Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority.

It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
Luke Taylor 14 years ago
parent
978b7d4707
commit
4a40d80da1
45 changed files with 380 additions and 414 deletions
Split View Show Diff Stats
  1. 10 26
      acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java
  2. 14 17
      acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java
  3. 14 22
      acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java
  4. 7 7
      acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java
  5. 11 12
      acl/src/test/java/org/springframework/security/acls/sid/SidTests.java
  6. 3 3
      acl/src/test/resources/jdbcMutableAclServiceTests-context.xml
  7. 3 3
      cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java
  8. 6 8
      cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java
  9. 5 6
      cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java
  10. 5 8
      config/src/test/java/org/springframework/security/config/ldap/LdapUserServiceBeanDefinitionParserTests.java
  11. 8 15
      core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java
  12. 4 4
      core/src/main/java/org/springframework/security/access/intercept/RunAsManagerImpl.java
  13. 31 6
      core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java
  14. 1 1
      core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java
  15. 3 7
      core/src/main/java/org/springframework/security/core/authority/GrantedAuthorityImpl.java
  16. 46 0
      core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java
  17. 2 2
      core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java
  18. 3 3
      core/src/main/java/org/springframework/security/core/authority/mapping/SimpleAttributes2GrantedAuthoritiesMapper.java
  19. 3 3
      core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java
  20. 2 2
      core/src/main/java/org/springframework/security/core/userdetails/memory/UserAttribute.java
  21. 2 2
      core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java
  22. 11 23
      core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java
  23. 3 8
      core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java
  24. 5 6
      core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java
  25. 9 5
      core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java
  26. 7 8
      core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java
  27. 0 77
      core/src/test/java/org/springframework/security/core/authority/GrantedAuthorityImplTests.java
  28. 54 0
      core/src/test/java/org/springframework/security/core/authority/SimpleGrantedAuthorityTests.java
  29. 5 5
      core/src/test/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java
  30. 2 2
      core/src/test/java/org/springframework/security/core/userdetails/UserTests.java
  31. 3 3
      core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java
  32. 2 2
      docs/manual/src/docbook/technical-overview.xml
  33. 6 11
      itest/context/src/test/java/org/springframework/security/performance/FilterChainPerformanceTests.java
  34. 3 3
      ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java
  35. 2 2
      ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java
  36. 2 2
      ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java
  37. 1 1
      samples/contacts/src/main/resources/applicationContext-common-authorization.xml
  38. 3 3
      samples/dms/src/main/resources/applicationContext-dms-secure.xml
  39. 16 19
      taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java
  40. 5 11
      taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java
  41. 2 13
      taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java
  42. 2 13
      taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java
  43. 33 7
      web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java
  44. 15 19
      web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java
  45. 6 14
      web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java

+ 10 - 26
acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java
View File 

@@ -3,33 +3,17 @@ package org.springframework.security.acls.domain;
 
 import static org.junit.Assert.*;
 
 import static org.mockito.Mockito.*;
 
 
-import java.lang.reflect.Field;
 
-import java.util.*;
 
-
 
-import org.junit.After;
 
-import org.junit.Before;
 
-import org.junit.Test;
 
-import org.springframework.security.acls.model.AccessControlEntry;
 
-import org.springframework.security.acls.model.Acl;
 
-import org.springframework.security.acls.model.AlreadyExistsException;
 
-import org.springframework.security.acls.model.AuditableAccessControlEntry;
 
-import org.springframework.security.acls.model.AuditableAcl;
 
-import org.springframework.security.acls.model.ChildrenExistException;
 
-import org.springframework.security.acls.model.MutableAcl;
 
-import org.springframework.security.acls.model.MutableAclService;
 
-import org.springframework.security.acls.model.NotFoundException;
 
-import org.springframework.security.acls.model.ObjectIdentity;
 
-import org.springframework.security.acls.model.OwnershipAcl;
 
-import org.springframework.security.acls.model.Permission;
 
-import org.springframework.security.acls.model.PermissionGrantingStrategy;
 
-import org.springframework.security.acls.model.Sid;
 
+import org.junit.*;
 
+import org.springframework.security.acls.model.*;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
 import org.springframework.security.core.Authentication;
 
-import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import org.springframework.security.util.FieldUtils;
 
 
+import java.lang.reflect.Field;
 
+import java.util.*;
 
+
 
 
 /**
 
  * Tests for {@link AclImpl}.
 
@@ -201,9 +185,9 @@ public class AclImplTests {
 
 
     @Test
 
     public void deleteAceFailsForNonExistentElement() throws Exception {
 
-        AclAuthorizationStrategyImpl strategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
 
-                new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
 
-                new GrantedAuthorityImpl("ROLE_GENERAL") });
 
+        AclAuthorizationStrategyImpl strategy = new AclAuthorizationStrategyImpl(
 
+                new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
 
+                new SimpleGrantedAuthority("ROLE_GENERAL"));
 
         MutableAcl acl = new AclImpl(objectIdentity, (1), strategy, pgs, null, null, true, new PrincipalSid(
 
                 "joe"));
 
         try {
 
@@ -424,7 +408,7 @@ public class AclImplTests {
 
         acl.setEntriesInheriting(false);
 
         assertFalse(acl.isEntriesInheriting());
 
 
-        ((OwnershipAcl) acl).setOwner(new PrincipalSid("ben"));
 
+        acl.setOwner(new PrincipalSid("ben"));
 
         assertEquals(acl.getOwner(), new PrincipalSid("ben"));
 
     }

+ 14 - 17
acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java
View File 

@@ -2,9 +2,7 @@ package org.springframework.security.acls.domain;
 
 
 import static org.junit.Assert.*;
 
 
-import org.junit.After;
 
-import org.junit.Before;
 
-import org.junit.Test;
 
+import org.junit.*;
 
 import org.springframework.security.access.AccessDeniedException;
 
 import org.springframework.security.acls.model.Acl;
 
 import org.springframework.security.acls.model.MutableAcl;
 
@@ -12,8 +10,7 @@ import org.springframework.security.acls.model.NotFoundException;
 
 import org.springframework.security.acls.model.ObjectIdentity;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
 import org.springframework.security.core.Authentication;
 
-import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 
 /**
 
@@ -44,9 +41,9 @@ public class AclImplementationSecurityCheckTests {
 
         SecurityContextHolder.getContext().setAuthentication(auth);
 
 
         ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
 
-        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
 
-                new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
 
-                new GrantedAuthorityImpl("ROLE_GENERAL") });
 
+        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
 
+                new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
 
+                new SimpleGrantedAuthority("ROLE_GENERAL"));
 
 
         Acl acl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
 
 
@@ -55,9 +52,9 @@ public class AclImplementationSecurityCheckTests {
 
         aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_OWNERSHIP);
 
 
         // Create another authorization strategy
 
-        AclAuthorizationStrategy aclAuthorizationStrategy2 = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
 
-                new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"),
 
-                new GrantedAuthorityImpl("ROLE_THREE") });
 
+        AclAuthorizationStrategy aclAuthorizationStrategy2 = new AclAuthorizationStrategyImpl(
 
+                new SimpleGrantedAuthority("ROLE_ONE"), new SimpleGrantedAuthority("ROLE_TWO"),
 
+                new SimpleGrantedAuthority("ROLE_THREE"));
 
         Acl acl2 = new AclImpl(identity, new Long(1), aclAuthorizationStrategy2, new ConsoleAuditLogger());
 
         // Check access in case the principal has no authorization rights
 
         try {
 
@@ -90,8 +87,8 @@ public class AclImplementationSecurityCheckTests {
 
         ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
 
         // Authorization strategy will require a different role for each access
 
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
 
-                new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
 
-                new GrantedAuthorityImpl("ROLE_GENERAL"));
 
+                new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
 
+                new SimpleGrantedAuthority("ROLE_GENERAL"));
 
 
         // Let's give the principal the ADMINISTRATION permission, without
 
         // granting access
 
@@ -178,8 +175,8 @@ public class AclImplementationSecurityCheckTests {
 
         ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100);
 
         // Authorization strategy will require a different role for each access
 
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
 
-                new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"),
 
-                new GrantedAuthorityImpl("ROLE_GENERAL"));
 
+                new SimpleGrantedAuthority("ROLE_ONE"), new SimpleGrantedAuthority("ROLE_TWO"),
 
+                new SimpleGrantedAuthority("ROLE_GENERAL"));
 
 
         // Let's give the principal an ADMINISTRATION permission, with granting
 
         // access
 
@@ -235,8 +232,8 @@ public class AclImplementationSecurityCheckTests {
 
 
         ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100);
 
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
 
-                new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
 
-                new GrantedAuthorityImpl("ROLE_GENERAL"));
 
+                new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
 
+                new SimpleGrantedAuthority("ROLE_GENERAL"));
 
 
         Acl acl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger(), null, null,
 
                 false, new PrincipalSid(auth));

+ 14 - 22
acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java
View File 

@@ -1,19 +1,10 @@
 
 package org.springframework.security.acls.jdbc;
 
 
-import java.util.Arrays;
 
-import java.util.List;
 
-import java.util.Map;
 
-
 
 import junit.framework.Assert;
 
 import net.sf.ehcache.Cache;
 
 import net.sf.ehcache.CacheManager;
 
 import net.sf.ehcache.Ehcache;
 
-
 
-import org.junit.After;
 
-import org.junit.AfterClass;
 
-import org.junit.Before;
 
-import org.junit.BeforeClass;
 
-import org.junit.Test;
 
+import org.junit.*;
 
 import org.springframework.core.io.ClassPathResource;
 
 import org.springframework.core.io.Resource;
 
 import org.springframework.jdbc.core.JdbcTemplate;
 
@@ -34,10 +25,11 @@ import org.springframework.security.acls.model.NotFoundException;
 
 import org.springframework.security.acls.model.ObjectIdentity;
 
 import org.springframework.security.acls.model.Permission;
 
 import org.springframework.security.acls.model.Sid;
 
