SEC-1126: separated out spring-security-config module containing namespace configuration classes and resources

config/pom.xml

@@ -0,0 +1,92 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.springframework.security</groupId>
+        <artifactId>spring-security-parent</artifactId>
+        <version>2.5.0-SNAPSHOT</version>
+    </parent>
+    <packaging>jar</packaging>
+    <artifactId>spring-security-config</artifactId>
+    <name>Spring Security - Namespace Configuration Module</name>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>commons-logging</groupId>
+            <artifactId>commons-logging</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core</artifactId>
+            <version>${project.version}</version>
+            <classifier>tests</classifier>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-ldap</artifactId>
+            <version>${project.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>org.springframework.jdbc</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>org.springframework.web</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-core</artifactId>
+            <version>1.0.2</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-server-jndi</artifactId>
+            <version>1.0.2</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.mina</groupId>
+            <artifactId>mina-core</artifactId>
+            <version>1.0.5</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
+            <version>1.4.3</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>hsqldb</groupId>
+            <artifactId>hsqldb</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>cglib</groupId>
+            <artifactId>cglib-nodep</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.tomcat</groupId>
+            <artifactId>annotations-api</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>org.springframework.test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>servlet-api</artifactId>
+        </dependency>
+    </dependencies>
+
+</project>

ldap/src/main/java/org/springframework/security/config/ldap/ContextSourceSettingPostProcessor.java → config/src/main/java/org/springframework/security/config/ContextSourceSettingPostProcessor.java

@@ -1,13 +1,10 @@
-package org.springframework.security.config.ldap;
+package org.springframework.security.config;
 
 import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
 import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
 import org.springframework.core.Ordered;
-import org.springframework.ldap.core.support.BaseLdapPathContextSource;
-import org.springframework.security.config.BeanIds;
-import org.springframework.security.config.Elements;
-import org.springframework.security.config.SecurityConfigurationException;
+import org.springframework.util.ClassUtils;
 
 /**
  * Checks for the presence of a ContextSource instance. Also supplies the standard reference to any
@@ -19,12 +16,26 @@ import org.springframework.security.config.SecurityConfigurationException;
  * @version $Id$
  * @since 2.5
  */
-public class ContextSourceSettingPostProcessor implements BeanFactoryPostProcessor, Ordered {
+class ContextSourceSettingPostProcessor implements BeanFactoryPostProcessor, Ordered {
+    private static final String REQUIRED_CONTEXT_SOURCE_CLASS_NAME = "org.springframework.ldap.core.support.BaseLdapPathContextSource";
+
     /** If set to true, a bean parser has indicated that the default context source name needs to be set */
     private boolean defaultNameRequired;
 
+
     public void postProcessBeanFactory(ConfigurableListableBeanFactory bf) throws BeansException {
-        String[] sources = bf.getBeanNamesForType(BaseLdapPathContextSource.class);
+        Class<?> contextSourceClass;
+
+        try {
+            contextSourceClass = ClassUtils.forName(REQUIRED_CONTEXT_SOURCE_CLASS_NAME);
+        } catch (ClassNotFoundException e) {
+            throw new SecurityConfigurationException("Couldn't locate: " + REQUIRED_CONTEXT_SOURCE_CLASS_NAME + ". " +
+                    " If you are using LDAP with Spring Security, please ensure that you include the spring-ldap " +
+                    "jar file in your application", e);
+        }
+
+        String[] sources = bf.getBeanNamesForType(contextSourceClass);
+
 
         if (sources.length == 0) {
             throw new SecurityConfigurationException("No BaseLdapPathContextSource instances found. Have you " +

core/src/main/java/org/springframework/security/config/LdapServerBeanDefinitionParser.java → config/src/main/java/org/springframework/security/config/LdapServerBeanDefinitionParser.java

@@ -148,7 +148,7 @@ public class LdapServerBeanDefinitionParser implements BeanDefinitionParser {
         contextSource.addPropertyValue("userDn", "uid=admin,ou=system");
         contextSource.addPropertyValue("password", "secret");
 
