SEC-1012: Futher generification. Also changed method signature of ObjectDefinitionSource.getAllConfigAtributes to return a single collection

acl/src/main/java/org/springframework/security/acls/objectidentity/ObjectIdentityImpl.java

@@ -38,7 +38,7 @@ import java.lang.reflect.Method;
 public class ObjectIdentityImpl implements ObjectIdentity {
     //~ Instance fields ================================================================================================
 
-    private Class javaType;
+    private Class<?> javaType;
     private Serializable identifier;
 
     //~ Constructors ===================================================================================================
@@ -56,7 +56,7 @@ public class ObjectIdentityImpl implements ObjectIdentity {
         this.identifier = identifier;
     }
 
-    public ObjectIdentityImpl(Class javaType, Serializable identifier) {
+    public ObjectIdentityImpl(Class<?> javaType, Serializable identifier) {
         Assert.notNull(javaType, "Java Type required");
         Assert.notNull(identifier, "identifier required");
         this.javaType = javaType;
@@ -131,7 +131,7 @@ public class ObjectIdentityImpl implements ObjectIdentity {
         return identifier;
     }
 
-    public Class getJavaType() {
+    public Class<?> getJavaType() {
         return javaType;
     }
 

core/src/main/java/org/springframework/security/RunAsManager.java

@@ -96,5 +96,5 @@ public interface RunAsManager {
      *
      * @return true if the implementation can process the indicated class
      */
-    boolean supports(Class clazz);
+    boolean supports(Class<?> clazz);
 }

core/src/main/java/org/springframework/security/annotation/Jsr250MethodDefinitionSource.java

@@ -39,15 +39,15 @@ import org.springframework.security.intercept.method.AbstractFallbackMethodDefin
  */
 public class Jsr250MethodDefinitionSource extends AbstractFallbackMethodDefinitionSource {
 
-    protected List<ConfigAttribute> findAttributes(Class clazz) {
+    protected List<ConfigAttribute> findAttributes(Class<?> clazz) {
         return processAnnotations(clazz.getAnnotations());
     }
 
-    protected List<ConfigAttribute> findAttributes(Method method, Class targetClass) {
+    protected List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
         return processAnnotations(AnnotationUtils.getAnnotations(method));
     }
 
-    public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
+    public Collection<ConfigAttribute> getAllConfigAttributes() {
         return null;
     }
 

core/src/main/java/org/springframework/security/annotation/Jsr250Voter.java

@@ -32,7 +32,7 @@ public class Jsr250Voter implements AccessDecisionVoter {
      * @param clazz the class.
      * @return true
      */
-    public boolean supports(Class<? extends Object> clazz) {
+    public boolean supports(Class<?> clazz) {
         return true;
     }
 

core/src/main/java/org/springframework/security/annotation/SecuredMethodDefinitionSource.java

@@ -35,15 +35,15 @@ import org.springframework.security.intercept.method.AbstractFallbackMethodDefin
  */
 public class SecuredMethodDefinitionSource extends AbstractFallbackMethodDefinitionSource {
 
-    protected List<ConfigAttribute> findAttributes(Class clazz) {
+    protected List<ConfigAttribute> findAttributes(Class<?> clazz) {
         return processAnnotation(clazz.getAnnotation(Secured.class));
     }
 
-    protected List<ConfigAttribute> findAttributes(Method method, Class targetClass) {
+    protected List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
         return processAnnotation(AnnotationUtils.findAnnotation(method, Secured.class));
     }
 
-    public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
+    public Collection<ConfigAttribute> getAllConfigAttributes() {
         return null;
     }
 

core/src/main/java/org/springframework/security/config/ConfigUtils.java

@@ -143,6 +143,7 @@ abstract class ConfigUtils {
      * Bean which holds the list of filters which are maintained in the context and modified by calls to
      * addHttpFilter. The post processor retrieves these before injecting the list into the FilterChainProxy.
      */
+    @SuppressWarnings("unchecked")
     public static class FilterChainList {
         List filters;
 

core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java

@@ -96,7 +96,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
     /**
      * Checks the filter list for possible errors and logs them
      */
-    private void checkFilterStack(List filters) {
+    private void checkFilterStack(List<Filter> filters) {
         checkForDuplicates(HttpSessionContextIntegrationFilter.class, filters);
         checkForDuplicates(AuthenticationProcessingFilter.class, filters);
         checkForDuplicates(SessionFixationProtectionFilter.class, filters);
@@ -106,13 +106,13 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
         checkForDuplicates(FilterSecurityInterceptor.class, filters);
     }
 
-    private void checkForDuplicates(Class clazz, List filters) {
+    private void checkForDuplicates(Class<? extends Filter> clazz, List<Filter> filters) {
         for (int i=0; i < filters.size(); i++) {
-            Filter f1 = (Filter)filters.get(i);
+            Filter f1 = filters.get(i);
             if (clazz.isAssignableFrom(f1.getClass())) {
                 // Found the first one, check remaining for another
                 for (int j=i+1; j < filters.size(); j++) {
-                    Filter f2 = (Filter)filters.get(j);
+                    Filter f2 = filters.get(j);
                     if (clazz.isAssignableFrom(f2.getClass())) {
                         logger.warn("Possible error: Filters at position " + i + " and " + j + " are both " +
                                 "instances of " + clazz.getName());
@@ -130,7 +130,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
         if (etf.getAuthenticationEntryPoint() instanceof AuthenticationProcessingFilterEntryPoint) {
             String loginPage =
                 ((AuthenticationProcessingFilterEntryPoint)etf.getAuthenticationEntryPoint()).getLoginFormUrl();
-            List filters = fcp.getFilters(loginPage);
+            List<Filter> filters = fcp.getFilters(loginPage);
             logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration");
 
             if (filters == null || filters.isEmpty()) {
@@ -148,7 +148,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
                     ((FilterSecurityInterceptor)beanFactory.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR));
             DefaultFilterInvocationDefinitionSource fids =
                     (DefaultFilterInvocationDefinitionSource) fsi.getObjectDefinitionSource();
-            List<? extends ConfigAttribute> attributes = fids.lookupAttributes(loginPage, "POST");
+            List<ConfigAttribute> attributes = fids.lookupAttributes(loginPage, "POST");
 
             if (attributes == null) {
                 logger.debug("No access attributes defined for login page URL");

core/src/main/java/org/springframework/security/context/SecurityContextHolder.java

@@ -100,8 +100,8 @@ public class SecurityContextHolder {
         } else {
             // Try to load a custom strategy
             try {
-                Class clazz = Class.forName(strategyName);
-                Constructor customStrategy = clazz.getConstructor(new Class[] {});
+                Class<?> clazz = Class.forName(strategyName);
+                Constructor<?> customStrategy = clazz.getConstructor(new Class[] {});
                 strategy = (SecurityContextHolderStrategy) customStrategy.newInstance(new Object[] {});
             } catch (Exception ex) {
                 ReflectionUtils.handleReflectionException(ex);

core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSource.java

@@ -40,7 +40,7 @@ import org.springframework.util.ClassUtils;
 public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDefinitionSource {
     private ExpressionParser parser = new SpelExpressionParser();
 
-    public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
+    public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
         if (method.getDeclaringClass() == Object.class) {
             return null;
         }
@@ -109,7 +109,7 @@ public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDe
         return null;
     }
 
-    public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
+    public Collection<ConfigAttribute> getAllConfigAttributes() {
         return null;
     }
 

core/src/main/java/org/springframework/security/expression/method/MethodExpressionVoter.java

@@ -35,7 +35,7 @@ public class MethodExpressionVoter implements AccessDecisionVoter {
         return attribute instanceof AbstractExpressionBasedMethodConfigAttribute;
     }
 