-import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.util.FileCopyUtils;
 
 
+import java.util.*;
 
+
 
 /**
 
  * Tests {@link BasicLookupStrategy}
 
  *
 
@@ -101,7 +93,7 @@ public class BasicLookupStrategyTests {
 
     @Before
 
     public void initializeBeans() {
 
         EhCacheBasedAclCache cache = new EhCacheBasedAclCache(getCache());
 
-        AclAuthorizationStrategy authorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthorityImpl("ROLE_ADMINISTRATOR"));
 
+        AclAuthorizationStrategy authorizationStrategy = new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_ADMINISTRATOR"));
 
         strategy = new BasicLookupStrategy(dataSource, cache, authorizationStrategy,
 
                 new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()));
 
         strategy.setPermissionFactory(new DefaultPermissionFactory());
 
@@ -157,7 +149,7 @@ public class BasicLookupStrategyTests {
 
         ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(102));
 
 
         // Set a batch size to allow multiple database queries in order to retrieve all acls
 
-        ((BasicLookupStrategy) this.strategy).setBatchSize(1);
 
+        this.strategy.setBatchSize(1);
 
         Map<ObjectIdentity, Acl> map = this.strategy.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
 
         checkEntries(topParentOid, middleParentOid, childOid, map);
 
     }
 
@@ -199,14 +191,14 @@ public class BasicLookupStrategyTests {
 
         Assert.assertEquals(topParent.getEntries().get(0).getSid(), new PrincipalSid("ben"));
 
         Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditFailure());
 
         Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditSuccess());
 
-        Assert.assertTrue(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isGranting());
 
+        Assert.assertTrue((topParent.getEntries().get(0)).isGranting());
 
 
         Assert.assertEquals(topParent.getEntries().get(1).getId(), Long.valueOf(2));
 
         Assert.assertEquals(topParent.getEntries().get(1).getPermission(), BasePermission.WRITE);
 
         Assert.assertEquals(topParent.getEntries().get(1).getSid(), new PrincipalSid("ben"));
 
         Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditFailure());
 
         Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditSuccess());
 
-        Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isGranting());
 
+        Assert.assertFalse(topParent.getEntries().get(1).isGranting());
 
 
         Assert.assertTrue(middleParent.isEntriesInheriting());
 
         Assert.assertEquals(middleParent.getId(), Long.valueOf(2));
 
@@ -216,7 +208,7 @@ public class BasicLookupStrategyTests {
 
         Assert.assertEquals(middleParent.getEntries().get(0).getSid(), new PrincipalSid("ben"));
 
         Assert.assertFalse(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditFailure());
 
         Assert.assertFalse(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditSuccess());
 
-        Assert.assertTrue(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isGranting());
 
+        Assert.assertTrue(middleParent.getEntries().get(0).isGranting());
 
 
         Assert.assertTrue(child.isEntriesInheriting());
 
         Assert.assertEquals(child.getId(), Long.valueOf(3));
 
@@ -244,11 +236,11 @@ public class BasicLookupStrategyTests {
 
 
         // Check that the child and all its parents were retrieved
 
         Assert.assertNotNull(map.get(childOid));
 
-        Assert.assertEquals(childOid, ((Acl) map.get(childOid)).getObjectIdentity());
 
+        Assert.assertEquals(childOid, map.get(childOid).getObjectIdentity());
 
         Assert.assertNotNull(map.get(middleParentOid));
 
-        Assert.assertEquals(middleParentOid, ((Acl) map.get(middleParentOid)).getObjectIdentity());
 
+        Assert.assertEquals(middleParentOid, map.get(middleParentOid).getObjectIdentity());
 
         Assert.assertNotNull(map.get(topParentOid));
 
-        Assert.assertEquals(topParentOid, ((Acl) map.get(topParentOid)).getObjectIdentity());
 
+        Assert.assertEquals(topParentOid, map.get(topParentOid).getObjectIdentity());
 
 
         // The second parent shouldn't have been retrieved
 
         Assert.assertNull(map.get(middleParent2Oid));
 
@@ -279,7 +271,7 @@ public class BasicLookupStrategyTests {
 
         strategy.setBatchSize(6);
 
         Map<ObjectIdentity, Acl> foundAcls = strategy.readAclsById(childOids, sids);
 
 
-        Acl foundChildAcl = (Acl) foundAcls.get(childOid);
 
+        Acl foundChildAcl = foundAcls.get(childOid);
 
         Assert.assertNotNull(foundChildAcl);
 
         Assert.assertTrue(foundChildAcl.isGranted(checkPermission, sids, false));
 
 
@@ -293,7 +285,7 @@ public class BasicLookupStrategyTests {
 
             Assert.fail("It shouldn't have thrown NotFoundException");
 
         }
 
 
-        Acl foundParent2Acl = (Acl) foundAcls.get(parent2Oid);
 
+        Acl foundParent2Acl = foundAcls.get(parent2Oid);
 
         Assert.assertNotNull(foundParent2Acl);
 
         Assert.assertTrue(foundParent2Acl.isGranted(checkPermission, sids, false));
 
     }

+ 7 - 7
acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java
View File 

@@ -16,7 +16,7 @@ import org.springframework.security.acls.model.MutableAcl;
 
 import org.springframework.security.acls.model.ObjectIdentity;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
 import org.springframework.security.core.Authentication;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import org.springframework.security.util.FieldUtils;
 
 
@@ -124,8 +124,8 @@ public class EhCacheBasedAclCacheTests {
 
     public void testDiskSerializationOfMutableAclObjectInstance() throws Exception {
 
         ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100));
 
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
 
-                new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
 
-                new GrantedAuthorityImpl("ROLE_GENERAL"));
 
+                new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
 
+                new SimpleGrantedAuthority("ROLE_GENERAL"));
 
         MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
 
 
         // Serialization test
 
@@ -156,8 +156,8 @@ public class EhCacheBasedAclCacheTests {
 
 
         ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100));
 
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
 
-                new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
 
-                new GrantedAuthorityImpl("ROLE_GENERAL"));
 
+                new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
 
+                new SimpleGrantedAuthority("ROLE_GENERAL"));
 
         MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
 
 
         assertEquals(0, cache.getDiskStoreSize());
 
@@ -210,8 +210,8 @@ public class EhCacheBasedAclCacheTests {
 
         ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(1));
 
         ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(2));
 
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
 
-                new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
 
-                new GrantedAuthorityImpl("ROLE_GENERAL"));
 
+                new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
 
+                new SimpleGrantedAuthority("ROLE_GENERAL"));
 
         MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
 
         MutableAcl parentAcl = new AclImpl(identityParent, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger());

+ 11 - 12
acl/src/test/java/org/springframework/security/acls/sid/SidTests.java
View File 

@@ -2,14 +2,13 @@ package org.springframework.security.acls.sid;
 
 
 import junit.framework.Assert;
 
 import junit.framework.TestCase;
 
-
 
 import org.springframework.security.acls.domain.GrantedAuthoritySid;
 
 import org.springframework.security.acls.domain.PrincipalSid;
 
 import org.springframework.security.acls.model.Sid;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
 import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 
 public class SidTests extends TestCase {
 
 
@@ -109,7 +108,7 @@ public class SidTests extends TestCase {
 
         }
 
 
         try {
 
-            GrantedAuthority ga = new GrantedAuthorityImpl(null);
 
+            GrantedAuthority ga = new SimpleGrantedAuthority(null);
 
             new GrantedAuthoritySid(ga);
 
             Assert.fail("It should have thrown IllegalArgumentException");
 
         }
 
@@ -118,7 +117,7 @@ public class SidTests extends TestCase {
 
         }
 
 
         try {
 
-            GrantedAuthority ga = new GrantedAuthorityImpl("ROLE_TEST");
 
+            GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
 
             new GrantedAuthoritySid(ga);
 
             Assert.assertTrue(true);
 
         }
 
@@ -142,15 +141,15 @@ public class SidTests extends TestCase {
 
     }
 
 
     public void testGrantedAuthoritySidEquals() throws Exception {
 
-        GrantedAuthority ga = new GrantedAuthorityImpl("ROLE_TEST");
 
+        GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
 
         Sid gaSid = new GrantedAuthoritySid(ga);
 
 
         Assert.assertFalse(gaSid.equals(null));
 
         Assert.assertFalse(gaSid.equals("DIFFERENT_TYPE_OBJECT"));
 
         Assert.assertTrue(gaSid.equals(gaSid));
 
         Assert.assertTrue(gaSid.equals(new GrantedAuthoritySid(ga)));
 
-        Assert.assertTrue(gaSid.equals(new GrantedAuthoritySid(new GrantedAuthorityImpl("ROLE_TEST"))));
 
-        Assert.assertFalse(gaSid.equals(new GrantedAuthoritySid(new GrantedAuthorityImpl("ROLE_NOT_EQUAL"))));
 
+        Assert.assertTrue(gaSid.equals(new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_TEST"))));
 
+        Assert.assertFalse(gaSid.equals(new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_NOT_EQUAL"))));
 
         Assert.assertTrue(gaSid.equals(new GrantedAuthoritySid("ROLE_TEST")));
 
         Assert.assertFalse(gaSid.equals(new GrantedAuthoritySid("ROLE_NOT_EQUAL")));
 
     }
 
@@ -159,26 +158,26 @@ public class SidTests extends TestCase {
 
         Authentication authentication = new TestingAuthenticationToken("johndoe", "password");
 
         Sid principalSid = new PrincipalSid(authentication);
 
 
-        Assert.assertTrue(principalSid.hashCode() == new String("johndoe").hashCode());
 
+        Assert.assertTrue(principalSid.hashCode() == "johndoe".hashCode());
 
         Assert.assertTrue(principalSid.hashCode() == new PrincipalSid("johndoe").hashCode());
 