-        RootBeanDefinition apacheContainer = new RootBeanDefinition("org.springframework.security.config.ldap.ApacheDSContainer", null, null);
+        RootBeanDefinition apacheContainer = new RootBeanDefinition("org.springframework.security.ldap.server.ApacheDSContainer", null, null);
         apacheContainer.setSource(source);
         apacheContainer.getConstructorArgumentValues().addGenericArgumentValue(configuration.getBeanDefinition());
         apacheContainer.getConstructorArgumentValues().addGenericArgumentValue(contextSource.getBeanDefinition());

core/src/main/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParser.java → config/src/main/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParser.java

@@ -104,7 +104,7 @@ public class LdapUserServiceBeanDefinitionParser extends AbstractUserDetailsServ
             return;
         }
 
-        BeanDefinitionBuilder bdb = BeanDefinitionBuilder.rootBeanDefinition("org.springframework.security.config.ldap.ContextSourceSettingPostProcessor");
+        BeanDefinitionBuilder bdb = BeanDefinitionBuilder.rootBeanDefinition("org.springframework.security.config.ContextSourceSettingPostProcessor");
         bdb.addPropertyValue("defaultNameRequired", Boolean.valueOf(defaultNameRequired));
         registry.registerBeanDefinition(BeanIds.CONTEXT_SOURCE_SETTING_POST_PROCESSOR, bdb.getBeanDefinition());
     }

core/src/main/java/org/springframework/security/util/InMemoryXmlApplicationContext.java → config/src/main/java/org/springframework/security/config/util/InMemoryXmlApplicationContext.java

@@ -1,7 +1,8 @@
-package org.springframework.security.util;
+package org.springframework.security.config.util;
 
 import org.springframework.context.support.AbstractXmlApplicationContext;
 import org.springframework.core.io.Resource;
+import org.springframework.security.util.InMemoryResource;
 
 /**
  * @author Luke Taylor

core/src/test/java/org/springframework/security/config/AuthenticationProviderBeanDefinitionParserTests.java → config/src/test/java/org/springframework/security/config/AuthenticationProviderBeanDefinitionParserTests.java

@@ -2,12 +2,12 @@ package org.springframework.security.config;
 
 import static org.junit.Assert.*;
 
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.providers.ProviderManager;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.security.providers.AuthenticationProvider;
 import org.springframework.security.providers.encoding.ShaPasswordEncoder;
 import org.springframework.security.util.FieldUtils;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 import org.springframework.context.support.AbstractXmlApplicationContext;
 
 import org.junit.Test;

core/src/test/java/org/springframework/security/config/CustomAfterInvocationProviderBeanDefinitionDecoratorTests.java → config/src/test/java/org/springframework/security/config/CustomAfterInvocationProviderBeanDefinitionDecoratorTests.java

@@ -6,8 +6,8 @@ import org.junit.After;
 import org.junit.Test;
 import org.springframework.context.support.AbstractXmlApplicationContext;
 import org.springframework.security.afterinvocation.AfterInvocationProviderManager;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 public class CustomAfterInvocationProviderBeanDefinitionDecoratorTests {
     private AbstractXmlApplicationContext appContext;

core/src/test/java/org/springframework/security/config/CustomAuthenticationProviderBeanDefinitionDecoratorTests.java → config/src/test/java/org/springframework/security/config/CustomAuthenticationProviderBeanDefinitionDecoratorTests.java

@@ -3,8 +3,8 @@ package org.springframework.security.config;
 import static org.junit.Assert.*;
 
 import org.junit.Test;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.providers.ProviderManager;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 
 public class CustomAuthenticationProviderBeanDefinitionDecoratorTests {

core/src/test/java/org/springframework/security/config/FilterInvocationDefinitionSourceParserTests.java → config/src/test/java/org/springframework/security/config/FilterInvocationDefinitionSourceParserTests.java

@@ -12,9 +12,9 @@ import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.security.ConfigAttribute;
 import org.springframework.security.SecurityConfig;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.intercept.web.DefaultFilterInvocationSecurityMetadataSource;
 import org.springframework.security.intercept.web.FilterInvocation;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 /**
  *

core/src/test/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParserTests.java → config/src/test/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParserTests.java