-    public boolean supports(Class<? extends Object> clazz) {
+    public boolean supports(Class<?> clazz) {
         return clazz.isAssignableFrom(MethodInvocation.class);
     }
 

core/src/main/java/org/springframework/security/expression/web/WebExpressionVoter.java

@@ -5,6 +5,7 @@ import java.util.List;
 import org.springframework.expression.EvaluationContext;
 import org.springframework.security.Authentication;
 import org.springframework.security.ConfigAttribute;
+import org.springframework.security.expression.ExpressionUtils;
 import org.springframework.security.expression.SecurityExpressionHandler;
 import org.springframework.security.expression.support.DefaultSecurityExpressionHandler;
 import org.springframework.security.intercept.web.FilterInvocation;
@@ -14,7 +15,7 @@ import org.springframework.security.vote.AccessDecisionVoter;
  * Voter which handles web authorisation decisions.
  * @author Luke Taylor
  * @version $Id$
- * @since
+ * @since 2.5
  */
 public class WebExpressionVoter implements AccessDecisionVoter {
     private SecurityExpressionHandler expressionHandler = new DefaultSecurityExpressionHandler();
@@ -29,9 +30,8 @@ public class WebExpressionVoter implements AccessDecisionVoter {
         FilterInvocation fi = (FilterInvocation)object;
         EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, fi);
 
-        weca.getAuthorizeExpression();
-
-        return 0;
+        return ExpressionUtils.evaluateAsBoolean(weca.getAuthorizeExpression(), ctx) ?
+                ACCESS_GRANTED : ACCESS_DENIED;
     }
 
     private WebExpressionConfigAttribute findConfigAttribute(List<ConfigAttribute> attributes) {
@@ -47,7 +47,7 @@ public class WebExpressionVoter implements AccessDecisionVoter {
         return attribute instanceof WebExpressionConfigAttribute;
     }
 
-    public boolean supports(Class<? extends Object> clazz) {
+    public boolean supports(Class<?> clazz) {
         return clazz.isAssignableFrom(FilterInvocation.class);
     }
 

core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java

@@ -136,7 +136,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
         }
 
         if (this.validateConfigAttributes) {
-            Collection<List<? extends ConfigAttribute>> attributeDefs = this.obtainObjectDefinitionSource().getAllConfigAttributes();
+            Collection<ConfigAttribute> attributeDefs = this.obtainObjectDefinitionSource().getAllConfigAttributes();
 
             if (attributeDefs == null) {
                 logger.warn("Could not validate configuration attributes as the ObjectDefinitionSource did not return "
@@ -144,14 +144,12 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
                 return;
             }
 
-            Set unsupportedAttrs = new HashSet();
+            Set<ConfigAttribute> unsupportedAttrs = new HashSet<ConfigAttribute>();
 
-            for (List<? extends ConfigAttribute> def : attributeDefs) {
-                for (ConfigAttribute attr : def) {
-                    if (!this.runAsManager.supports(attr) && !this.accessDecisionManager.supports(attr)
-                            && ((this.afterInvocationManager == null) || !this.afterInvocationManager.supports(attr))) {
-                        unsupportedAttrs.add(attr);
-                    }
+            for (ConfigAttribute attr : attributeDefs) {
+                if (!this.runAsManager.supports(attr) && !this.accessDecisionManager.supports(attr)
+                        && ((this.afterInvocationManager == null) || !this.afterInvocationManager.supports(attr))) {
+                    unsupportedAttrs.add(attr);
                 }
             }
 

core/src/main/java/org/springframework/security/intercept/ObjectDefinitionSource.java

@@ -53,7 +53,7 @@ public interface ObjectDefinitionSource {
      *
      * @return the <code>ConfigAttribute</code>s or <code>null</code> if unsupported
      */
-    Collection<List<? extends ConfigAttribute>> getAllConfigAttributes();
+    Collection<ConfigAttribute> getAllConfigAttributes();
 
     /**
      * Indicates whether the <code>ObjectDefinitionSource</code> implementation is able to provide
@@ -63,5 +63,5 @@ public interface ObjectDefinitionSource {
      *
      * @return true if the implementation can process the indicated class
      */
-    boolean supports(Class clazz);
+    boolean supports(Class<?> clazz);
 }

core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodDefinitionSource.java

@@ -27,7 +27,7 @@ import org.springframework.util.ClassUtils;
  */
 public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMethodDefinitionSource {
 
-    public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
+    public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
         // The method may be on an interface, but we need attributes from the target class.
         // If the target class is null, the method will be unchanged.
         Method specificMethod = ClassUtils.getMostSpecificMethod(method, targetClass);
@@ -68,7 +68,7 @@ public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMet
      * @param targetClass the target class for the invocation (may be <code>null</code>)
      * @return the security metadata (or null if no metadata applies)
      */
-    protected abstract List<ConfigAttribute> findAttributes(Method method, Class targetClass);
+    protected abstract List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass);
 
     /**
      * Obtains the security metadata registered against the specified class.
@@ -82,7 +82,7 @@ public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMet
      * @param clazz the target class for the invocation (never <code>null</code>)
      * @return the security metadata (or null if no metadata applies)
      */
-    protected abstract List<ConfigAttribute> findAttributes(Class clazz);
+    protected abstract List<ConfigAttribute> findAttributes(Class<?> clazz);
 
 
 }

core/src/main/java/org/springframework/security/intercept/method/AbstractMethodDefinitionSource.java

@@ -55,10 +55,10 @@ public abstract class AbstractMethodDefinitionSource implements MethodDefinition
 
         if (object instanceof JoinPoint) {
             JoinPoint jp = (JoinPoint) object;
-            Class targetClass = jp.getTarget().getClass();
+            Class<?> targetClass = jp.getTarget().getClass();
             String targetMethodName = jp.getStaticPart().getSignature().getName();
-            Class[] types = ((CodeSignature) jp.getStaticPart().getSignature()).getParameterTypes();
-            Class declaringType = ((CodeSignature) jp.getStaticPart().getSignature()).getDeclaringType();
+            Class<?>[] types = ((CodeSignature) jp.getStaticPart().getSignature()).getParameterTypes();
+            Class<?> declaringType = ((CodeSignature) jp.getStaticPart().getSignature()).getDeclaringType();
 
             Method method = ClassUtils.getMethodIfAvailable(declaringType, targetMethodName, types);
             Assert.notNull(method, "Could not obtain target method from JoinPoint: '"+ jp + "'");
@@ -69,7 +69,7 @@ public abstract class AbstractMethodDefinitionSource implements MethodDefinition
         throw new IllegalArgumentException("Object must be a non-null MethodInvocation or JoinPoint");
     }
 
-    public final boolean supports(Class clazz) {
+    public final boolean supports(Class<?> clazz) {
         return (MethodInvocation.class.isAssignableFrom(clazz) || JoinPoint.class.isAssignableFrom(clazz));
     }
 }

core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodDefinitionSource.java

@@ -5,7 +5,6 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -27,7 +26,8 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
     private final static List<ConfigAttribute> NULL_CONFIG_ATTRIBUTE = Collections.emptyList();
 
     private List<MethodDefinitionSource> methodDefinitionSources;
-    private final Map<DefaultCacheKey, List<ConfigAttribute>> attributeCache = new HashMap();
+    private final Map<DefaultCacheKey, List<ConfigAttribute>> attributeCache =
+        new HashMap<DefaultCacheKey, List<ConfigAttribute>>();
 
     //~ Methods ========================================================================================================
 
@@ -35,7 +35,7 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
         Assert.notEmpty(methodDefinitionSources, "A list of MethodDefinitionSources is required");
     }
 