         Assert.assertTrue(principalSid.hashCode() != new PrincipalSid("scott").hashCode());
 
         Assert.assertTrue(principalSid.hashCode() != new PrincipalSid(new TestingAuthenticationToken("scott", "password")).hashCode());
 
     }
 
 
     public void testGrantedAuthoritySidHashCode() throws Exception {
 
-        GrantedAuthority ga = new GrantedAuthorityImpl("ROLE_TEST");
 
+        GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
 
         Sid gaSid = new GrantedAuthoritySid(ga);
 
 
-        Assert.assertTrue(gaSid.hashCode() == new String("ROLE_TEST").hashCode());
 
+        Assert.assertTrue(gaSid.hashCode() == "ROLE_TEST".hashCode());
 
         Assert.assertTrue(gaSid.hashCode() == new GrantedAuthoritySid("ROLE_TEST").hashCode());
 
         Assert.assertTrue(gaSid.hashCode() != new GrantedAuthoritySid("ROLE_TEST_2").hashCode());
 
-        Assert.assertTrue(gaSid.hashCode() != new GrantedAuthoritySid(new GrantedAuthorityImpl("ROLE_TEST_2")).hashCode());
 
+        Assert.assertTrue(gaSid.hashCode() != new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_TEST_2")).hashCode());
 
     }
 
 
     public void testGetters() throws Exception {
 
         Authentication authentication = new TestingAuthenticationToken("johndoe", "password");
 
         PrincipalSid principalSid = new PrincipalSid(authentication);
 
-        GrantedAuthority ga = new GrantedAuthorityImpl("ROLE_TEST");
 
+        GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
 
         GrantedAuthoritySid gaSid = new GrantedAuthoritySid(ga);
 
 
         Assert.assertTrue("johndoe".equals(principalSid.getPrincipal()));

+ 3 - 3
acl/src/test/resources/jdbcMutableAclServiceTests-context.xml
View File 

@@ -36,13 +36,13 @@
 
     <bean id="aclAuthorizationStrategy" class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
 
         <constructor-arg>
 
             <list>
 
-                <bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
 
+                <bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
 
                     <constructor-arg value="ROLE_ADMINISTRATOR"/>
 
                 </bean>
 
-                <bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
 
+                <bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
 
                     <constructor-arg value="ROLE_ADMINISTRATOR"/>
 
                 </bean>
 
-                <bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
 
+                <bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
 
                     <constructor-arg value="ROLE_ADMINISTRATOR"/>
 
                 </bean>
 
             </list>

+ 3 - 3
cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java
View File 

@@ -17,7 +17,7 @@ package org.springframework.security.cas.userdetails;
 
 import org.springframework.security.core.userdetails.UserDetails;
 
 import org.springframework.security.core.userdetails.User;
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.util.Assert;
 
 import org.jasig.cas.client.validation.Assertion;
 
 
@@ -62,11 +62,11 @@ public final class GrantedAuthorityFromAssertionAttributesUserDetailsService ext
 
                 final List list = (List) value;
 
 
                 for (final Object o : list) {
 
-                    grantedAuthorities.add(new GrantedAuthorityImpl(this.convertToUpperCase ? o.toString().toUpperCase() : o.toString()));
 
+                    grantedAuthorities.add(new SimpleGrantedAuthority(this.convertToUpperCase ? o.toString().toUpperCase() : o.toString()));
 
                 }
 
 
             } else {
 
-                grantedAuthorities.add(new GrantedAuthorityImpl(this.convertToUpperCase ? value.toString().toUpperCase() : value.toString()));
 
+                grantedAuthorities.add(new SimpleGrantedAuthority(this.convertToUpperCase ? value.toString().toUpperCase() : value.toString()));
 
             }
 
 
         }

+ 6 - 8
cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java
View File 

@@ -18,28 +18,26 @@ package org.springframework.security.cas.authentication;
 
 
 import static org.junit.Assert.*;
 
 
-import java.util.HashMap;
 
-import java.util.Map;
 
-
 
 import org.jasig.cas.client.validation.Assertion;
 
 import org.jasig.cas.client.validation.AssertionImpl;
 
 import org.jasig.cas.client.validation.TicketValidationException;
 
 import org.jasig.cas.client.validation.TicketValidator;
 
-import org.junit.Test;
 
+import org.junit.*;
 
 import org.springframework.security.authentication.BadCredentialsException;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
 import org.springframework.security.cas.ServiceProperties;
 
 import org.springframework.security.cas.web.CasAuthenticationFilter;
 
 import org.springframework.security.core.Authentication;
 
-import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
 
 import org.springframework.security.core.userdetails.User;
 
 import org.springframework.security.core.userdetails.UserDetails;
 
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
 
+import java.util.*;
 
+
 
 
 /**
 
  * Tests {@link CasAuthenticationProvider}.
 
@@ -98,8 +96,8 @@ public class CasAuthenticationProviderTests {
 
         CasAuthenticationToken casResult = (CasAuthenticationToken) result;
 
         assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casResult.getPrincipal());
 
         assertEquals("ST-123", casResult.getCredentials());
 
-        assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_A")));
 
-        assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_B")));
 
+        assertTrue(casResult.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_A")));
 
+        assertTrue(casResult.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_B")));
 
         assertEquals(cap.getKey().hashCode(), casResult.getKeyHash());
 
         assertEquals("details", casResult.getDetails());

+ 5 - 6
cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java
View File 

@@ -15,19 +15,18 @@
 
 
 package org.springframework.security.cas.authentication;
 
 
-import java.util.List;
 
-
 
 import junit.framework.TestCase;
 
-
 
 import org.jasig.cas.client.validation.Assertion;
 
 import org.jasig.cas.client.validation.AssertionImpl;
 
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.userdetails.User;
 
 import org.springframework.security.core.userdetails.UserDetails;
 
 
+import java.util.*;
 
+
 
 /**
 
  * Tests {@link CasAuthenticationToken}.
 
  *
 
@@ -108,8 +107,8 @@ public class CasAuthenticationTokenTests extends TestCase {
 
         assertEquals("key".hashCode(), token.getKeyHash());
 
         assertEquals(makeUserDetails(), token.getPrincipal());
 
         assertEquals("Password", token.getCredentials());
 
-        assertTrue(token.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_ONE")));
 
-        assertTrue(token.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_TWO")));
 
+        assertTrue(token.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_ONE")));
 
+        assertTrue(token.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_TWO")));
 
         assertEquals(assertion, token.getAssertion());
 
         assertEquals(makeUserDetails().getUsername(), token.getUserDetails().getUsername());
 
     }

+ 5 - 8
config/src/test/java/org/springframework/security/config/ldap/LdapUserServiceBeanDefinitionParserTests.java
View File 

@@ -1,17 +1,12 @@
 
 package org.springframework.security.config.ldap;
 
 
 import static org.junit.Assert.*;
 
-import static org.mockito.Mockito.mock;
 
+import static org.mockito.Mockito.*;
 
 import static org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser.*;
 
 
-import java.util.Set;
 
-
 
-import org.junit.After;
 
-import org.junit.Test;
 
-import org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser;
 
+import org.junit.*;
 
 import org.springframework.security.config.util.InMemoryXmlApplicationContext;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
 import org.springframework.security.core.userdetails.UserDetails;
 
 import org.springframework.security.core.userdetails.UserDetailsService;
 
 import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
 
@@ -24,6 +19,8 @@ import org.springframework.security.ldap.userdetails.Person;
 
 import org.springframework.security.ldap.userdetails.PersonContextMapper;
 
 import org.w3c.dom.Element;
 
 
+import java.util.*;
 
+
 
 /**
 
  * @author Luke Taylor
 
  */
 
@@ -108,7 +105,7 @@ public class LdapUserServiceBeanDefinitionParserTests {
 
 
         Set<String> authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities());
 
         assertEquals(3, authorities.size());
 
-        assertTrue(authorities.contains(new GrantedAuthorityImpl("ROLE_DEVELOPER")));
 
+        assertTrue(authorities.contains("ROLE_DEVELOPER"));
 
 
     }

+ 8 - 15
core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java
View File 

@@ -15,22 +15,15 @@
 
 package org.springframework.security.access.hierarchicalroles;
 
 
 
-import java.util.ArrayList;
 
-import java.util.Collection;
 
-import java.util.HashMap;
 
-import java.util.HashSet;
 
-import java.util.Iterator;
 
-import java.util.List;
 
-import java.util.Map;
 
-import java.util.Set;
 
-import java.util.regex.Matcher;
 
-import java.util.regex.Pattern;
 
-
 
 import org.apache.commons.logging.Log;
 
 import org.apache.commons.logging.LogFactory;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
+
 
+import java.util.*;
 
+import java.util.regex.Matcher;
 
+import java.util.regex.Pattern;
 
 
 /**
 
  * <p>
 
@@ -173,8 +166,8 @@ public class RoleHierarchyImpl implements RoleHierarchy {
 
         rolesReachableInOneStepMap = new HashMap<GrantedAuthority, Set<GrantedAuthority>>();
 
 
         while (roleHierarchyMatcher.find()) {
 
-            GrantedAuthority higherRole = new GrantedAuthorityImpl(roleHierarchyMatcher.group(2));
 
-            GrantedAuthority lowerRole = new GrantedAuthorityImpl(roleHierarchyMatcher.group(3));
 
+            GrantedAuthority higherRole = new SimpleGrantedAuthority(roleHierarchyMatcher.group(2));
 
+            GrantedAuthority lowerRole = new SimpleGrantedAuthority(roleHierarchyMatcher.group(3));
 
             Set<GrantedAuthority> rolesReachableInOneStepSet;
 
 
             if (!rolesReachableInOneStepMap.containsKey(higherRole)) {
 
@@ -210,7 +203,7 @@ public class RoleHierarchyImpl implements RoleHierarchy {
 
 
             while (!rolesToVisitSet.isEmpty()) {
 
                 // take a role from the rolesToVisit set
 
-                GrantedAuthority aRole = (GrantedAuthority) rolesToVisitSet.iterator().next();
 
+                GrantedAuthority aRole = rolesToVisitSet.iterator().next();
 
                 rolesToVisitSet.remove(aRole);
 
                 addReachableRoles(visitedRolesSet, aRole);
 
                 if (rolesReachableInOneStepMap.containsKey(aRole)) {

+ 4 - 4
core/src/main/java/org/springframework/security/access/intercept/RunAsManagerImpl.java
View File 

@@ -23,7 +23,7 @@ import org.springframework.beans.factory.InitializingBean;
 
 import org.springframework.security.access.ConfigAttribute;
 
 import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.util.Assert;
 
 
 
@@ -32,8 +32,8 @@ import org.springframework.util.Assert;
 
  * <p>
 
  * Is activated if any {@link ConfigAttribute#getAttribute()} is prefixed  with <Code>RUN_AS_</code>.
 
