--- a/core/src/test/java/org/acegisecurity/intercept/method/MockMethodDefinitionSource.java
+++ b/core/src/test/java/org/acegisecurity/intercept/method/MockMethodDefinitionSource.java
@@ -18,7 +18,7 @@ package net.sf.acegisecurity.intercept.method;
import net.sf.acegisecurity.ConfigAttributeDefinition;
import net.sf.acegisecurity.SecurityConfig;
-import org.aopalliance.intercept.MethodInvocation;
+import java.lang.reflect.Method;
import java.util.Iterator;
import java.util.List;
@@ -82,7 +82,7 @@ public class MockMethodDefinitionSource extends AbstractMethodDefinitionSource {
}
}
- protected ConfigAttributeDefinition lookupAttributes(MethodInvocation mi) {
+ protected ConfigAttributeDefinition lookupAttributes(Method method) {
throw new UnsupportedOperationException("mock method not implemented");
}
}
diff --git a/core/src/test/java/org/acegisecurity/intercept/method/MethodDefinitionSourceAdvisorTests.java b/core/src/test/java/org/acegisecurity/intercept/method/aopalliance/MethodDefinitionSourceAdvisorTests.java
similarity index 94%
rename from core/src/test/java/org/acegisecurity/intercept/method/MethodDefinitionSourceAdvisorTests.java
rename to core/src/test/java/org/acegisecurity/intercept/method/aopalliance/MethodDefinitionSourceAdvisorTests.java
index 4e6154bad9..ad455f128a 100644
--- a/core/src/test/java/org/acegisecurity/intercept/method/MethodDefinitionSourceAdvisorTests.java
+++ b/core/src/test/java/org/acegisecurity/intercept/method/aopalliance/MethodDefinitionSourceAdvisorTests.java
@@ -13,11 +13,13 @@
* limitations under the License.
*/
-package net.sf.acegisecurity.intercept.method;
+package net.sf.acegisecurity.intercept.method.aopalliance;
import junit.framework.TestCase;
import net.sf.acegisecurity.TargetObject;
+import net.sf.acegisecurity.intercept.method.MethodDefinitionMap;
+import net.sf.acegisecurity.intercept.method.MethodDefinitionSourceEditor;
import org.springframework.aop.framework.AopConfigException;
diff --git a/core/src/test/java/org/acegisecurity/intercept/method/MethodSecurityInterceptorTests.java b/core/src/test/java/org/acegisecurity/intercept/method/aopalliance/MethodSecurityInterceptorTests.java
similarity index 93%
rename from core/src/test/java/org/acegisecurity/intercept/method/MethodSecurityInterceptorTests.java
rename to core/src/test/java/org/acegisecurity/intercept/method/aopalliance/MethodSecurityInterceptorTests.java
index e9f048d537..28de5316e5 100644
--- a/core/src/test/java/org/acegisecurity/intercept/method/MethodSecurityInterceptorTests.java
+++ b/core/src/test/java/org/acegisecurity/intercept/method/aopalliance/MethodSecurityInterceptorTests.java
@@ -13,7 +13,7 @@
* limitations under the License.
*/
-package net.sf.acegisecurity.intercept.method;
+package net.sf.acegisecurity.intercept.method.aopalliance;
import junit.framework.TestCase;
@@ -28,21 +28,23 @@ import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.ITargetObject;
import net.sf.acegisecurity.MockAccessDecisionManager;
import net.sf.acegisecurity.MockAuthenticationManager;
+import net.sf.acegisecurity.MockMethodInvocation;
import net.sf.acegisecurity.MockRunAsManager;
import net.sf.acegisecurity.RunAsManager;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.ContextImpl;
import net.sf.acegisecurity.context.SecureContext;
import net.sf.acegisecurity.context.SecureContextImpl;
-import net.sf.acegisecurity.intercept.SecurityInterceptorCallback;
+import net.sf.acegisecurity.intercept.method.AbstractMethodDefinitionSource;
+import net.sf.acegisecurity.intercept.method.MockMethodDefinitionSource;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import net.sf.acegisecurity.runas.RunAsManagerImpl;
-import org.aopalliance.intercept.MethodInvocation;
-
import org.springframework.beans.factory.support.DefaultListableBeanFactory;
import org.springframework.beans.factory.support.PropertiesBeanDefinitionReader;
+import java.lang.reflect.Method;
+
import java.util.Iterator;
import java.util.Properties;
@@ -250,25 +252,13 @@ public class MethodSecurityInterceptorTests extends TestCase {
}
}
- public void testRejectsCallsWhenCallbackIsNull() throws Throwable {
- MethodSecurityInterceptor interceptor = new MethodSecurityInterceptor();
-
- try {
- interceptor.interceptor(new Object(), null);
- fail("Should have thrown IllegalArgumentException");
- } catch (IllegalArgumentException expected) {
- assertEquals("Callback was null", expected.getMessage());
- }
- }
-
public void testRejectsCallsWhenObjectDefinitionSourceDoesNotSupportObject()
throws Throwable {
MethodSecurityInterceptor interceptor = new MethodSecurityInterceptor();
interceptor.setObjectDefinitionSource(new MockObjectDefinitionSourceWhichOnlySupportsStrings());
try {
- interceptor.interceptor(new Integer(1),
- new MockSecurityInterceptorCallback());
+ interceptor.invoke(new MockMethodInvocation());
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(expected.getMessage().startsWith("ObjectDefinitionSource does not support objects of type"));
@@ -279,7 +269,7 @@ public class MethodSecurityInterceptorTests extends TestCase {
MethodSecurityInterceptor interceptor = new MethodSecurityInterceptor();
try {
- interceptor.interceptor(null, new MockSecurityInterceptorCallback());
+ interceptor.invoke(null);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertEquals("Object was null", expected.getMessage());
@@ -420,7 +410,7 @@ public class MethodSecurityInterceptorTests extends TestCase {
"net.sf.acegisecurity.MockRunAsManager");
p.setProperty(PREFIX + "securityInterceptor.class",
- "net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor");
+ "net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor");
p.setProperty(PREFIX + "securityInterceptor.authenticationManager(ref)",
"authentication");
p.setProperty(PREFIX + "securityInterceptor.accessDecisionManager(ref)",
@@ -482,8 +472,7 @@ public class MethodSecurityInterceptorTests extends TestCase {
}
}
- protected ConfigAttributeDefinition lookupAttributes(
- MethodInvocation mi) {
+ protected ConfigAttributeDefinition lookupAttributes(Method method) {
throw new UnsupportedOperationException(
"mock method not implemented");
}
@@ -509,13 +498,4 @@ public class MethodSecurityInterceptorTests extends TestCase {
return true;
}
}
-
- private class MockSecurityInterceptorCallback
- implements SecurityInterceptorCallback {
- public Object proceedWithObject(Object object)
- throws Throwable {
- throw new UnsupportedOperationException(
- "mock method not implemented");
- }
- }
}
diff --git a/samples/attributes/src/applicationContext.xml b/samples/attributes/src/applicationContext.xml
index 643223e8a7..ac61eeaa06 100644
--- a/samples/attributes/src/applicationContext.xml
+++ b/samples/attributes/src/applicationContext.xml
@@ -65,7 +65,7 @@
-