-    public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
+    public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
         DefaultCacheKey cacheKey = new DefaultCacheKey(method, targetClass);
         synchronized (attributeCache) {
             List<ConfigAttribute> cached = attributeCache.get(cacheKey);
@@ -73,12 +73,10 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
         }
     }
 
-    public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
-        Set set = new HashSet();
-        Iterator i = methodDefinitionSources.iterator();
-        while (i.hasNext()) {
-            MethodDefinitionSource s = (MethodDefinitionSource) i.next();
-            Collection<List<? extends ConfigAttribute>> attrs = s.getAllConfigAttributes();
+    public Collection<ConfigAttribute> getAllConfigAttributes() {
+        Set<ConfigAttribute> set = new HashSet<ConfigAttribute>();
+        for (MethodDefinitionSource s : methodDefinitionSources) {
+            Collection<ConfigAttribute> attrs = s.getAllConfigAttributes();
             if (attrs != null) {
                 set.addAll(attrs);
             }
@@ -86,6 +84,7 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
         return set;
     }
 
+    @SuppressWarnings("unchecked")
     public void setMethodDefinitionSources(List methodDefinitionSources) {
         Assert.notEmpty(methodDefinitionSources, "A list of MethodDefinitionSources is required");
         this.methodDefinitionSources = methodDefinitionSources;

core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSource.java

@@ -19,9 +19,11 @@ import java.lang.reflect.Method;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import org.springframework.beans.factory.BeanClassLoaderAware;
 import org.springframework.security.ConfigAttribute;
@@ -48,10 +50,10 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
     private ClassLoader beanClassLoader = ClassUtils.getDefaultClassLoader();
 
     /** Map from RegisteredMethod to ConfigAttribute list */
-    protected Map<RegisteredMethod, List<? extends ConfigAttribute>> methodMap = new HashMap();
+    protected Map<RegisteredMethod, List<ConfigAttribute>> methodMap = new HashMap<RegisteredMethod, List<ConfigAttribute>>();
 
     /** Map from RegisteredMethod to name pattern used for registration */
-    private Map<RegisteredMethod, String> nameMap = new HashMap();
+    private Map<RegisteredMethod, String> nameMap = new HashMap<RegisteredMethod, String>();
 
     //~ Methods ========================================================================================================
 
@@ -71,14 +73,14 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
     /**
      * Implementation does not support class-level attributes.
      */
-    protected List<ConfigAttribute> findAttributes(Class clazz) {
+    protected List<ConfigAttribute> findAttributes(Class<?> clazz) {
         return null;
     }
 
     /**
      * Will walk the method inheritance tree to find the most specific declaration applicable.
      */
-    protected List<ConfigAttribute> findAttributes(Method method, Class targetClass) {
+    protected List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
         if (targetClass == null) {
             return null;
         }
@@ -105,7 +107,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
      * @param name type and method name, separated by a dot
      * @param attr required authorities associated with the method
      */
-    public void addSecureMethod(String name, List<? extends ConfigAttribute> attr) {
+    public void addSecureMethod(String name, List<ConfigAttribute> attr) {
         int lastDotIndex = name.lastIndexOf(".");
 
         if (lastDotIndex == -1) {
@@ -129,7 +131,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
      * @param mappedName mapped method name, which the javaType has declared or inherited
      * @param attr required authorities associated with the method
      */
-    public void addSecureMethod(Class javaType, String mappedName, List<? extends ConfigAttribute> attr) {
+    public void addSecureMethod(Class javaType, String mappedName, List<ConfigAttribute> attr) {
         String name = javaType.getName() + '.' + mappedName;
 
         if (logger.isDebugEnabled()) {
@@ -137,7 +139,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
         }
 
         Method[] methods = javaType.getMethods();
-        List matchingMethods = new ArrayList();
+        List<Method> matchingMethods = new ArrayList<Method>();
 
         for (int i = 0; i < methods.length; i++) {
             if (methods[i].getName().equals(mappedName) || isMatch(methods[i].getName(), mappedName)) {
@@ -150,8 +152,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
         }
 
         // register all matching methods
-        for (Iterator it = matchingMethods.iterator(); it.hasNext();) {
-            Method method = (Method) it.next();
+        for (Method method : matchingMethods) {
             RegisteredMethod registeredMethod = new RegisteredMethod(method, javaType);
             String regMethodName = (String) this.nameMap.get(registeredMethod);
 
@@ -178,7 +179,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
      * the existing match will be retained, so that if this method is called for a more general pointcut
      * it will not override a more specific one which has already been added. This
      */
-    public void addSecureMethod(Class javaType, Method method, List<? extends ConfigAttribute> attr) {
+    public void addSecureMethod(Class javaType, Method method, List<ConfigAttribute> attr) {
         RegisteredMethod key = new RegisteredMethod(method, javaType);
 
         if (methodMap.containsKey(key)) {
@@ -195,7 +196,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
      * @param method the method to be secured
      * @param attr required authorities associated with the method
      */
-    private void addSecureMethod(RegisteredMethod method, List<? extends ConfigAttribute> attr) {
+    private void addSecureMethod(RegisteredMethod method, List<ConfigAttribute> attr) {
         Assert.notNull(method, "RegisteredMethod required");
         Assert.notNull(attr, "Configuration attribute required");
         if (logger.isInfoEnabled()) {
@@ -209,8 +210,14 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
      *
      * @return the attributes explicitly defined against this bean
      */
-    public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
-        return methodMap.values();
+    public Collection<ConfigAttribute> getAllConfigAttributes() {
+        Set<ConfigAttribute> allAttributes = new HashSet<ConfigAttribute>();
+
+        for (List<ConfigAttribute> attributeList : methodMap.values()) {
+            allAttributes.addAll(attributeList);
+        }
+
+        return allAttributes;
     }
 
     /**

core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSource.java

@@ -30,5 +30,5 @@ import org.springframework.security.intercept.ObjectDefinitionSource;
  * @version $Id$
  */
 public interface MethodDefinitionSource extends ObjectDefinitionSource {
-    public List<ConfigAttribute> getAttributes(Method method, Class targetClass);
+    public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass);
 }

core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java

@@ -128,9 +128,9 @@ public class MethodDefinitionSourceAdvisor extends AbstractPointcutAdvisor imple
      */
     class InternalMethodInvocation implements MethodInvocation {
         private Method method;
-        private Class targetClass;
+        private Class<?> targetClass;
 
-        public InternalMethodInvocation(Method method, Class targetClass) {
+        public InternalMethodInvocation(Method method, Class<?> targetClass) {
             this.method = method;
             this.targetClass = targetClass;
         }

core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java

@@ -17,7 +17,6 @@ package org.springframework.security.intercept.web;
 
 import java.util.Arrays;
 import java.util.Collection;
-import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.LinkedHashMap;
@@ -142,10 +141,17 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation
         return methodRequestmap;
     }
 
-    public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
-        return Collections.unmodifiableCollection(getRequestMap().values());
+    public Collection<ConfigAttribute> getAllConfigAttributes() {
+        Set<ConfigAttribute> allAttributes = new HashSet<ConfigAttribute>();
+
+        for(List<ConfigAttribute> attrs : requestMap.values()) {
+            allAttributes.addAll(attrs);
+        }
+
+        return allAttributes;
     }
 
+
     public List<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
         if ((object == null) || !this.supports(object.getClass())) {
             throw new IllegalArgumentException("Object must be a FilterInvocation");
@@ -227,7 +233,7 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation
         return null;
     }
 