  * If found, it generates a new {@link RunAsUserToken} containing the same principal, credentials and granted
 
- * authorities as the original {@link Authentication} object, along with {@link GrantedAuthorityImpl}s for each
 
- * <code>RUN_AS_</code> indicated. The created <code>GrantedAuthorityImpl</code>s will be prefixed with a special
 
+ * authorities as the original {@link Authentication} object, along with {@link SimpleGrantedAuthority}s for each
 
+ * <code>RUN_AS_</code> indicated. The created <code>SimpleGrantedAuthority</code>s will be prefixed with a special
 
  * prefix indicating that it is a role (default prefix value is <code>ROLE_</code>), and then the remainder of the
 
  * <code>RUN_AS_</code> keyword. For example, <code>RUN_AS_FOO</code> will result in the creation of a granted
 
  * authority of <code>ROLE_RUN_AS_FOO</code>.
 
@@ -66,7 +66,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
 
 
         for (ConfigAttribute attribute : attributes) {
 
             if (this.supports(attribute)) {
 
-                GrantedAuthority extraAuthority = new GrantedAuthorityImpl(getRolePrefix() + attribute.getAttribute());
 
+                GrantedAuthority extraAuthority = new SimpleGrantedAuthority(getRolePrefix() + attribute.getAttribute());
 
                 newAuthorities.add(extraAuthority);
 
             }
 
         }

+ 31 - 6
core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java
View File 

@@ -15,29 +15,29 @@
 
 
 package org.springframework.security.authentication.jaas;
 
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.GrantedAuthority;
 
 
 import java.security.Principal;
 
 
 
 /**
 
- * Extends GrantedAuthorityImpl to hold the principal that an AuthorityGranter justified as a reason to grant this
 
- * Authority. <br>
 
+ * {@code GrantedAuthority} which, in addition to the assigned role, holds the principal that an
 
+ * {@link AuthorityGranter} used as a reason to grant this authority.
 
  *
 
  * @author Ray Krueger
 
  *
 
  * @see AuthorityGranter
 
  */
 
-public class JaasGrantedAuthority extends GrantedAuthorityImpl {
 
+public final class JaasGrantedAuthority implements GrantedAuthority {
 
     //~ Instance fields ================================================================================================
 
 
-    private static final long serialVersionUID = 1L;
 
+    private final String role;
 
     private final Principal principal;
 
 
     //~ Constructors ===================================================================================================
 
 
     public JaasGrantedAuthority(String role, Principal principal) {
 
-        super(role);
 
+        this.role = role;
 
         this.principal = principal;
 
     }
 
 
@@ -46,4 +46,29 @@ public class JaasGrantedAuthority extends GrantedAuthorityImpl {
 
     public Principal getPrincipal() {
 
         return principal;
 
     }
 
+
 
+    public String getAuthority() {
 
+        return role;
 
+    }
 
+
 
+    public int hashCode() {
 
+        return 31 ^ principal.hashCode() ^ role.hashCode();
 
+    }
 
+
 
+    public boolean equals(Object obj) {
 
+        if (this == obj) {
 
+            return true;
 
+        }
 
+
 
+        if (obj instanceof JaasGrantedAuthority) {
 
+            JaasGrantedAuthority jga = (JaasGrantedAuthority) obj;
 
+            return this.role.equals(jga.role) && this.principal.equals(jga.principal);
 
+        }
 
+
 
+        return false;
 
+    }
 
+
 
+    public String toString() {
 
+        return "Jaas Authority [" + role + "," + principal + "]" ;
 
+    }
 
 }

+ 1 - 1
core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java
View File 

@@ -49,7 +49,7 @@ public abstract class AuthorityUtils {
 
         List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(roles.length);
 
 
         for (String role : roles) {
 
-            authorities.add(new GrantedAuthorityImpl(role));
 
+            authorities.add(new SimpleGrantedAuthority(role));
 
         }
 
 
         return authorities;

+ 3 - 7
core/src/main/java/org/springframework/security/core/authority/GrantedAuthorityImpl.java
View File 

@@ -15,8 +15,6 @@
 
 
 package org.springframework.security.core.authority;
 
 
-import java.io.Serializable;
 
-
 
 import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.util.Assert;
 
@@ -27,16 +25,14 @@ import org.springframework.util.Assert;
 
  *
 
  * <p>
 
  * Stores a <code>String</code> representation of an authority granted to  the {@link Authentication} object.
 
- * <p>
 
- * If compared to a custom authority which returns null from {@link #getAuthority}, the <tt>compareTo</tt>
 
- * method will return -1, so the custom authority will take precedence.
 
  *
 
  * @author Ben Alex
 
+ * @deprecated Use the final class {@link SimpleGrantedAuthority} or implement your own.
 
  */
 
-public class GrantedAuthorityImpl implements GrantedAuthority, Serializable {
 
+@Deprecated
 
+public class GrantedAuthorityImpl implements GrantedAuthority {
 
     //~ Instance fields ================================================================================================
 
 
-    private static final long serialVersionUID = 1L;
 
     private final String role;
 
 
     //~ Constructors ===================================================================================================

+ 46 - 0
core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java
View File 

@@ -0,0 +1,46 @@
 
+package org.springframework.security.core.authority;
 
+
 
+import org.springframework.security.core.GrantedAuthority;
 
+import org.springframework.util.Assert;
 
+
 
+/**
 
+ * Basic concrete implementation of a {@link GrantedAuthority}.
 
+ *
 
+ * <p>
 
+ * Stores a {@code String} representation of an authority granted to the
 
+ * {@link org.springframework.security.core.Authentication Authentication} object.
 
+ *
 
+ * @author Luke Taylor
 
+ */
 
+public final class SimpleGrantedAuthority implements GrantedAuthority {
 
+    private final String role;
 
+
 
+    public SimpleGrantedAuthority(String role) {
 
+        Assert.hasText(role, "A granted authority textual representation is required");
 
+        this.role = role;
 
+    }
 
+
 
+    public String getAuthority() {
 
+        return role;
 
+    }
 
+
 
+    public boolean equals(Object obj) {
 
+        if (this == obj) {
 
+            return true;
 
+        }
 
+
 
+        if (obj instanceof SimpleGrantedAuthority) {
 
+            return role.equals(((SimpleGrantedAuthority) obj).role);
 
+        }
 
+
 
+        return false;
 
+    }
 
+
 
+    public int hashCode() {
 
+        return this.role.hashCode();
 
+    }
 
+
 
+    public String toString() {
 
+        return this.role;
 
+    }
 
+}

+ 2 - 2
core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java
View File 

@@ -4,7 +4,7 @@ import java.util.*;
 
 
 import org.springframework.beans.factory.InitializingBean;
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.util.Assert;
 
 import org.springframework.util.StringUtils;
 
 
@@ -130,7 +130,7 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2G
 
         while ( st.hasMoreTokens() ) {
 
             String nextToken = st.nextToken();
 
             if ( StringUtils.hasText(nextToken) ) {
 
-                result.add(new GrantedAuthorityImpl(nextToken));
 
+                result.add(new SimpleGrantedAuthority(nextToken));
 
             }
 
         }
 
     }

+ 3 - 3
core/src/main/java/org/springframework/security/core/authority/mapping/SimpleAttributes2GrantedAuthoritiesMapper.java
View File 

@@ -1,7 +1,7 @@
 
 package org.springframework.security.core.authority.mapping;
 
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 
 import java.util.ArrayList;
 
 import java.util.Collection;
 
@@ -67,9 +67,9 @@ public class SimpleAttributes2GrantedAuthoritiesMapper implements Attributes2Gra
 
             attribute = attribute.toUpperCase(Locale.getDefault());
 
         }
 
         if (isAddPrefixIfAlreadyExisting() || !attribute.startsWith(getAttributePrefix())) {
 
-            return new GrantedAuthorityImpl(getAttributePrefix() + attribute);
 
+            return new SimpleGrantedAuthority(getAttributePrefix() + attribute);
 
         } else {
 
-            return new GrantedAuthorityImpl(attribute);
 
+            return new SimpleGrantedAuthority(attribute);
 
         }
 
     }

+ 3 - 3
core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java
View File 

@@ -29,7 +29,7 @@ import org.springframework.jdbc.core.support.JdbcDaoSupport;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.SpringSecurityMessageSource;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.userdetails.User;
 
 import org.springframework.security.core.userdetails.UserDetails;
 
 import org.springframework.security.core.userdetails.UserDetailsService;
 
@@ -210,7 +210,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
 
             public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException {
 
                 String roleName = rolePrefix + rs.getString(2);
 
 
-                return new GrantedAuthorityImpl(roleName);
 
+                return new SimpleGrantedAuthority(roleName);
 
             }
 
         });
 
     }
 
@@ -225,7 +225,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
 
             public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException {
 
                  String roleName = getRolePrefix() + rs.getString(3);
 
 
-                return new GrantedAuthorityImpl(roleName);
 
