SEC-1432: Convert map keys to lower-case in UserMap.setUsers().

Otherwise the lookup on mixed-case fails, since the lookup is performed with a lower-case key.
This commit is contained in:
Luke Taylor
2010-03-05 17:55:29 +00:00
parent 43f0e11106
commit b38b8e55ac
4 changed files with 27 additions and 8 deletions

View File

@@ -72,21 +72,34 @@ public class UserServiceBeanDefinitionParserTests {
Long.parseLong(joe.getPassword());
}
@Test
public void worksWithOpenIDUrlsAsNames() {
setContext(
"<user-service id='service'>" +
" <user name='http://joe.myopenid.com/' authorities='ROLE_A'/>" +
" <user name='https://www.google.com/accounts/o8/id?id=MPtOaenBIk5yzW9n7n9' authorities='ROLE_A'/>" +
"</user-service>");
UserDetailsService userService = (UserDetailsService) appContext.getBean("service");
assertEquals("http://joe.myopenid.com/", userService.loadUserByUsername("http://joe.myopenid.com/").getUsername());
assertEquals("https://www.google.com/accounts/o8/id?id=MPtOaenBIk5yzW9n7n9",
userService.loadUserByUsername("https://www.google.com/accounts/o8/id?id=MPtOaenBIk5yzW9n7n9").getUsername());
}
@Test
public void disabledAndEmbeddedFlagsAreSupported() {
setContext(
"<user-service id='service'>" +
" <user name='joe' password='joespassword' authorities='ROLE_A' locked='true'/>" +
" <user name='bob' password='bobspassword' authorities='ROLE_A' disabled='true'/>" +
" <user name='Bob' password='bobspassword' authorities='ROLE_A' disabled='true'/>" +
"</user-service>");
UserDetailsService userService = (UserDetailsService) appContext.getBean("service");
UserDetails joe = userService.loadUserByUsername("joe");
assertFalse(joe.isAccountNonLocked());
// Check case-sensitive lookup SEC-1432
UserDetails bob = userService.loadUserByUsername("bob");
assertFalse(bob.isEnabled());
}
@Test(expected=FatalBeanException.class)
public void userWithBothPropertiesAndEmbeddedUsersThrowsException() {
setContext(