-    public boolean supports(Class clazz) {
+    public boolean supports(Class<?> clazz) {
         return FilterInvocation.class.isAssignableFrom(clazz);
     }
 

core/src/main/java/org/springframework/security/providers/ProviderManager.java

@@ -217,8 +217,8 @@ public class ProviderManager extends AbstractAuthenticationManager implements In
 
         if (className != null) {
             try {
-                Class clazz = getClass().getClassLoader().loadClass(className);
-                Constructor constructor = clazz.getConstructor(new Class[] {
+                Class<?> clazz = getClass().getClassLoader().loadClass(className);
+                Constructor<?> constructor = clazz.getConstructor(new Class[] {
                             Authentication.class, AuthenticationException.class
                         });
                 Object obj = constructor.newInstance(new Object[] {authentication, exception});

core/src/main/java/org/springframework/security/runas/NullRunAsManager.java

@@ -41,7 +41,7 @@ public class NullRunAsManager implements RunAsManager {
         return false;
     }
 
-    public boolean supports(Class clazz) {
+    public boolean supports(Class<?> clazz) {
         return true;
     }
 }

core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java

@@ -63,7 +63,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
     }
 
     public Authentication buildRunAs(Authentication authentication, Object object, List<ConfigAttribute> config) {
-        List<GrantedAuthority> newAuthorities = new ArrayList();
+        List<GrantedAuthority> newAuthorities = new ArrayList<GrantedAuthority>();
 
         for(ConfigAttribute attribute : config) {
             if (this.supports(attribute)) {
@@ -123,7 +123,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
      *
      * @return alwaus <code>true</code>
      */
-    public boolean supports(Class clazz) {
+    public boolean supports(Class<?> clazz) {
         return true;
     }
 }

core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java

@@ -59,7 +59,7 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini
         Assert.notNull(filterInvocationDefinitionSource, "filterInvocationDefinitionSource must be specified");
         Assert.notNull(channelDecisionManager, "channelDecisionManager must be specified");
 
-        Collection<List<? extends ConfigAttribute>> attrDefs = this.filterInvocationDefinitionSource.getAllConfigAttributes();
+        Collection<ConfigAttribute> attrDefs = this.filterInvocationDefinitionSource.getAllConfigAttributes();
 
         if (attrDefs == null) {
             if (logger.isWarnEnabled()) {
@@ -70,22 +70,20 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini
             return;
         }
 
-        Set set = new HashSet();
+        Set<ConfigAttribute> unsupportedAttributes = new HashSet<ConfigAttribute>();
 
-        for (List<? extends ConfigAttribute> def : attrDefs) {
-            for (ConfigAttribute attr : def) {
-                if (!this.channelDecisionManager.supports(attr)) {
-                    set.add(attr);
-                }
+        for (ConfigAttribute attr : attrDefs) {
+            if (!this.channelDecisionManager.supports(attr)) {
+                unsupportedAttributes.add(attr);
             }
         }
 
-        if (set.size() == 0) {
+        if (unsupportedAttributes.size() == 0) {
             if (logger.isInfoEnabled()) {
                 logger.info("Validated configuration attributes");
             }
         } else {
-            throw new IllegalArgumentException("Unsupported configuration attributes: " + set.toString());
+            throw new IllegalArgumentException("Unsupported configuration attributes: " + unsupportedAttributes);
         }
     }
 

core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsImpl.java

@@ -15,19 +15,16 @@
 
 package org.springframework.security.userdetails.ldap;
 
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.naming.Name;
+
+import org.springframework.ldap.core.DirContextOperations;
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.util.AuthorityUtils;
-import org.springframework.ldap.core.DirContextOperations;
 import org.springframework.util.Assert;
 
-import javax.naming.Name;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.BasicAttributes;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Iterator;
-import java.util.List;
-
 
 /**
  * A UserDetails implementation which is used internally by the Ldap services. It also contains the user's
@@ -128,7 +125,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
      */
     public static class Essence {
         protected LdapUserDetailsImpl instance = createTarget();
-        private List mutableAuthorities = new ArrayList();
+        private List<GrantedAuthority> mutableAuthorities = new ArrayList<GrantedAuthority>();
 
         public Essence() { }
 
@@ -159,10 +156,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
         }
 
         private boolean hasAuthority(GrantedAuthority a) {
-            Iterator authorities = mutableAuthorities.iterator();
-
-            while(authorities.hasNext()) {
-                GrantedAuthority authority = (GrantedAuthority) authorities.next();
+            for (GrantedAuthority authority : mutableAuthorities) {
                 if(authority.equals(a)) {
                     return true;
                 }

core/src/main/java/org/springframework/security/util/FilterChainProxy.java

@@ -26,6 +26,7 @@ import org.springframework.util.Assert;
 import org.springframework.web.filter.DelegatingFilterProxy;
 
 import javax.servlet.*;
+
 import java.io.IOException;
 import java.util.*;
 
@@ -103,9 +104,9 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
 
     private ApplicationContext applicationContext;
     /** Map of the original pattern Strings to filter chains */
-    private Map uncompiledFilterChainMap;
+    private Map<String, List<Filter>> uncompiledFilterChainMap;
     /** Compiled pattern version of the filter chain map */
-    private Map filterChainMap;
+    private Map<Object, List<Filter>> filterChainMap;
     private UrlMatcher matcher = new AntUrlPathMatcher();
     private boolean stripQueryStringFromUrls = true;
     private DefaultFilterInvocationDefinitionSource fids;
@@ -127,29 +128,25 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
     }
 
     public void init(FilterConfig filterConfig) throws ServletException {
-        Filter[] filters = obtainAllDefinedFilters();
-
-        for (int i = 0; i < filters.length; i++) {
-            if (filters[i] != null) {
+        for (Filter filter : obtainAllDefinedFilters()) {
+            if (filter != null) {
                 if (logger.isDebugEnabled()) {
-                    logger.debug("Initializing Filter defined in ApplicationContext: '" + filters[i].toString() + "'");
+                    logger.debug("Initializing Filter defined in ApplicationContext: '" + filter + "'");
                 }
 
-                filters[i].init(filterConfig);
+                filter.init(filterConfig);
             }
         }
     }
 
     public void destroy() {
-        Filter[] filters = obtainAllDefinedFilters();
-
-        for (int i = 0; i < filters.length; i++) {
-            if (filters[i] != null) {
+        for (Filter filter : obtainAllDefinedFilters()) {
+            if (filter != null) {
                 if (logger.isDebugEnabled()) {
-                    logger.debug("Destroying Filter defined in ApplicationContext: '" + filters[i].toString() + "'");
+                    logger.debug("Destroying Filter defined in ApplicationContext: '" + filter + "'");
                 }
 
-                filters[i].destroy();
+                filter.destroy();
             }
         }
     }
@@ -158,7 +155,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
             throws IOException, ServletException {
 
         FilterInvocation fi = new FilterInvocation(request, response, chain);
-        List filters = getFilters(fi.getRequestUrl());
+        List<Filter> filters = getFilters(fi.getRequestUrl());
 
         if (filters == null || filters.size() == 0) {
             if (logger.isDebugEnabled()) {
@@ -181,7 +178,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
      * @param url the request URL
      * @return an ordered array of Filters defining the filter chain
      */
-    public List getFilters(String url)  {
+    public List<Filter> getFilters(String url)  {
         if (stripQueryStringFromUrls) {
             // String query string - see SEC-953
             int firstQuestionMarkIndex = url.indexOf("?");
@@ -191,11 +188,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
             }
         }
 
-
-        Iterator filterChains = filterChainMap.entrySet().iterator();
-
-        while (filterChains.hasNext()) {
-            Map.Entry entry = (Map.Entry) filterChains.next();
+        for (Map.Entry<Object, List<Filter>> entry : filterChainMap.entrySet()) {
             Object path = entry.getKey();
 
             if (matcher.requiresLowerCaseUrl()) {
@@ -213,7 +206,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
             }
 
             if (matched) {
-                return (List) entry.getValue();
+                return entry.getValue();
             }
         }
 