+                return new SimpleGrantedAuthority(roleName);
 
             }
 
         });
 
     }

+ 2 - 2
core/src/main/java/org/springframework/security/core/userdetails/memory/UserAttribute.java
View File 

@@ -20,7 +20,7 @@ import java.util.List;
 
 import java.util.Vector;
 
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 
 
 /**
 
@@ -65,7 +65,7 @@ public class UserAttribute {
 
     public void setAuthoritiesAsString(List<String> authoritiesAsStrings) {
 
         setAuthorities(new ArrayList<GrantedAuthority>(authoritiesAsStrings.size()));
 
         for(String authority : authoritiesAsStrings) {
 
-            addAuthority(new GrantedAuthorityImpl(authority));
 
+            addAuthority(new SimpleGrantedAuthority(authority));
 
         }
 
     }

+ 2 - 2
core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java
View File 

@@ -7,7 +7,7 @@ import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.AuthenticationException;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import org.springframework.security.core.userdetails.UserCache;
 
 import org.springframework.security.core.userdetails.UserDetails;
 
@@ -334,7 +334,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
 
             public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException {
 
                  String roleName = getRolePrefix() + rs.getString(3);
 
 
-                return new GrantedAuthorityImpl(roleName);
 
+                return new SimpleGrantedAuthority(roleName);
 
             }
 
         });
 
     }

+ 11 - 23
core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java
View File 

@@ -15,39 +15,32 @@
 
 
 package org.springframework.security.access.intercept;
 
 
-import junit.framework.TestCase;
 
+import static org.junit.Assert.*;
 
 
-
 
-import org.springframework.security.access.intercept.RunAsImplAuthenticationProvider;
 
-import org.springframework.security.access.intercept.RunAsUserToken;
 
+import org.junit.*;
 
 import org.springframework.security.authentication.BadCredentialsException;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
 import org.springframework.security.core.Authentication;
 
-import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
 
 
 /**
 
  * Tests {@link RunAsImplAuthenticationProvider}.
 
  */
 
-public class RunAsImplAuthenticationProviderTests extends TestCase {
 
+public class RunAsImplAuthenticationProviderTests {
 
 
+    @Test(expected = BadCredentialsException.class)
 
     public void testAuthenticationFailDueToWrongKey() {
 
         RunAsUserToken token = new RunAsUserToken("wrong_key", "Test", "Password",
 
                 AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class);
 
         RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider();
 
         provider.setKey("hello_world");
 
 
-        try {
 
-            provider.authenticate(token);
 
-            fail("Should have thrown BadCredentialsException");
 
-        } catch (BadCredentialsException expected) {
 
-            assertTrue(true);
 
-        }
 
+        provider.authenticate(token);
 
     }
 
 
+    @Test
 
     public void testAuthenticationSuccess() {
 
         RunAsUserToken token = new RunAsUserToken("my_password", "Test", "Password",
 
                 AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class);
 
@@ -56,33 +49,28 @@ public class RunAsImplAuthenticationProviderTests extends TestCase {
 
 
         Authentication result = provider.authenticate(token);
 
 
-        if (!(result instanceof RunAsUserToken)) {
 
-            fail("Should have returned RunAsUserToken");
 
-        }
 
+        Assert.assertTrue("Should have returned RunAsUserToken", result instanceof RunAsUserToken);
 
 
         RunAsUserToken resultCast = (RunAsUserToken) result;
 
         assertEquals("my_password".hashCode(), resultCast.getKeyHash());
 
     }
 
 
+    @Test(expected = IllegalArgumentException.class)
 
     public void testStartupFailsIfNoKey() throws Exception {
 
         RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider();
 
 
-        try {
 
-            provider.afterPropertiesSet();
 
-            fail("Should have thrown IllegalArgumentException");
 
-        } catch (IllegalArgumentException expected) {
 
-            assertTrue(true);
 
-        }
 
+        provider.afterPropertiesSet();
 
     }
 
 
+    @Test
 
     public void testStartupSuccess() throws Exception {
 
         RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider();
 
         provider.setKey("hello_world");
 
         assertEquals("hello_world", provider.getKey());
 
         provider.afterPropertiesSet();
 
-        assertTrue(true);
 
     }
 
 
+    @Test
 
     public void testSupports() {
 
         RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider();
 
         assertTrue(provider.supports(RunAsUserToken.class));

+ 3 - 8
core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java
View File 

@@ -17,19 +17,14 @@ package org.springframework.security.access.vote;
 
 
 import static org.junit.Assert.*;
 
 
-import java.util.List;
 
-import java.util.Vector;
 
-
 
-import org.junit.Test;
 
+import org.junit.*;
 
 import org.springframework.security.access.AccessDecisionVoter;
 
 import org.springframework.security.access.AccessDeniedException;
 
 import org.springframework.security.access.ConfigAttribute;
 
 import org.springframework.security.access.SecurityConfig;
 
-import org.springframework.security.access.vote.ConsensusBased;
 
-import org.springframework.security.access.vote.RoleVoter;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
-import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+
 
+import java.util.*;
 
 
 
 /**

+ 5 - 6
core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java
View File 

@@ -17,13 +17,12 @@ package org.springframework.security.authentication;
 
 
 import static org.junit.Assert.*;
 
 
-import java.util.List;
 
-
 
-import org.junit.Before;
 
-import org.junit.Test;
 
+import org.junit.*;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
+
 
+import java.util.*;
 
 
 
 /**
 
@@ -49,7 +48,7 @@ public class AbstractAuthenticationTokenTests {
 
         List<GrantedAuthority> gotAuthorities = (List<GrantedAuthority>) token.getAuthorities();
 
         assertNotSame(authorities, gotAuthorities);
 
 
-        gotAuthorities.set(0, new GrantedAuthorityImpl("ROLE_SUPER_USER"));
 
+        gotAuthorities.set(0, new SimpleGrantedAuthority("ROLE_SUPER_USER"));
 
     }
 
 
     @Test

+ 9 - 5
core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java
View File 

@@ -15,17 +15,15 @@
 
 
 package org.springframework.security.authentication.anonymous;
 
 
-import junit.framework.TestCase;
 
-
 
+import static org.junit.Assert.*;
 
 
+import org.junit.*;
 
 import org.springframework.security.authentication.AnonymousAuthenticationProvider;
 
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 
 import org.springframework.security.authentication.BadCredentialsException;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
 import org.springframework.security.core.Authentication;
 
-import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
 
 
 /**
 
@@ -33,10 +31,11 @@ import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
  *
 
  * @author Ben Alex
 
  */
 
-public class AnonymousAuthenticationProviderTests extends TestCase {
 
+public class AnonymousAuthenticationProviderTests {
 
 
     //~ Methods ========================================================================================================
 
 
+    @Test
 
     public void testDetectsAnInvalidKey() throws Exception {
 
         AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider();
 
         aap.setKey("qwerty");
 
@@ -51,6 +50,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase {
 
         }
 
     }
 
 
+    @Test
 
     public void testDetectsMissingKey() throws Exception {
 
         AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider();
 
 
@@ -62,6 +62,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase {
 
         }
 
     }
 
 
+    @Test
 
     public void testGettersSetters() throws Exception {
 
         AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider();
 
         aap.setKey("qwerty");
 
@@ -69,6 +70,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase {
 
         assertEquals("qwerty", aap.getKey());
 
     }
 
 
+    @Test
 
     public void testIgnoresClassesItDoesNotSupport() throws Exception {
 
         AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider();
 
         aap.setKey("qwerty");
 
@@ -80,6 +82,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase {
 
         assertNull(aap.authenticate(token));
 
     }
 
 
+    @Test
 
     public void testNormalOperation() throws Exception {
 
         AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider();
 
         aap.setKey("qwerty");
 
@@ -92,6 +95,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase {
 
         assertEquals(result, token);
 
     }
 
 
+    @Test
 
     public void testSupports() {
 
         AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider();
 
         assertTrue(aap.supports(AnonymousAuthenticationToken.class));

+ 7 - 8
core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java
View File 

@@ -23,8 +23,7 @@ import java.io.FileOutputStream;
 
 import java.io.PrintWriter;
 
 import java.net.URL;
 
 import java.security.Security;
 
-import java.util.Collection;
 
-import java.util.List;
 
+import java.util.*;
 
 
 import javax.security.auth.login.LoginContext;
 
 import javax.security.auth.login.LoginException;
 
@@ -41,7 +40,7 @@ import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.AuthenticationException;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextImpl;
 
 import org.springframework.security.core.session.SessionDestroyedEvent;
 
 
@@ -193,11 +192,12 @@ public class JaasAuthenticationProviderTests {
 
         assertNotNull(jaasProvider.getLoginContextName());
 
 
         Collection<? extends GrantedAuthority> list = auth.getAuthorities();
 
+        Set<String> set = AuthorityUtils.authorityListToSet(list);
 
 
-        assertTrue("GrantedAuthorities should contain ROLE_TEST1", list.contains(new GrantedAuthorityImpl("ROLE_TEST1")));
 
-        assertTrue("GrantedAuthorities should contain ROLE_TEST2", list.contains(new GrantedAuthorityImpl("ROLE_TEST2")));
 
-        assertTrue("GrantedAuthorities should contain ROLE_1", list.contains(defaultAuths.get(0)));
 
-        assertTrue("GrantedAuthorities should contain ROLE_2", list.contains(defaultAuths.get(1)));
 
+        assertTrue("GrantedAuthorities should contain ROLE_1", set.contains("ROLE_ONE"));
 
+        assertTrue("GrantedAuthorities should contain ROLE_2", set.contains("ROLE_TWO"));
 
+        assertTrue("GrantedAuthorities should contain ROLE_TEST1", set.contains("ROLE_TEST1"));
 
+        assertTrue("GrantedAuthorities should contain ROLE_TEST2", set.contains("ROLE_TEST2"));
 
 
         boolean foundit = false;
 
 
@@ -213,7 +213,6 @@ public class JaasAuthenticationProviderTests {
 
 
         assertNotNull("Success event should be fired", eventCheck.successEvent);
 
         assertEquals("Auth objects should be equal", auth, eventCheck.successEvent.getAuthentication());
 
-
 
         assertNull("Failure event should not be fired", eventCheck.failedEvent);
 
     }

+ 0 - 77
core/src/test/java/org/springframework/security/core/authority/GrantedAuthorityImplTests.java
View File 

@@ -1,77 +0,0 @@
 
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
 
- *
 
- * Licensed under the Apache License, Version 2.0 (the "License");
 
- * you may not use this file except in compliance with the License.
 