@@ -14,6 +14,7 @@ import org.springframework.security.AccessDeniedException;
 import org.springframework.security.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.afterinvocation.AfterInvocationProviderManager;
 import org.springframework.security.annotation.BusinessService;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.expression.method.MethodExpressionAfterInvocationProvider;
 import org.springframework.security.expression.method.MethodExpressionVoter;
@@ -22,7 +23,6 @@ import org.springframework.security.providers.UsernamePasswordAuthenticationToke
 import org.springframework.security.userdetails.UserDetailsService;
 import org.springframework.security.util.AuthorityUtils;
 import org.springframework.security.util.FieldUtils;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 import org.springframework.security.vote.AffirmativeBased;
 
 /**

core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java → config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java

@@ -25,6 +25,7 @@ import org.springframework.security.SecurityConfig;
 import org.springframework.security.concurrent.ConcurrentLoginException;
 import org.springframework.security.concurrent.ConcurrentSessionControllerImpl;
 import org.springframework.security.concurrent.ConcurrentSessionFilter;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.context.HttpSessionSecurityContextRepository;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.context.SecurityContextPersistenceFilter;
@@ -49,7 +50,6 @@ import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
 import org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter;
 import org.springframework.security.util.FieldUtils;
 import org.springframework.security.util.FilterChainProxy;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 import org.springframework.security.util.MockFilter;
 import org.springframework.security.util.PortMapperImpl;
 import org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter;

core/src/test/java/org/springframework/security/config/InvalidConfigurationTests.java → config/src/test/java/org/springframework/security/config/InvalidConfigurationTests.java

@@ -3,7 +3,7 @@ package org.springframework.security.config;
 import org.junit.After;
 import org.junit.Test;
 import org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 
 /**
  * Tests which make sure invalid configurations are rejected by the namespace. In particular invalid top-level 

core/src/test/java/org/springframework/security/config/JdbcUserServiceBeanDefinitionParserTests.java → config/src/test/java/org/springframework/security/config/JdbcUserServiceBeanDefinitionParserTests.java

@@ -5,6 +5,7 @@ import static org.junit.Assert.*;
 import org.junit.After;
 import org.junit.Test;
 import org.springframework.security.AuthenticationManager;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.providers.ProviderManager;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.security.providers.dao.DaoAuthenticationProvider;
@@ -12,7 +13,6 @@ import org.springframework.security.userdetails.UserDetails;
 import org.springframework.security.userdetails.jdbc.JdbcUserDetailsManager;
 import org.springframework.security.util.AuthorityUtils;
 import org.springframework.security.util.FieldUtils;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 /**
  * @author Ben Alex

core/src/test/java/org/springframework/security/config/Jsr250AnnotationDrivenBeanDefinitionParserTests.java → config/src/test/java/org/springframework/security/config/Jsr250AnnotationDrivenBeanDefinitionParserTests.java

@@ -6,10 +6,10 @@ import org.junit.Test;
 import org.springframework.security.AccessDeniedException;
 import org.springframework.security.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.annotation.BusinessService;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.security.util.AuthorityUtils;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 /**
  * @author Luke Taylor

ldap/src/test/java/org/springframework/security/LdapProviderBeanDefinitionParserTests.java → config/src/test/java/org/springframework/security/config/LdapProviderBeanDefinitionParserTests.java

@@ -1,4 +1,4 @@
-package org.springframework.security;
+package org.springframework.security.config;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
@@ -8,13 +8,13 @@ import org.junit.Test;
 import org.springframework.security.Authentication;
 import org.springframework.security.config.BeanIds;
 import org.springframework.security.config.SecurityConfigurationException;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.providers.ProviderManager;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.security.providers.ldap.LdapAuthenticationProvider;
 import org.springframework.security.userdetails.ldap.InetOrgPersonContextMapper;
 import org.springframework.security.userdetails.ldap.LdapUserDetailsImpl;
 import org.springframework.security.util.FieldUtils;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 
 /**

ldap/src/test/java/org/springframework/security/LdapServerBeanDefinitionParserTests.java → config/src/test/java/org/springframework/security/config/LdapServerBeanDefinitionParserTests.java