@@ -230,16 +223,14 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
      *         each <code>Filter</code> that actually exists in application context, even if a given
      *         <code>Filter</code> is defined multiples times in the filter chain map)
      */
-    protected Filter[] obtainAllDefinedFilters() {
-        Set allFilters = new LinkedHashSet();
-
-        Iterator it = filterChainMap.values().iterator();
+    protected Collection<Filter> obtainAllDefinedFilters() {
+        Set<Filter> allFilters = new LinkedHashSet<Filter>();
 
-        while (it.hasNext()) {
-            allFilters.addAll((List) it.next());
+        for (List<Filter> filters : filterChainMap.values()) {
+            allFilters.addAll(filters);
         }
 
-        return (Filter[]) new ArrayList(allFilters).toArray(new Filter[0]);
+        return allFilters;
     }
 
     public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
@@ -266,14 +257,32 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
      * the Map used is an instance of <tt>LinkedHashMap</tt> or an equivalent, rather than a plain <tt>HashMap</tt>, for
      * example.
      *
-     * @param filterChainMap the map of path Strings to <tt>Filter[]</tt>s.
+     * @param filterChainMap the map of path Strings to <tt>List&lt;Filter&gt;</tt>s.
      */
+    @SuppressWarnings("unchecked")
     public void setFilterChainMap(Map filterChainMap) {
-        uncompiledFilterChainMap = new LinkedHashMap(filterChainMap);
+        checkContents(filterChainMap);
+        uncompiledFilterChainMap = new LinkedHashMap<String, List<Filter>>(filterChainMap);
         checkPathOrder();
         createCompiledMap();
     }
 
+    @SuppressWarnings("unchecked")
+    private void checkContents(Map filterChainMap) {
+        for (Object key : filterChainMap.keySet()) {
+            Assert.isInstanceOf(String.class, key, "Path key must be a String but found " + key);
+            Object filters = filterChainMap.get(key);
+            Assert.isInstanceOf(List.class, filters, "Value must be a filter list");
+            // Check the contents
+            Iterator filterIterator = ((List)filters).iterator();
+
+            while (filterIterator.hasNext()) {
+                Object filter = filterIterator.next();
+                Assert.isInstanceOf(Filter.class, filter, "Objects in filter chain must be of type Filter. ");
+            }
+        }
+    }
+
     private void checkPathOrder() {
         // Check that the universal pattern is listed at the end, if at all
         String[] paths = (String[]) uncompiledFilterChainMap.keySet().toArray(new String[0]);
@@ -289,37 +298,21 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
     }
 
     private void createCompiledMap() {
-        Iterator paths = uncompiledFilterChainMap.keySet().iterator();
-        filterChainMap = new LinkedHashMap(uncompiledFilterChainMap.size());
+        filterChainMap = new LinkedHashMap<Object, List<Filter>>(uncompiledFilterChainMap.size());
 
-        while (paths.hasNext()) {
-            Object path = paths.next();
-            Assert.isInstanceOf(String.class, path, "Path pattern must be a String");
-            Object compiledPath = matcher.compile((String)path);
-            Object filters = uncompiledFilterChainMap.get(path);
-
-            Assert.isInstanceOf(List.class, filters);
-            // Check the contents
-            Iterator filterIterator = ((List)filters).iterator();
-
-            while (filterIterator.hasNext()) {
-                Object filter = filterIterator.next();
-                Assert.isInstanceOf(Filter.class, filter, "Objects in filter chain must be of type Filter. ");
-            }
-
-            filterChainMap.put(compiledPath, filters);
+        for (String path : uncompiledFilterChainMap.keySet()) {
+            filterChainMap.put(matcher.compile(path), uncompiledFilterChainMap.get(path));
         }
     }
 
-
     /**
      * Returns a copy of the underlying filter chain map. Modifications to the map contents
      * will not affect the FilterChainProxy state - to change the map call <tt>setFilterChainMap</tt>.
      *
-     * @return the map of path pattern Strings to filter chain arrays (with ordering guaranteed).
+     * @return the map of path pattern Strings to filter chain lists (with ordering guaranteed).
      */
-    public Map getFilterChainMap() {
-        return new LinkedHashMap(uncompiledFilterChainMap);
+    public Map<String, List<Filter>> getFilterChainMap() {
+        return new LinkedHashMap<String, List<Filter>>(uncompiledFilterChainMap);
     }
 
     public void setMatcher(UrlMatcher matcher) {
@@ -353,22 +346,22 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
 
     /**
      * A <code>FilterChain</code> that records whether or not {@link
-     * FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} is called.<p>This
-     * <code>FilterChain</code> is used by <code>FilterChainProxy</code> to determine if the next <code>Filter</code>
-     * should be called or not.</p>
+     * FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} is called.
+     * <p>
+     * This <code>FilterChain</code> is used by <code>FilterChainProxy</code> to determine if the next
+     * <code>Filter</code> should be called or not.</p>
      */
     private static class VirtualFilterChain implements FilterChain {
         private FilterInvocation fi;
-        private List additionalFilters;
+        private List<Filter> additionalFilters;
         private int currentPosition = 0;
 
-        private VirtualFilterChain(FilterInvocation filterInvocation, List additionalFilters) {
+        private VirtualFilterChain(FilterInvocation filterInvocation, List<Filter> additionalFilters) {
             this.fi = filterInvocation;
             this.additionalFilters = additionalFilters;
         }
 
-        public void doFilter(ServletRequest request, ServletResponse response)
-            throws IOException, ServletException {
+        public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
             if (currentPosition == additionalFilters.size()) {
                 if (logger.isDebugEnabled()) {
                     logger.debug(fi.getRequestUrl()
@@ -379,7 +372,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
             } else {
                 currentPosition++;
 
-                Filter nextFilter = (Filter) additionalFilters.get(currentPosition - 1);
+                Filter nextFilter = additionalFilters.get(currentPosition - 1);
 
                 if (logger.isDebugEnabled()) {
                     logger.debug(fi.getRequestUrl() + " at position " + currentPosition + " of "

core/src/main/java/org/springframework/security/util/ThrowableAnalyzer.java

@@ -3,16 +3,18 @@ package org.springframework.security.util;
 import java.lang.reflect.InvocationTargetException;
 import java.util.ArrayList;
 import java.util.Comparator;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 import java.util.TreeMap;
 
+import org.springframework.util.Assert;
+
 /**
  * Handler for analyzing {@link Throwable} instances.
  *
  * Can be subclassed to customize its behavior.
- * 
+ *
  * @author Andreas Senft
  * @since 2.0
  * @version $Id$
@@ -21,7 +23,7 @@ public class ThrowableAnalyzer {
 
     /**
      * Default extractor for {@link Throwable} instances.
-     * 
+     *
      * @see Throwable#getCause()
      */
     public static final ThrowableCauseExtractor DEFAULT_EXTRACTOR
@@ -30,13 +32,13 @@ public class ThrowableAnalyzer {
                 return throwable.getCause();
             }
         };
-    
+
     /**
      * Default extractor for {@link InvocationTargetException} instances.
-     * 
+     *
      * @see InvocationTargetException#getTargetException()
      */
-    public static final ThrowableCauseExtractor INVOCATIONTARGET_EXTRACTOR 
+    public static final ThrowableCauseExtractor INVOCATIONTARGET_EXTRACTOR
         = new ThrowableCauseExtractor() {
             public Throwable extractCause(Throwable throwable) {
                 verifyThrowableHierarchy(throwable, InvocationTargetException.class);
@@ -46,16 +48,14 @@ public class ThrowableAnalyzer {
 