- * You may obtain a copy of the License at
 
- *
 
- *     http://www.apache.org/licenses/LICENSE-2.0
 
- *
 
- * Unless required by applicable law or agreed to in writing, software
 
- * distributed under the License is distributed on an "AS IS" BASIS,
 
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
- * See the License for the specific language governing permissions and
 
- * limitations under the License.
 
- */
 
-
 
-package org.springframework.security.core.authority;
 
-
 
-import static org.junit.Assert.*;
 
-
 
-import org.junit.Test;
 
-import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
-
 
-
 
-/**
 
- * Tests {@link GrantedAuthorityImpl}.
 
- *
 
- * @author Ben Alex
 
- */
 
-public class GrantedAuthorityImplTests {
 
-
 
-    @Test
 
-    public void equalsBehavesAsExpected() throws Exception {
 
-        GrantedAuthorityImpl auth1 = new GrantedAuthorityImpl("TEST");
 
-        GrantedAuthorityImpl auth2 = new GrantedAuthorityImpl("TEST");
 
-        assertEquals(auth1, auth2);
 
-
 
-        String authString1 = "TEST";
 
-        assertEquals(auth1, authString1);
 
-
 
-        String authString2 = "NOT_EQUAL";
 
-        assertTrue(!auth1.equals(authString2));
 
-
 
-        GrantedAuthorityImpl auth3 = new GrantedAuthorityImpl("NOT_EQUAL");
 
-        assertTrue(!auth1.equals(auth3));
 
-
 
-        MockGrantedAuthority mock1 = new MockGrantedAuthority("TEST");
 
-        assertEquals(auth1, mock1);
 
-
 
-        MockGrantedAuthority mock2 = new MockGrantedAuthority("NOT_EQUAL");
 
-        assertTrue(!auth1.equals(mock2));
 
-
 
-        Integer int1 = Integer.valueOf(222);
 
-        assertTrue(!auth1.equals(int1));
 
-    }
 
-
 
-    @Test
 
-    public void toStringReturnsAuthorityValue() {
 
-        GrantedAuthorityImpl auth = new GrantedAuthorityImpl("TEST");
 
-        assertEquals("TEST", auth.toString());
 
-    }
 
-
 
-
 
-    //~ Inner Classes ==================================================================================================
 
-
 
-    private class MockGrantedAuthority implements GrantedAuthority {
 
-        private String role;
 
-
 
-        public MockGrantedAuthority(String role) {
 
-            this.role = role;
 
-        }
 
-
 
-        public String getAuthority() {
 
-            return this.role;
 
-        }
 
-    }
 
-}

+ 54 - 0
core/src/test/java/org/springframework/security/core/authority/SimpleGrantedAuthorityTests.java
View File 

@@ -0,0 +1,54 @@
 
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
 
+ *
 
+ * Licensed under the Apache License, Version 2.0 (the "License");
 
+ * you may not use this file except in compliance with the License.
 
+ * You may obtain a copy of the License at
 
+ *
 
+ *     http://www.apache.org/licenses/LICENSE-2.0
 
+ *
 
+ * Unless required by applicable law or agreed to in writing, software
 
+ * distributed under the License is distributed on an "AS IS" BASIS,
 
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
+ * See the License for the specific language governing permissions and
 
+ * limitations under the License.
 
+ */
 
+
 
+package org.springframework.security.core.authority;
 
+
 
+import static org.junit.Assert.*;
 
+import static org.mockito.Mockito.*;
 
+
 
+import org.junit.*;
 
+import org.springframework.security.core.GrantedAuthority;
 
+
 
+
 
+/**
 
+ * Tests {@link SimpleGrantedAuthority}.
 
+ *
 
+ * @author Ben Alex
 
+ */
 
+public class SimpleGrantedAuthorityTests {
 
+
 
+    @Test
 
+    public void equalsBehavesAsExpected() throws Exception {
 
+        SimpleGrantedAuthority auth1 = new SimpleGrantedAuthority("TEST");
 
+        assertEquals(auth1, auth1);
 
+        assertEquals(auth1, new SimpleGrantedAuthority("TEST"));
 
+
 
+        assertFalse(auth1.equals("TEST"));
 
+
 
+        SimpleGrantedAuthority auth3 = new SimpleGrantedAuthority("NOT_EQUAL");
 
+        assertTrue(!auth1.equals(auth3));
 
+
 
+        assertFalse(auth1.equals(mock(GrantedAuthority.class)));
 
+
 
+        assertFalse(auth1.equals(Integer.valueOf(222)));
 
+    }
 
+
 
+    @Test
 
+    public void toStringReturnsAuthorityValue() {
 
+        SimpleGrantedAuthority auth = new SimpleGrantedAuthority("TEST");
 
+        assertEquals("TEST", auth.toString());
 
+    }
 
+
 
+}

+ 5 - 5
core/src/test/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java
View File 

@@ -4,7 +4,7 @@ import static org.junit.Assert.assertTrue;
 
 
 import org.junit.Test;
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 
 import java.util.*;
 
 
@@ -157,11 +157,11 @@ public class MapBasedAttributes2GrantedAuthoritiesMapperTest {
 
     private HashMap getValidAttributes2GrantedAuthoritiesMap() {
 
         HashMap m = new HashMap();
 
         m.put("role1","ga1");
 
-        m.put("role2",new GrantedAuthorityImpl("ga2"));
 
-        m.put("role3",Arrays.asList("ga3",new GrantedAuthorityImpl("ga4")));
 
+        m.put("role2",new SimpleGrantedAuthority("ga2"));
 
+        m.put("role3",Arrays.asList("ga3",new SimpleGrantedAuthority("ga4")));
 
         m.put("role4","ga5,ga6");
 
-        m.put("role5",Arrays.asList("ga7","ga8",new Object[]{new GrantedAuthorityImpl("ga9")}));
 
-        m.put("role6",new Object[]{"ga10","ga11",new Object[]{new GrantedAuthorityImpl("ga12")}});
 
+        m.put("role5",Arrays.asList("ga7","ga8",new Object[]{new SimpleGrantedAuthority("ga9")}));
 
+        m.put("role6",new Object[]{"ga10","ga11",new Object[]{new SimpleGrantedAuthority("ga12")}});
 
         m.put("role7",new String[]{"ga13","ga14"});
 
         m.put("role8",new String[]{"ga13","ga14",null});
 
         m.put("role9",null);

+ 2 - 2
core/src/test/java/org/springframework/security/core/userdetails/UserTests.java
View File 

@@ -26,7 +26,7 @@ import java.util.Set;
 
 import org.junit.Test;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 
 
 /**
 
@@ -98,7 +98,7 @@ public class UserTests {
 
         try {
 
             List<GrantedAuthority> auths = AuthorityUtils.createAuthorityList("ROLE_ONE");
 
             auths.add(null);
 
-            auths.add(new GrantedAuthorityImpl("ROLE_THREE"));
 
+            auths.add(new SimpleGrantedAuthority("ROLE_THREE"));
 
             new User(null, "koala", true, true, true, true, auths);
 
             fail("Should have thrown IllegalArgumentException");
 
         } catch (IllegalArgumentException expected) {

+ 3 - 3
core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java
View File 

@@ -23,7 +23,7 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 
 import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import org.springframework.security.core.userdetails.User;
 
 import org.springframework.security.core.userdetails.UserCache;
 
@@ -268,7 +268,7 @@ public class JdbcUserDetailsManagerTests {
 
 
     @Test
 
     public void addGroupAuthorityInsertsCorrectGroupAuthorityRow() throws Exception {
 
-        GrantedAuthority auth = new GrantedAuthorityImpl("ROLE_X");
 
+        GrantedAuthority auth = new SimpleGrantedAuthority("ROLE_X");
 
         manager.addGroupAuthority("GROUP_0", auth);
 
 
         template.queryForObject("select authority from group_authorities where authority = 'ROLE_X' and group_id = 0", String.class);
 
@@ -276,7 +276,7 @@ public class JdbcUserDetailsManagerTests {
 
 
     @Test
 
     public void deleteGroupAuthorityRemovesCorrectRows() throws Exception {
 
-        GrantedAuthority auth = new GrantedAuthorityImpl("ROLE_A");
 
+        GrantedAuthority auth = new SimpleGrantedAuthority("ROLE_A");
 
         manager.removeGroupAuthority("GROUP_0", auth);
 
         assertEquals(0, template.queryForList("select authority from group_authorities where group_id = 0").size());

+ 2 - 2
docs/manual/src/docbook/technical-overview.xml
View File 

@@ -246,7 +246,7 @@ if (principal instanceof UserDetails) {
 
                 look at some code as an example.
 