@@ -1,11 +1,11 @@
-package org.springframework.security;
+package org.springframework.security.config;
 
 import org.junit.After;
 import org.junit.Test;
 import org.springframework.ldap.core.LdapTemplate;
 import org.springframework.security.config.BeanIds;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 /**
  * @author Luke Taylor

ldap/src/test/java/org/springframework/security/LdapUserServiceBeanDefinitionParserTests.java → config/src/test/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParserTests.java

@@ -1,10 +1,10 @@
-package org.springframework.security;
+package org.springframework.security.config;
 
 import java.util.Set;
 
 import org.springframework.security.GrantedAuthorityImpl;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.util.AuthorityUtils;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 import org.springframework.security.userdetails.UserDetailsService;
 import org.springframework.security.userdetails.UserDetails;
 import org.springframework.security.userdetails.ldap.InetOrgPerson;

core/src/test/java/org/springframework/security/config/SecuredAnnotationDrivenBeanDefinitionParserTests.java → config/src/test/java/org/springframework/security/config/SecuredAnnotationDrivenBeanDefinitionParserTests.java

@@ -6,10 +6,10 @@ import org.junit.Test;
 import org.springframework.security.AccessDeniedException;
 import org.springframework.security.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.annotation.BusinessService;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.security.util.AuthorityUtils;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 /**
  * @author Ben Alex

core/src/test/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessorTests.java → config/src/test/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessorTests.java

@@ -8,8 +8,8 @@ import org.springframework.context.support.AbstractXmlApplicationContext;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.concurrent.ConcurrentSessionController;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.util.FieldUtils;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 /**
  *

core/src/test/java/org/springframework/security/config/UserServiceBeanDefinitionParserTests.java → config/src/test/java/org/springframework/security/config/UserServiceBeanDefinitionParserTests.java

@@ -2,7 +2,7 @@ package org.springframework.security.config;
 
 import static org.junit.Assert.*;
 
-import org.springframework.security.util.InMemoryXmlApplicationContext;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.userdetails.UserDetails;
 import org.springframework.security.userdetails.UserDetailsService;
 import org.springframework.context.support.AbstractXmlApplicationContext;

core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java → config/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java

@@ -6,8 +6,8 @@ import org.junit.Test;
 import org.springframework.context.support.AbstractXmlApplicationContext;
 import org.springframework.security.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.ITargetObject;
+import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 /**
  * Tests for SEC-428.

core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java → config/src/test/java/org/springframework/security/util/FilterChainProxyConfigTests.java

@@ -39,7 +39,7 @@ import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
  * @author Ben Alex
  * @version $Id$
  */
-public class FilterChainProxyTests {
+public class FilterChainProxyConfigTests {
     private ClassPathXmlApplicationContext appCtx;
 
     //~ Methods ========================================================================================================

core/src/test/resources/org/springframework/security/util/filtertest-valid.xml → config/src/test/resources/org/springframework/security/util/filtertest-valid.xml

@@ -16,7 +16,7 @@
  * limitations under the License.
  *
  *
- * $Id$
+ * $Id: filtertest-valid.xml 3497 2008-12-20 00:16:49Z ltaylor $
 -->
 <beans default-lazy-init="true" xmlns="http://www.springframework.org/schema/beans"
     xmlns:sec="http://www.springframework.org/schema/security"