     /**
      * Comparator to order classes ascending according to their hierarchy relation.
-     * If two classes have a hierarchical relation, the "higher" class is considered 
+     * If two classes have a hierarchical relation, the "higher" class is considered
      * to be greater by this comparator.<br>
-     * For hierarchically unrelated classes their fully qualified name will be compared. 
+     * For hierarchically unrelated classes their fully qualified name will be compared.
      */
-    private static final Comparator CLASS_HIERARCHY_COMPARATOR = new Comparator() {
+    private static final Comparator<Class<? extends Throwable>> CLASS_HIERARCHY_COMPARATOR =
+        new Comparator<Class<? extends Throwable>>() {
 
-        public int compare(Object o1, Object o2) {
-            Class class1 = (Class) o1;
-            Class class2 = (Class) o2;
-            
+        public int compare(Class<? extends Throwable> class1, Class<? extends Throwable> class2) {
             if (class1.isAssignableFrom(class2)) {
                 return 1;
             } else if (class2.isAssignableFrom(class1)) {
@@ -64,41 +64,37 @@ public class ThrowableAnalyzer {
                 return class1.getName().compareTo(class2.getName());
             }
         }
-        
+
     };
-        
+
 
     /**
      * Map of registered cause extractors.
      * key: Class<Throwable>; value: ThrowableCauseExctractor
      */
-    private final Map extractorMap;
-    
-    
+    private final Map<Class<? extends Throwable>, ThrowableCauseExtractor> extractorMap;
+
+
     /**
      * Creates a new <code>ThrowableAnalyzer</code> instance.
      */
     public ThrowableAnalyzer() {
-        this.extractorMap = new TreeMap(CLASS_HIERARCHY_COMPARATOR);
-        
+        this.extractorMap = new TreeMap<Class<? extends Throwable>, ThrowableCauseExtractor>(CLASS_HIERARCHY_COMPARATOR);
+
         initExtractorMap();
     }
-    
+
     /**
      * Registers a <code>ThrowableCauseExtractor</code> for the specified type.
      * <i>Can be used in subclasses overriding {@link #initExtractorMap()}.</i>
-     * 
+     *
      * @param throwableType the type (has to be a subclass of <code>Throwable</code>)
      * @param extractor the associated <code>ThrowableCauseExtractor</code> (not <code>null</code>)
-     * 
+     *
      * @throws IllegalArgumentException if one of the arguments is invalid
      */
-    protected final void registerExtractor(Class throwableType, ThrowableCauseExtractor extractor) {
-        verifyThrowableType(throwableType);
-
-        if (extractor == null) {
-            throw new IllegalArgumentException("Invalid extractor: null");
-        }
+    protected final void registerExtractor(Class<? extends Throwable> throwableType, ThrowableCauseExtractor extractor) {
+        Assert.notNull(extractor, "Invalid extractor: null");
 
         this.extractorMap.put(throwableType, extractor);
     }
@@ -116,26 +112,26 @@ public class ThrowableAnalyzer {
      * However, extractors registered to more specific types are guaranteed to be resolved first.
      * So in the default case InvocationTargetExceptions will be handled by {@link #INVOCATIONTARGET_EXTRACTOR}
      * while all other throwables are handled by {@link #DEFAULT_EXTRACTOR}.
-     * 
+     *
      * @see #registerExtractor(Class, ThrowableCauseExtractor)
      */
     protected void initExtractorMap() {
         registerExtractor(InvocationTargetException.class, INVOCATIONTARGET_EXTRACTOR);
         registerExtractor(Throwable.class, DEFAULT_EXTRACTOR);
     }
-    
+
     /**
      * Returns an array containing the classes for which extractors are registered.
      * The order of the classes is the order in which comparisons will occur for
      * resolving a matching extractor.
-     * 
+     *
      * @return the types for which extractors are registered
      */
     final Class[] getRegisteredTypes() {
-        List typeList = new ArrayList(this.extractorMap.keySet());
-        return (Class[]) typeList.toArray(new Class[typeList.size()]);
+        Set<Class<? extends Throwable>> typeList = this.extractorMap.keySet();
+        return typeList.toArray(new Class[typeList.size()]);
     }
-    
+
     /**
      * Determines the cause chain of the provided <code>Throwable</code>.
      * The returned array contains all throwables extracted from the stacktrace, using the registered
@@ -143,127 +139,103 @@ public class ThrowableAnalyzer {
      * The first element is the passed in throwable itself. The following elements
      * appear in their order downward the stacktrace.
      * <p>
-     * Note: If no {@link ThrowableCauseExtractor} is registered for this instance 
+     * Note: If no {@link ThrowableCauseExtractor} is registered for this instance
      * then the returned array will always only contain the passed in throwable.
-     * 
+     *
      * @param throwable the <code>Throwable</code> to analyze
      * @return an array of all determined throwables from the stacktrace
-     * 
+     *
      * @throws IllegalArgumentException if the throwable is <code>null</code>
-     * 
+     *
      * @see #initExtractorMap()
      */
     public final Throwable[] determineCauseChain(Throwable throwable) {
         if (throwable == null) {
             throw new IllegalArgumentException("Invalid throwable: null");
         }
-        
-        List chain = new ArrayList();
+
+        List<Throwable> chain = new ArrayList<Throwable>();
         Throwable currentThrowable = throwable;
-        
+
         while (currentThrowable != null) {
             chain.add(currentThrowable);
             currentThrowable = extractCause(currentThrowable);
         }
-        
-        return (Throwable[]) chain.toArray(new Throwable[chain.size()]);
+
+        return chain.toArray(new Throwable[chain.size()]);
     }
-    
+
     /**
      * Extracts the cause of the given throwable using an appropriate extractor.
-     * 
+     *
      * @param throwable the <code>Throwable</code> (not <code>null</code>
      * @return the cause, may be <code>null</code> if none could be resolved
      */
     private Throwable extractCause(Throwable throwable) {
-        for (Iterator iter = this.extractorMap.entrySet().iterator(); iter.hasNext(); ) {
-            Map.Entry entry = (Map.Entry) iter.next();
-            
-            Class throwableType = (Class) entry.getKey();
+        for (Map.Entry<Class<? extends Throwable>, ThrowableCauseExtractor> entry : extractorMap.entrySet()) {
+            Class<? extends Throwable> throwableType = entry.getKey();
             if (throwableType.isInstance(throwable)) {
                 ThrowableCauseExtractor extractor = (ThrowableCauseExtractor) entry.getValue();
                 return extractor.extractCause(throwable);
             }
         }
-        
+
         return null;
     }
-    
+
     /**
      * Returns the first throwable from the passed in array that is assignable to the provided type.
      * A returned instance is safe to be cast to the specified type.
      * <p>
      * If the passed in array is null or empty this method returns <code>null</code>.
-     * 
+     *
      * @param throwableType the type to look for
      * @param chain the array (will be processed in element order)
      * @return the found <code>Throwable</code>, <code>null</code> if not found
-     * 
-     * @throws IllegalArgumentException if the provided type is <code>null</code> 
+     *
+     * @throws IllegalArgumentException if the provided type is <code>null</code>
      * or no subclass of <code>Throwable</code>
      */
-    public final Throwable getFirstThrowableOfType(Class throwableType, Throwable[] chain) {
-        verifyThrowableType(throwableType);
-        
+    public final Throwable getFirstThrowableOfType(Class<? extends Throwable> throwableType, Throwable[] chain) {
         if (chain != null) {
             for (int i = 0; i < chain.length; ++i) {
                 Throwable t = chain[i];
-                
+
                 if ((t != null) && throwableType.isInstance(t)) {
                     return t;
                 }
             }
         }
-        
+
         return null;
     }
-    
-    /**
-     * Convenience method for verifying that the passed in class refers to a valid 
-     * subclass of <code>Throwable</code>.
-     * 
-     * @param throwableType the type to check
-     * 
-     * @throws IllegalArgumentException if <code>typeToCheck</code> is either <code>null</code>
-     * or not assignable to <code>expectedBaseType</code>
-     */
-    private static void verifyThrowableType(Class throwableType) {
-        if (throwableType == null) {
-            throw new IllegalArgumentException("Invalid type: null");
-        }
-        if (!Throwable.class.isAssignableFrom(throwableType)) {
-            throw new IllegalArgumentException("Invalid type: '" 
-                    + throwableType.getName() 
-                    + "'. Has to be a subclass of '" + Throwable.class.getName() + "'");
-        }
-    }
-    
+
     /**
      * Verifies that the provided throwable is a valid subclass of the provided type (or of the type itself).
      * If <code>expectdBaseType</code> is <code>null</code>, no check will be performed.
      * <p>
-     * Can be used for verification purposes in implementations 
+     * Can be used for verification purposes in implementations
      * of {@link ThrowableCauseExtractor extractors}.
-     * 
+     *
      * @param throwable the <code>Throwable</code> to check
      * @param expectedBaseType the type to check against
-     * 
+     *
      * @throws IllegalArgumentException if <code>throwable</code> is either <code>null</code>
      * or its type is not assignable to <code>expectedBaseType</code>
      */
-    public static final void verifyThrowableHierarchy(Throwable throwable, Class expectedBaseType) {
+    public static final void verifyThrowableHierarchy(Throwable throwable, Class<? extends Throwable> expectedBaseType) {
         if (expectedBaseType == null) {
             return;
         }
-        
+
         if (throwable == null) {
             throw new IllegalArgumentException("Invalid throwable: null");
         }
-        Class throwableType = throwable.getClass();
-        
+        Class<? extends Throwable> throwableType = throwable.getClass();
+
         if (!expectedBaseType.isAssignableFrom(throwableType)) {
-            throw new IllegalArgumentException("Invalid type: '" 
-                    + throwableType.getName() 
+            throw new IllegalArgumentException("Invalid type: '"
+                    + throwableType.getName()
                     + "'. Has to be a subclass of '" + expectedBaseType.getName() + "'");
         }
     }