                 <programlisting language="java">import org.springframework.security.authentication.*;
 
 import org.springframework.security.core.*;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 
 public class AuthenticationExample {
 
@@ -278,7 +278,7 @@ class SampleAuthenticationManager implements AuthenticationManager {
 
   static final List&lt;GrantedAuthority> AUTHORITIES = new ArrayList&lt;GrantedAuthority>();
 
 
   static {
 
-    AUTHORITIES.add(new GrantedAuthorityImpl("ROLE_USER"));
 
+    AUTHORITIES.add(new SimpleGrantedAuthority("ROLE_USER"));
 
   }
 
 
   public Authentication authenticate(Authentication auth) throws AuthenticationException {

+ 6 - 11
itest/context/src/test/java/org/springframework/security/performance/FilterChainPerformanceTests.java
View File 

@@ -1,14 +1,6 @@
 
 package org.springframework.security.performance;
 
 
-import java.util.Arrays;
 
-import java.util.List;
 
-
 
-import javax.servlet.http.HttpSession;
 
-
 
-import org.junit.After;
 
-import org.junit.AfterClass;
 
-import org.junit.Before;
 
-import org.junit.Test;
 
+import org.junit.*;
 
 import org.junit.runner.RunWith;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.beans.factory.annotation.Qualifier;
 
@@ -18,7 +10,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
 
 import org.springframework.mock.web.MockHttpSession;
 
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import org.springframework.security.web.FilterChainProxy;
 
 import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
 
@@ -26,6 +18,9 @@ import org.springframework.test.context.ContextConfiguration;
 
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 
 import org.springframework.util.StopWatch;
 
 
+import javax.servlet.http.HttpSession;
 
+import java.util.*;
 
+
 
 /**
 
  *
 
  * @author Luke Taylor
 
@@ -122,7 +117,7 @@ public class FilterChainPerformanceTests {
 
         GrantedAuthority[] roles = new GrantedAuthority[howMany];
 
 
         for (int i = howMany - 1; i >=0 ; i--) {
 
-            roles[i] = new GrantedAuthorityImpl("ROLE_" + i);
 
+            roles[i] = new SimpleGrantedAuthority("ROLE_" + i);
 
         }
 
 
         return Arrays.asList(roles);

+ 3 - 3
ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java
View File 

@@ -16,7 +16,7 @@
 
 package org.springframework.security.ldap.userdetails;
 
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.ldap.SpringSecurityLdapTemplate;
 
 import org.springframework.ldap.core.ContextSource;
 
 import org.springframework.ldap.core.DirContextOperations;
 
@@ -222,7 +222,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
 
                 role = role.toUpperCase();
 
             }
 
 
-            authorities.add(new GrantedAuthorityImpl(rolePrefix + role));
 
+            authorities.add(new SimpleGrantedAuthority(rolePrefix + role));
 
         }
 
 
         return authorities;
 
@@ -261,7 +261,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
 
      */
 
     public void setDefaultRole(String defaultRole) {
 
         Assert.notNull(defaultRole, "The defaultRole property cannot be set to null");
 
-        this.defaultRole = new GrantedAuthorityImpl(defaultRole);
 
+        this.defaultRole = new SimpleGrantedAuthority(defaultRole);
 
     }
 
 
     public void setGroupRoleAttribute(String groupRoleAttribute) {

+ 2 - 2
ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java
View File 

@@ -46,7 +46,7 @@ import org.springframework.ldap.core.SearchExecutor;
 
 import org.springframework.security.authentication.BadCredentialsException;
 
 import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import org.springframework.security.core.userdetails.UserDetails;
 
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
@@ -112,7 +112,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
 
             Object group = ne.next();
 
             String role = group.toString();
 
 
-            return new GrantedAuthorityImpl(rolePrefix + role.toUpperCase());
 
+            return new SimpleGrantedAuthority(rolePrefix + role.toUpperCase());
 
         }
 
     };

+ 2 - 2
ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java
View File 

@@ -22,7 +22,7 @@ import org.apache.commons.logging.LogFactory;
 
 import org.springframework.ldap.core.DirContextAdapter;
 
 import org.springframework.ldap.core.DirContextOperations;
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.userdetails.UserDetails;
 
 import org.springframework.security.ldap.ppolicy.PasswordPolicyControl;
 
 import org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl;
 
@@ -138,7 +138,7 @@ public class LdapUserDetailsMapper implements UserDetailsContextMapper {
 
             if (convertToUpperCase) {
 
                 role = ((String) role).toUpperCase();
 
             }
 
-            return new GrantedAuthorityImpl(rolePrefix + role);
 
+            return new SimpleGrantedAuthority(rolePrefix + role);
 
         }
 
         return null;
 
     }

+ 1 - 1
samples/contacts/src/main/resources/applicationContext-common-authorization.xml
View File 

@@ -30,7 +30,7 @@
 
     <constructor-arg>
 
         <bean class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
 
             <constructor-arg>
 
-                <bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
 
+                <bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
 
                     <constructor-arg value="ROLE_ADMINISTRATOR"/>
 
                 </bean>
 
             </constructor-arg>

+ 3 - 3
samples/dms/src/main/resources/applicationContext-dms-secure.xml
View File 

@@ -163,13 +163,13 @@
 
     <bean id="aclAuthorizationStrategy" class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
 
         <constructor-arg>
 
             <list>
 
-                <bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
 
+                <bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
 
                     <constructor-arg value="ROLE_ADMINISTRATOR"/>
 
                 </bean>
 
-                <bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
 
+                <bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
 
                     <constructor-arg value="ROLE_ADMINISTRATOR"/>
 
                 </bean>
 
-                <bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
 
+                <bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
 
                     <constructor-arg value="ROLE_ADMINISTRATOR"/>
 
                 </bean>
 
             </list>

+ 16 - 19
taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java
View File 

@@ -15,44 +15,38 @@
 
 
 package org.springframework.security.taglibs.authz;
 
 
-import junit.framework.TestCase;
 
 
+import static org.junit.Assert.assertEquals;
 
 
+import org.junit.*;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
-import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 
-
 
 import javax.servlet.jsp.JspException;
 
 import javax.servlet.jsp.tagext.Tag;
 
 
 
 /**
 
- * DOCUMENT ME!
 
- *
 
  * @author Francois Beausoleil
 
  */
 
-public class AuthorizeTagAttributeTests extends TestCase {
 
+public class AuthorizeTagAttributeTests {
 
     //~ Instance fields ================================================================================================
 
 
     private final JspAuthorizeTag authorizeTag = new JspAuthorizeTag();
 
-    private TestingAuthenticationToken currentUser;
 
 
     //~ Methods ========================================================================================================
 
 
-    protected void setUp() throws Exception {
 
-        super.setUp();
 
-
 
-        currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED");
 
-
 
-        SecurityContextHolder.getContext().setAuthentication(currentUser);
 
+    @Before
 
+    public void setUp() throws Exception {
 
+        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR", "ROLE_RESTRICTED"));
 
     }
 
 
-    protected void tearDown() throws Exception {
 
+    @After
 
+    public void tearDown() throws Exception {
 
         SecurityContextHolder.clearContext();
 
     }
 
 
+    @Test
 
     public void testAssertsIfAllGrantedSecond() throws JspException {
 
         authorizeTag.setIfAllGranted("ROLE_SUPERVISOR,ROLE_SUPERTELLER");
 
         authorizeTag.setIfAnyGranted("ROLE_RESTRICTED");
 
@@ -60,11 +54,13 @@ public class AuthorizeTagAttributeTests extends TestCase {
 
             authorizeTag.doStartTag());
 
     }
 
 
+    @Test
 
     public void testAssertsIfAnyGrantedLast() throws JspException {
 
         authorizeTag.setIfAnyGranted("ROLE_BANKER");
 
         assertEquals("prevents request - principal is missing ROLE_BANKER", Tag.SKIP_BODY, authorizeTag.doStartTag());
 
     }
 
 
+    @Test
 
     public void testAssertsIfNotGrantedFirst() throws JspException {
 
         authorizeTag.setIfNotGranted("ROLE_RESTRICTED");
 
         authorizeTag.setIfAllGranted("ROLE_SUPERVISOR,ROLE_RESTRICTED");
 
@@ -72,21 +68,22 @@ public class AuthorizeTagAttributeTests extends TestCase {
 
         assertEquals("prevents request - principal has ROLE_RESTRICTED", Tag.SKIP_BODY, authorizeTag.doStartTag());
 
     }
 
 
+    @Test
 
     public void testAssertsIfNotGrantedIgnoresWhitespaceInAttribute()
 
         throws JspException {
 
         authorizeTag.setIfAnyGranted("\tROLE_SUPERVISOR  \t, \r\n\t ROLE_TELLER ");
 
         assertEquals("allows request - principal has ROLE_SUPERVISOR", Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
 
     }
 
 
-    public void testIfAllGrantedIgnoresWhitespaceInAttribute()
 
-        throws JspException {
 
+    @Test
 
+    public void testIfAllGrantedIgnoresWhitespaceInAttribute() throws JspException {
 
         authorizeTag.setIfAllGranted("\nROLE_SUPERVISOR\t,ROLE_RESTRICTED\t\n\r ");
 
         assertEquals("allows request - principal has ROLE_RESTRICTED " + "and ROLE_SUPERVISOR", Tag.EVAL_BODY_INCLUDE,
 
             authorizeTag.doStartTag());
 
     }
 
 
-    public void testIfNotGrantedIgnoresWhitespaceInAttribute()
 
-        throws JspException {
 
+    @Test
 
+    public void testIfNotGrantedIgnoresWhitespaceInAttribute() throws JspException {
 
         authorizeTag.setIfNotGranted(" \t  ROLE_TELLER \r");
 
         assertEquals("allows request - principal does not have ROLE_TELLER", Tag.EVAL_BODY_INCLUDE,
 
             authorizeTag.doStartTag());

+ 5 - 11
taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java
View File 

@@ -15,17 +15,15 @@
 
 
 package org.springframework.security.taglibs.authz;
 
 
-import javax.servlet.jsp.JspException;
 
-import javax.servlet.jsp.el.VariableResolver;
 
-import javax.servlet.jsp.tagext.Tag;
 
-
 
 import junit.framework.TestCase;
 
 import org.springframework.mock.web.MockPageContext;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
-import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 
+import javax.servlet.jsp.JspException;
 
+import javax.servlet.jsp.el.VariableResolver;
 
+import javax.servlet.jsp.tagext.Tag;
 
+
 
 
 /**
 
  * Test case to implement commons-el expression language expansion.
 