config/src/test/resources/test-server.ldif

@@ -0,0 +1,82 @@
+dn: ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: groups
+
+dn: ou=subgroups,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: subgroups
+
+dn: ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: people
+
+dn: ou=otherpeople,dc=springframework,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: otherpeople
+
+dn: uid=ben,ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: Ben Alex
+sn: Alex
+uid: ben
+userPassword: {SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ=
+
+dn: uid=bob,ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: Bob Hamilton
+sn: Hamilton
+uid: bob
+userPassword: bobspassword
+
+dn: uid=joe,ou=otherpeople,dc=springframework,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: Joe Smeth
+sn: Smeth
+uid: joe
+userPassword: joespassword
+
+dn: cn=mouse\, jerry,ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: Mouse, Jerry
+sn: Mouse
+uid: jerry
+userPassword: jerryspassword
+
+dn: cn=developers,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: groupOfNames
+cn: developers
+ou: developer
+member: uid=ben,ou=people,dc=springframework,dc=org
+member: uid=bob,ou=people,dc=springframework,dc=org
+
+dn: cn=managers,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: groupOfNames
+cn: managers
+ou: manager
+member: uid=ben,ou=people,dc=springframework,dc=org
+member: cn=mouse\, jerry,ou=people,dc=springframework,dc=org
+
+dn: cn=submanagers,ou=subgroups,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: groupOfNames
+cn: submanagers
+ou: submanager
+member: uid=ben,ou=people,dc=springframework,dc=org

core/pom.xml

@@ -95,12 +95,10 @@
         <dependency>
             <groupId>javax.servlet</groupId>
             <artifactId>servlet-api</artifactId>
-            <optional>true</optional>
         </dependency>
         <dependency>
             <groupId>org.apache.tomcat</groupId>
             <artifactId>annotations-api</artifactId>
-            <version>6.0.14</version>
             <optional>true</optional>
         </dependency>
 <!--

core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodSecurityMetadataSource.java

@@ -12,7 +12,6 @@ import org.springframework.expression.ExpressionParser;
 import org.springframework.expression.ParseException;
 import org.springframework.expression.spel.antlr.SpelAntlrExpressionParser;
 import org.springframework.security.ConfigAttribute;
-import org.springframework.security.config.SecurityConfigurationException;
 import org.springframework.security.expression.SecurityExpressionHandler;
 import org.springframework.security.expression.annotation.PostAuthorize;
 import org.springframework.security.expression.annotation.PostFilter;
@@ -144,7 +143,7 @@ public class ExpressionAnnotationMethodSecurityMetadataSource extends AbstractMe
                 post = new PostInvocationExpressionAttribute(postFilterExpression, postAuthorizeExpression);
             }
         } catch (ParseException e) {
-            throw new SecurityConfigurationException("Failed to parse expression '" + e.getExpressionString() + "'", e);
+            throw new IllegalArgumentException("Failed to parse expression '" + e.getExpressionString() + "'", e);
         }
 
         List<ConfigAttribute> attrs = new ArrayList<ConfigAttribute>(2);

core/src/test/java/org/springframework/security/SpringSecurityMessageSourceTests.java

@@ -27,15 +27,6 @@ import java.util.Locale;
  * Tests {@link org.springframework.security.SpringSecurityMessageSource}.
  */
 public class SpringSecurityMessageSourceTests extends TestCase {
-    //~ Constructors ===================================================================================================
-
-    public SpringSecurityMessageSourceTests() {
-    }
-
-    public SpringSecurityMessageSourceTests(String arg0) {
-        super(arg0);
-    }
-
     //~ Methods ========================================================================================================
 
     public void testOperation() {

itest/pom.xml

@@ -60,6 +60,17 @@
                 </exclusion>
             </exclusions>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-config</artifactId>
+            <version>${project.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-security-core</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
         <dependency>
             <groupId>org.apache.directory.server</groupId>
             <artifactId>apacheds-core</artifactId>

ldap/src/main/java/org/springframework/security/config/ldap/ApacheDSContainer.java → ldap/src/main/java/org/springframework/security/ldap/server/ApacheDSContainer.java

@@ -1,4 +1,4 @@
-package org.springframework.security.config.ldap;
+package org.springframework.security.ldap.server;
 