core/src/main/java/org/springframework/security/vote/AbstractAclVoter.java

@@ -33,13 +33,13 @@ import org.springframework.util.Assert;
 public abstract class AbstractAclVoter implements AccessDecisionVoter {
     //~ Instance fields ================================================================================================
 
-    private Class processDomainObjectClass;
+    private Class<?> processDomainObjectClass;
 
     //~ Methods ========================================================================================================
 
     protected Object getDomainObjectInstance(Object secureObject) {
         Object[] args;
-        Class[] params;
+        Class<?>[] params;
 
         if (secureObject instanceof MethodInvocation) {
             MethodInvocation invocation = (MethodInvocation) secureObject;
@@ -61,11 +61,11 @@ public abstract class AbstractAclVoter implements AccessDecisionVoter {
             + " did not provide any argument of type: " + processDomainObjectClass);
     }
 
-    public Class getProcessDomainObjectClass() {
+    public Class<?> getProcessDomainObjectClass() {
         return processDomainObjectClass;
     }
 
-    public void setProcessDomainObjectClass(Class processDomainObjectClass) {
+    public void setProcessDomainObjectClass(Class<?> processDomainObjectClass) {
         Assert.notNull(processDomainObjectClass, "processDomainObjectClass cannot be set to null");
         this.processDomainObjectClass = processDomainObjectClass;
     }
@@ -78,7 +78,7 @@ public abstract class AbstractAclVoter implements AccessDecisionVoter {
      *
      * @return <code>true</code> if the secure object is <code>MethodInvocation</code>, <code>false</code> otherwise
      */
-    public boolean supports(Class<? extends Object> clazz) {
+    public boolean supports(Class<?> clazz) {
         if (MethodInvocation.class.isAssignableFrom(clazz)) {
             return true;
         } else if (JoinPoint.class.isAssignableFrom(clazz)) {

core/src/main/java/org/springframework/security/vote/AccessDecisionVoter.java

@@ -63,7 +63,7 @@ public interface AccessDecisionVoter {
      *
      * @return true if the implementation can process the indicated class
      */
-    boolean supports(Class<? extends Object> clazz);
+    boolean supports(Class<?> clazz);
 
     /**
      * Indicates whether or not access is granted.

core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java

@@ -83,7 +83,7 @@ public class AuthenticatedVoter implements AccessDecisionVoter {
      *
      * @return always <code>true</code>
      */
-    public boolean supports(Class<? extends Object> clazz) {
+    public boolean supports(Class<?> clazz) {
         return true;
     }
 

core/src/main/java/org/springframework/security/vote/RoleVoter.java

@@ -88,7 +88,7 @@ public class RoleVoter implements AccessDecisionVoter {
      *
      * @return always <code>true</code>
      */
-    public boolean supports(Class<? extends Object> clazz) {
+    public boolean supports(Class<?> clazz) {
         return true;
     }
 

core/src/test/java/org/springframework/security/MockRunAsManager.java

@@ -54,7 +54,7 @@ public class MockRunAsManager implements RunAsManager {
         }
     }
 
-    public boolean supports(Class clazz) {
+    public boolean supports(Class<?> clazz) {
         return true;
     }
 }

core/src/test/java/org/springframework/security/authoritymapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java

@@ -18,6 +18,7 @@ import org.springframework.security.GrantedAuthorityImpl;
  *
  * @author Ruud Senden
  */
+@SuppressWarnings("unchecked")
 public class MapBasedAttributes2GrantedAuthoritiesMapperTest {
 
     protected void setUp() throws Exception {

core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSourceTests.java

@@ -1,9 +1,8 @@
 package org.springframework.security.intercept.method;
 
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
 
 import java.lang.reflect.Method;
-import java.util.Arrays;
 import java.util.List;
 
 import org.junit.Before;
@@ -18,8 +17,8 @@ import org.springframework.security.SecurityConfig;
  * @since 2.0.4
  */
 public class MapBasedMethodDefinitionSourceTests {
-    private final List<? extends ConfigAttribute> ROLE_A = Arrays.asList(new SecurityConfig("ROLE_A"));
-    private final List<? extends ConfigAttribute> ROLE_B = Arrays.asList(new SecurityConfig("ROLE_B"));
+    private final List<ConfigAttribute> ROLE_A = SecurityConfig.createList("ROLE_A");
+    private final List<ConfigAttribute> ROLE_B = SecurityConfig.createList("ROLE_B");
     private MapBasedMethodDefinitionSource mds;
     private Method someMethodString;
     private Method someMethodInteger;

core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java

@@ -147,14 +147,8 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
 
         MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue();
         Iterator iter = map.getAllConfigAttributes().iterator();
-        int counter = 0;
 
-        while (iter.hasNext()) {
-            iter.next();
-            counter++;
-        }
-
-        assertEquals(3, counter);
+        assertEquals(5, map.getAllConfigAttributes().size());
     }
 
     public void testMultiMethodParsing() {

core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java

@@ -16,6 +16,7 @@
 package org.springframework.security.intercept.method;
 
 import java.lang.reflect.Method;
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import java.util.Vector;
@@ -34,35 +35,29 @@ import org.springframework.security.SecurityConfig;
 public class MockMethodDefinitionSource implements MethodDefinitionSource {
     //~ Instance fields ================================================================================================
 
-    private List list;
+    private List<ConfigAttribute> list;
     private boolean returnACollection;
 