@@ -35,7 +33,6 @@ public class AuthorizeTagExpressionLanguageTests extends TestCase {
 
 
     private final JspAuthorizeTag authorizeTag = new JspAuthorizeTag();
 
     private MockPageContext pageContext;
 
-    private TestingAuthenticationToken currentUser;
 
 
     //~ Methods ========================================================================================================
 
 
@@ -46,10 +43,7 @@ public class AuthorizeTagExpressionLanguageTests extends TestCase {
 
             }
 
         };
 
         authorizeTag.setPageContext(pageContext);
 
-
 
-        currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_TELLER");
 
-
 
-        SecurityContextHolder.getContext().setAuthentication(currentUser);
 
+        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", "ROLE_TELLER"));
 
     }
 
 
     protected void tearDown() throws Exception {

+ 2 - 13
taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java
View File 

@@ -16,20 +16,12 @@
 
 package org.springframework.security.taglibs.velocity;
 
 
 import junit.framework.TestCase;
 
-
 
-
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
-import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 
-
 
 import javax.servlet.jsp.JspException;
 
 
 
-/**
 
- * DOCUMENT ME!
 
- */
 
 public class AuthzImplAttributeTest extends TestCase {
 
     //~ Instance fields ================================================================================================
 
 
@@ -39,11 +31,8 @@ public class AuthzImplAttributeTest extends TestCase {
 
     //~ Methods ========================================================================================================
 
 
     protected void setUp() throws Exception {
 
-        super.setUp();
 
-
 
-        currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED");
 
-
 
-        SecurityContextHolder.getContext().setAuthentication(currentUser);
 
+        SecurityContextHolder.getContext().setAuthentication(
 
+                new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED"));
 
     }
 
 
     protected void tearDown() throws Exception {

+ 2 - 13
taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java
View File 

@@ -16,30 +16,19 @@
 
 package org.springframework.security.taglibs.velocity;
 
 
 import junit.framework.TestCase;
 
-
 
-
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
-import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 
-
 
-
 
-/**
 
- * DOCUMENT ME!
 
- */
 
 public class AuthzImplAuthorizeTagTest extends TestCase {
 
     //~ Instance fields ================================================================================================
 
 
     private Authz authz = new AuthzImpl();
 
-    private TestingAuthenticationToken currentUser;
 
 
     //~ Methods ========================================================================================================
 
 
     protected void setUp() throws Exception {
 
-        currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR", "ROLE_TELLER");
 
-
 
-        SecurityContextHolder.getContext().setAuthentication(currentUser);
 
+        SecurityContextHolder.getContext().setAuthentication(
 
+                new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR", "ROLE_TELLER"));
 
     }
 
 
     protected void tearDown() throws Exception {

+ 33 - 7
web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java
View File 

@@ -16,27 +16,28 @@
 
 package org.springframework.security.web.authentication.switchuser;
 
 
 import org.springframework.security.core.Authentication;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.GrantedAuthority;
 
 
 
 /**
 
- * Custom <code>GrantedAuthority</code> used by {@link org.springframework.security.web.authentication.switchuser.SwitchUserFilter}<p>Stores
 
- * the <code>Authentication</code> object of the original user to be used later when 'exiting' from a user switch.</p>
 
+ * Custom {@code GrantedAuthority} used by
 
+ * {@link org.springframework.security.web.authentication.switchuser.SwitchUserFilter}
 
+ * <p>
 
+ * Stores the {@code Authentication} object of the original user to be used later when 'exiting' from a user switch.
 
  *
 
  * @author Mark St.Godard
 
  *
 
  * @see org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
  */
 
-public class SwitchUserGrantedAuthority extends GrantedAuthorityImpl {
 
+public final class SwitchUserGrantedAuthority implements GrantedAuthority {
 
     //~ Instance fields ================================================================================================
 
-
 
-    private static final long serialVersionUID = 1L;
 
+    private final String role;
 
     private final Authentication source;
 
 
     //~ Constructors ===================================================================================================
 
 
     public SwitchUserGrantedAuthority(String role, Authentication source) {
 
-        super(role);
 
+        this.role = role;
 
         this.source = source;
 
     }
 
 
@@ -50,4 +51,29 @@ public class SwitchUserGrantedAuthority extends GrantedAuthorityImpl {
 
     public Authentication getSource() {
 
         return source;
 
     }
 
+
 
+    public String getAuthority() {
 
+        return role;
 
+    }
 
+
 
+    public int hashCode() {
 
+        return 31 ^ source.hashCode() ^ role.hashCode();
 
+    }
 
+
 
+    public boolean equals(Object obj) {
 
+        if (this == obj) {
 
+            return true;
 
+        }
 
+
 
+        if (obj instanceof SwitchUserGrantedAuthority) {
 
+            SwitchUserGrantedAuthority swa = (SwitchUserGrantedAuthority) obj;
 
+            return this.role.equals(swa.role) && this.source.equals(swa.source);
 
+        }
 
+
 
+        return false;
 
+    }
 
+
 
+    public String toString() {
 
+        return "Switch User Authority [" + role + "," + source + "]" ;
 
+    }
 
 }

+ 15 - 19
web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java
View File 

@@ -16,30 +16,26 @@
 
 package org.springframework.security.web.authentication;
 
 
 import static org.junit.Assert.*;
 
-import static org.mockito.Mockito.mock;
 
+import static org.mockito.Mockito.*;
 
 
-import java.io.IOException;
 
-
 
-import javax.servlet.Filter;
 
-import javax.servlet.FilterChain;
 
-import javax.servlet.FilterConfig;
 
-import javax.servlet.ServletException;
 
-import javax.servlet.ServletRequest;
 
-import javax.servlet.ServletResponse;
 
-
 
-import org.junit.After;
 
-import org.junit.Before;
 
-import org.junit.Test;
 
+import org.junit.*;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 
 import org.springframework.mock.web.MockHttpServletResponse;
 
 import org.springframework.security.authentication.TestingAuthenticationToken;
 
 import org.springframework.security.core.Authentication;
 
-import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import org.springframework.security.core.userdetails.memory.UserAttribute;
 
 
+import javax.servlet.Filter;
 
+import javax.servlet.FilterChain;
 
+import javax.servlet.FilterConfig;
 
+import javax.servlet.ServletException;
 
+import javax.servlet.ServletRequest;
 
+import javax.servlet.ServletResponse;
 
+import java.io.IOException;
 
+
 
 
 /**
 
  * Tests {@link AnonymousAuthenticationFilter}.
 
@@ -65,7 +61,7 @@ public class AnonymousAuthenticationFilterTests {
 
     public void testDetectsMissingKey() throws Exception {
 
         UserAttribute user = new UserAttribute();
 
         user.setPassword("anonymousUsername");
 
-        user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
 
+        user.addAuthority(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
 
 
         AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter();
 
         filter.setUserAttribute(user);
 
@@ -83,7 +79,7 @@ public class AnonymousAuthenticationFilterTests {
 
     public void testGettersSetters() throws Exception {
 
         UserAttribute user = new UserAttribute();
 
         user.setPassword("anonymousUsername");
 
-        user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
 
+        user.addAuthority(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
 
 
         AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter();
 
         filter.setKey("qwerty");
 
@@ -104,7 +100,7 @@ public class AnonymousAuthenticationFilterTests {
 
         // Setup our filter correctly
 
         UserAttribute user = new UserAttribute();
 
         user.setPassword("anonymousUsername");
 
-        user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
 
+        user.addAuthority(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
 
 
         AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter();
 
         filter.setKey("qwerty");
 
@@ -125,7 +121,7 @@ public class AnonymousAuthenticationFilterTests {
 
     public void testOperationWhenNoAuthenticationInSecurityContextHolder() throws Exception {
 
         UserAttribute user = new UserAttribute();
 
         user.setPassword("anonymousUsername");
 
-        user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
 
+        user.addAuthority(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
 
 
         AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter();
 
         filter.setKey("qwerty");

+ 6 - 14
web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java
View File 

@@ -18,15 +18,7 @@ package org.springframework.security.web.authentication.switchuser;
 
 import static org.junit.Assert.*;
 
 import static org.mockito.Mockito.*;
 
 
-import java.util.ArrayList;
 
-import java.util.Collection;
 
-import java.util.List;
 
-
 
-import javax.servlet.FilterChain;
 
-
 
-import org.junit.After;
 
-import org.junit.Before;
 
-import org.junit.Test;
 
+import org.junit.*;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 
 import org.springframework.mock.web.MockHttpServletResponse;
 
 import org.springframework.security.authentication.AccountExpiredException;
 
@@ -37,7 +29,7 @@ import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.AuthenticationException;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.AuthorityUtils;
 
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import org.springframework.security.core.userdetails.User;
 
 import org.springframework.security.core.userdetails.UserDetails;
 
@@ -46,9 +38,9 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
 import org.springframework.security.util.FieldUtils;
 
 import org.springframework.security.web.DefaultRedirectStrategy;
 
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
 
-import org.springframework.security.web.authentication.switchuser.SwitchUserAuthorityChanger;
 
-import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority;
 
-import org.springframework.security.web.authentication.switchuser.SwitchUserFilter;
 
+
 
+import javax.servlet.FilterChain;
 
+import java.util.*;
 
 
 
 /**
 
@@ -370,7 +362,7 @@ public class SwitchUserFilterTests {
 
         filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() {
 
             public Collection<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<? extends GrantedAuthority> authoritiesToBeGranted) {
 
                 List <GrantedAuthority>auths = new ArrayList<GrantedAuthority>();
 
-                auths.add(new GrantedAuthorityImpl("ROLE_NEW"));
 
+                auths.add(new SimpleGrantedAuthority("ROLE_NEW"));
 
                 return auths;
 
             }
 
         });