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.DisposableBean;
@@ -7,8 +7,8 @@ import org.springframework.context.ApplicationContextAware;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.Lifecycle;
 import org.springframework.core.io.Resource;
+import org.springframework.core.io.support.PathMatchingResourcePatternResolver;
 import org.springframework.ldap.core.ContextSource;
-import org.springframework.security.config.LdapServerBeanDefinitionParser;
 import org.springframework.util.Assert;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -39,12 +39,14 @@ import java.io.IOException;
  * repeatedly loading an application context during testing), it's important that the
  * application context is closed to allow the bean to be disposed of and the server shutdown
  * prior to attempting to start it again.
- * </p>
+ * <p>
+ * This class is intended for testing and internal security namespace use and is not considered part of
+ * framework public API.
  *
  * @author Luke Taylor
  * @version $Id$
  */
-class ApacheDSContainer implements InitializingBean, DisposableBean, Lifecycle, ApplicationContextAware {
+public class ApacheDSContainer implements InitializingBean, DisposableBean, Lifecycle, ApplicationContextAware {
     private Log logger = LogFactory.getLog(getClass());
 
     private MutableServerStartupConfiguration configuration;
@@ -152,7 +154,14 @@ class ApacheDSContainer implements InitializingBean, DisposableBean, Lifecycle,
 
     private void importLdifs() throws IOException, NamingException {
         // Import any ldif files
-        Resource[] ldifs = ctxt.getResources(ldifResources);
+        Resource[] ldifs;
+
+        if (ctxt == null) {
+            // Not running within an app context
+            ldifs = new PathMatchingResourcePatternResolver().getResources(ldifResources);
+        } else {
+            ldifs = ctxt.getResources(ldifResources);
+        }
 
         // Note that we can't just import using the ServerContext returned
         // from starting Apace DS, apparently because of the long-running issue DIRSERVER-169.

ldap/src/test/java/org/springframework/security/ldap/AbstractLdapIntegrationTests.java

@@ -14,15 +14,24 @@
  */
 package org.springframework.security.ldap;
 
+import java.util.HashSet;
+import java.util.Set;
+
 import javax.naming.Binding;
 import javax.naming.ContextNotEmptyException;
 import javax.naming.Name;
 import javax.naming.NameNotFoundException;
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
 import javax.naming.directory.DirContext;
 
+import org.apache.directory.server.configuration.MutableServerStartupConfiguration;
 import org.apache.directory.server.core.DirectoryService;
+import org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration;
 import org.apache.directory.server.protocol.shared.store.LdifFileLoader;
 import org.junit.After;
 import org.junit.AfterClass;
@@ -31,8 +40,7 @@ import org.junit.BeforeClass;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.ldap.core.DistinguishedName;
 import org.springframework.ldap.core.support.BaseLdapPathContextSource;
-import org.springframework.security.config.BeanIds;
-import org.springframework.security.util.InMemoryXmlApplicationContext;
+import org.springframework.security.ldap.server.ApacheDSContainer;
 
 /**
  * Based on class borrowed from Spring Ldap project.
@@ -41,22 +49,48 @@ import org.springframework.security.util.InMemoryXmlApplicationContext;
  * @version $Id$
  */
 public abstract class AbstractLdapIntegrationTests {
-    private static InMemoryXmlApplicationContext appContext;
+//    private static InMemoryXmlApplicationContext appContext;
+    private static ApacheDSContainer server;
+    private static BaseLdapPathContextSource contextSource;
 
     protected AbstractLdapIntegrationTests() {
     }
 
     @BeforeClass
-    public static void loadContext() throws NamingException {
+    public static void startServer() throws Exception {
         shutdownRunningServers();
-        appContext = new InMemoryXmlApplicationContext("<ldap-server port='53389' ldif='classpath:test-server.ldif'/>");
-
+        MutableBTreePartitionConfiguration partition =  new MutableBTreePartitionConfiguration();
+        partition.setName("springsecurity");
+
+        Attributes rootAttributes = new BasicAttributes("dc", "springsecurity");
+        Attribute a = new BasicAttribute("objectClass");
+        a.add("top");
+        a.add("domain");
+        a.add("extensibleObject");
+        rootAttributes.put(a);
+
+        partition.setContextEntry(rootAttributes);
+        partition.setSuffix("dc=springframework,dc=org");
+
+        Set partitions = new HashSet();
+        partitions.add(partition);
+
+        MutableServerStartupConfiguration cfg = new MutableServerStartupConfiguration();
+        cfg.setLdapPort(53389);
+        cfg.setShutdownHookEnabled(false);
+        cfg.setExitVmOnShutdown(false);
+        cfg.setContextPartitionConfigurations(partitions);
+
+        contextSource = new DefaultSpringSecurityContextSource("ldap://127.0.0.1:53389/dc=springframework,dc=org");
+        ((DefaultSpringSecurityContextSource)contextSource).afterPropertiesSet();
+        server = new ApacheDSContainer(cfg, contextSource, "classpath:test-server.ldif");
+        server.afterPropertiesSet();
     }
 