     //~ Constructors ===================================================================================================
 
     public MockMethodDefinitionSource(boolean includeInvalidAttributes, boolean returnACollectionWhenRequested) {
         returnACollection = returnACollectionWhenRequested;
-        list = new Vector();
-
-        List<? extends ConfigAttribute> def1 = SecurityConfig.createList("MOCK_LOWER");
-        list.add(def1);
+        list = new ArrayList<ConfigAttribute>();
 
         if (includeInvalidAttributes) {
-            List<? extends ConfigAttribute> def2 = SecurityConfig.createList("MOCK_LOWER","INVALID_ATTRIBUTE");
-            list.add(def2);
+            list.addAll(SecurityConfig.createList("MOCK_LOWER","INVALID_ATTRIBUTE"));
         }
 
-        List<? extends ConfigAttribute> def3 = SecurityConfig.createList("MOCK_UPPER", "RUN_AS_");
-        list.add(def3);
+        list.addAll(SecurityConfig.createList("MOCK_LOWER", "MOCK_UPPER", "RUN_AS_"));
 
         if (includeInvalidAttributes) {
-            List<? extends ConfigAttribute> def4 = SecurityConfig.createList("MOCK_SOMETHING", "ANOTHER_INVALID");
-            list.add(def4);
+            list.addAll(SecurityConfig.createList("MOCK_SOMETHING", "ANOTHER_INVALID"));
         }
     }
 
     //~ Methods ========================================================================================================
 
-    public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
+    public Collection<ConfigAttribute> getAllConfigAttributes() {
         if (returnACollection) {
             return list;
         } else {
@@ -74,11 +69,11 @@ public class MockMethodDefinitionSource implements MethodDefinitionSource {
         throw new UnsupportedOperationException("mock method not implemented");
     }
 
-    public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
+    public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
         throw new UnsupportedOperationException("mock method not implemented");
     }
 
-    public boolean supports(Class clazz) {
+    public boolean supports(Class<?> clazz) {
         return (MethodInvocation.class.isAssignableFrom(clazz) || JoinPoint.class.isAssignableFrom(clazz));
     }
 

core/src/test/java/org/springframework/security/intercept/method/MockMethodInvocation.java

@@ -5,6 +5,7 @@ import java.lang.reflect.Method;
 
 import org.aopalliance.intercept.MethodInvocation;
 
+@SuppressWarnings("unchecked")
 public class MockMethodInvocation implements MethodInvocation {
     private Method method;
     private Object targetObject;

core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java

@@ -440,15 +440,15 @@ public class MethodSecurityInterceptorTests extends TestCase {
     }
 
     private class MockObjectDefinitionSourceWhichOnlySupportsStrings implements MethodDefinitionSource {
-        public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
+        public Collection<ConfigAttribute> getAllConfigAttributes() {
             return null;
         }
 
-        public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
+        public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
             throw new UnsupportedOperationException("mock method not implemented");
         }
 
-        public boolean supports(Class clazz) {
+        public boolean supports(Class<?> clazz) {
             if (String.class.isAssignableFrom(clazz)) {
                 return true;
             } else {
@@ -466,7 +466,7 @@ public class MethodSecurityInterceptorTests extends TestCase {
             throw new UnsupportedOperationException("mock method not implemented");
         }
 
-        public boolean supports(Class clazz) {
+        public boolean supports(Class<?> clazz) {
             if (String.class.isAssignableFrom(clazz)) {
                 return true;
             } else {

core/src/test/java/org/springframework/security/providers/ldap/LdapAuthenticationProviderTests.java

@@ -108,7 +108,7 @@ public class LdapAuthenticationProviderTests extends TestCase {
         assertEquals("ben", user.getUsername());
         assertEquals("ben", populator.getRequestedUsername());
 
-        ArrayList authorities = new ArrayList();
+        ArrayList<String> authorities = new ArrayList<String>();
         authorities.add(user.getAuthorities().get(0).getAuthority());
         authorities.add(user.getAuthorities().get(1).getAuthority());
 

core/src/test/java/org/springframework/security/runas/RunAsUserTokenTests.java

@@ -70,7 +70,7 @@ public class RunAsUserTokenTests extends TestCase {
     }
 
     public void testNoArgConstructorDoesntExist() {
-        Class clazz = RunAsUserToken.class;
+        Class<RunAsUserToken> clazz = RunAsUserToken.class;
 
         try {
             clazz.getDeclaredConstructor((Class[]) null);

core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java

@@ -15,28 +15,24 @@
 
 package org.springframework.security.securechannel;
 
-import junit.framework.TestCase;
-
-import org.springframework.security.ConfigAttribute;
-import org.springframework.security.SecurityConfig;
-
-import org.springframework.security.intercept.web.FilterInvocation;
-import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-
 import java.io.IOException;
-
 import java.util.Collection;
 import java.util.List;
-import java.util.Vector;
 
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 
+import junit.framework.TestCase;
+
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.security.ConfigAttribute;
+import org.springframework.security.SecurityConfig;
+import org.springframework.security.intercept.web.FilterInvocation;
+import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
+
 
 /**
  * Tests {@link ChannelProcessingFilter}.
@@ -266,18 +262,15 @@ public class ChannelProcessingFilterTests extends TestCase {
             }
         }
 
-        public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
+        public Collection<ConfigAttribute> getAllConfigAttributes() {
             if (!provideIterator) {
                 return null;
             }
 
-            List list = new Vector();
-            list.add(toReturn);
-
-            return list;
+            return toReturn;
         }
 
-        public boolean supports(Class clazz) {
+        public boolean supports(Class<?> clazz) {
             return true;
         }
     }

core/src/test/java/org/springframework/security/util/ThrowableAnalyzerTests.java

@@ -5,10 +5,11 @@ import java.lang.reflect.InvocationTargetException;
 import junit.framework.TestCase;
 
 /**
- * Testcases for {@link ThrowableAnalyzer}.
+ * Test cases for {@link ThrowableAnalyzer}.
  *
  * @author Andreas Senft
  */
+@SuppressWarnings("unchecked")
 public class ThrowableAnalyzerTests extends TestCase {
 
     /**
@@ -101,27 +102,6 @@ public class ThrowableAnalyzerTests extends TestCase {
         super.tearDown();
     }
 
-
-    public void testRegisterExtractorWithInvalidClass() {
-        try {
-            new ThrowableAnalyzer() {
-
-                /**
-                 * @see org.springframework.security.util.ThrowableAnalyzer#initExtractorMap()
-                 */
-                @Override
-                protected void initExtractorMap() {
-                    // Object is no subclass of Throwable
-                    super.registerExtractor(Object.class, DEFAULT_EXTRACTOR);
-                }
-            };
-
-            fail("IllegalArgumentExpected");
-        } catch (IllegalArgumentException e) {
-            // ok
-        }
-    }
-
     public void testRegisterExtractorWithInvalidExtractor() {
         try {
             new ThrowableAnalyzer() {

core/src/test/java/org/springframework/security/vote/AbstractAccessDecisionManagerTests.java

@@ -152,7 +152,7 @@ public class AbstractAccessDecisionManagerTests extends TestCase {
     }
 
     private class MockStringOnlyVoter implements AccessDecisionVoter {
-        public boolean supports(Class<? extends Object> clazz) {
+        public boolean supports(Class<?> clazz) {
             if (String.class.isAssignableFrom(clazz)) {
                 return true;
             } else {

core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java

@@ -47,7 +47,7 @@ public class DenyAgainVoter implements AccessDecisionVoter {
         }
     }
 
-    public boolean supports(Class<? extends Object> clazz) {
+    public boolean supports(Class<?> clazz) {
         return true;
     }
 

core/src/test/java/org/springframework/security/vote/DenyVoter.java

@@ -41,7 +41,7 @@ public class DenyVoter implements AccessDecisionVoter {
         }
     }
 
-    public boolean supports(Class<? extends Object> clazz) {
+    public boolean supports(Class<?> clazz) {
         return true;
     }