     @AfterClass
-    public static void closeContext() throws Exception {
-        if(appContext != null) {
-            appContext.close();
+    public static void stopServer() throws Exception {
+        if (server != null) {
+            server.stop();
         }
         shutdownRunningServers();
     }
@@ -100,7 +134,7 @@ public abstract class AbstractLdapIntegrationTests {
     }
 
     public BaseLdapPathContextSource getContextSource() {
-        return (BaseLdapPathContextSource)appContext.getBean(BeanIds.CONTEXT_SOURCE);
+        return contextSource;
     }
 
 

pom.xml

@@ -9,10 +9,12 @@
 
     <modules>
         <module>core</module>
+        <!-- module>web</module -->
         <module>ldap</module>
+        <module>config</module>
+        <module>acl</module>
         <module>cas</module>
         <module>openid</module>
-        <module>acl</module>
         <module>ntlm</module>
         <module>samples</module>
         <module>taglibs</module>
@@ -801,6 +803,11 @@
                 <artifactId>commons-collections</artifactId>
                 <version>3.2</version>
             </dependency>
+            <dependency>
+                <groupId>org.apache.tomcat</groupId>
+                <artifactId>annotations-api</artifactId>
+                <version>6.0.14</version>
+            </dependency>
             <dependency>
                 <groupId>hsqldb</groupId>
                 <artifactId>hsqldb</artifactId>

samples/cas/client/pom.xml

@@ -15,11 +15,16 @@
             <artifactId>spring-security-core</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-config</artifactId>
+            <version>${project.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-cas-client</artifactId>
             <version>${project.version}</version>
-        </dependency>        
+        </dependency>
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>org.springframework.web</artifactId>
@@ -38,7 +43,7 @@
             <artifactId>org.springframework.aop</artifactId>
             <scope>runtime</scope>
         </dependency>
-    
+
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-log4j12</artifactId>
@@ -78,19 +83,19 @@
                             <trustPassword>password</trustPassword>
                         </connector>
                     </connectors>
-			         <systemProperties>
-			            <systemProperty>
-			              <name>javax.net.ssl.trustStore</name>
-			               <value>../../certificates/server.jks</value>
-			            </systemProperty>
-			            <systemProperty>
-			            	<name>javax.net.ssl.trustStorePassword</name>
-			            	<value>password</value>
-			            </systemProperty>
-					</systemProperties>
+                     <systemProperties>
+                        <systemProperty>
+                          <name>javax.net.ssl.trustStore</name>
+                           <value>../../certificates/server.jks</value>
+                        </systemProperty>
+                        <systemProperty>
+                            <name>javax.net.ssl.trustStorePassword</name>
+                            <value>password</value>
+                        </systemProperty>
+                    </systemProperties>
                 </configuration>
             </plugin>
         </plugins>
     </build>
 
-</project>
+</project>

samples/contacts/pom.xml

@@ -15,6 +15,11 @@
             <artifactId>spring-security-core</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-config</artifactId>
+            <version>${project.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-acl</artifactId>

samples/ldap/pom.xml

@@ -24,13 +24,6 @@
             <artifactId>org.springframework.web.servlet</artifactId>
             <version>${spring.version}</version>
         </dependency>
-<!--        
-        <dependency>
-            <groupId>org.springframework</groupId>
-            <artifactId>org.springframework.jdbc</artifactId>
-            <scope>runtime</scope>
-        </dependency>
--->        
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>org.springframework.aop</artifactId>

samples/tutorial/pom.xml

@@ -15,6 +15,11 @@
             <artifactId>spring-security-core</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-config</artifactId>
+            <version>${project.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-taglibs</artifactId>