|
|
@@ -1,5 +1,7 @@
|
|
|
package org.springframework.security.intercept.method.aopalliance;
|
|
|
|
|
|
+import static org.junit.Assert.*;
|
|
|
+
|
|
|
import org.junit.After;
|
|
|
import org.junit.Before;
|
|
|
import org.junit.Test;
|
|
|
@@ -10,7 +12,7 @@ import org.springframework.security.config.util.InMemoryXmlApplicationContext;
|
|
|
import org.springframework.security.core.context.SecurityContextHolder;
|
|
|
|
|
|
/**
|
|
|
- * Tests for SEC-428.
|
|
|
+ * Tests for SEC-428 (and SEC-1204).
|
|
|
*
|
|
|
* @author Luke Taylor
|
|
|
* @author Ben Alex
|
|
|
@@ -31,6 +33,18 @@ public class MethodSecurityInterceptorWithAopConfigTests {
|
|
|
" </b:property>" +
|
|
|
"</b:bean>";
|
|
|
|
|
|
+ static final String TARGET_BEAN_AND_INTERCEPTOR =
|
|
|
+ "<b:bean id='target' class='org.springframework.security.TargetObject'/>" +
|
|
|
+ "<b:bean id='securityInterceptor' class='org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor' autowire='byType' >" +
|
|
|
+ " <b:property name='securityMetadataSource'>" +
|
|
|
+ " <b:value>" +
|
|
|
+ "org.springframework.security.ITargetObject.makeLower*=ROLE_A\n" +
|
|
|
+ "org.springframework.security.TargetObject.makeUpper*=ROLE_A\n" +
|
|
|
+ "org.springframework.security.ITargetObject.computeHashCode*=ROLE_B\n" +
|
|
|
+ " </b:value>" +
|
|
|
+ " </b:property>" +
|
|
|
+ "</b:bean>";
|
|
|
+
|
|
|
private AbstractXmlApplicationContext appContext;
|
|
|
|
|
|
@Before
|
|
|
@@ -50,24 +64,53 @@ public class MethodSecurityInterceptorWithAopConfigTests {
|
|
|
@Test(expected=AuthenticationCredentialsNotFoundException.class)
|
|
|
public void securityInterceptorIsAppliedWhenUsedWithAopConfig() {
|
|
|
setContext(
|
|
|
- "<aop:config proxy-target-class=\"true\">" +
|
|
|
+ "<aop:config>" +
|
|
|
" <aop:pointcut id='targetMethods' expression='execution(* org.springframework.security.TargetObject.*(..))'/>" +
|
|
|
" <aop:advisor advice-ref='securityInterceptor' pointcut-ref='targetMethods' />" +
|
|
|
"</aop:config>" +
|
|
|
- "<b:bean id='target' class='org.springframework.security.TargetObject'/>" +
|
|
|
- "<b:bean id='securityInterceptor' class='org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor' autowire='byType' >" +
|
|
|
- " <b:property name='securityMetadataSource'>" +
|
|
|
- " <b:value>" +
|
|
|
- "org.springframework.security.TargetObject.makeLower*=ROLE_A\n" +
|
|
|
- "org.springframework.security.TargetObject.makeUpper*=ROLE_A\n" +
|
|
|
- "org.springframework.security.TargetObject.computeHashCode*=ROLE_B\n" +
|
|
|
- " </b:value>" +
|
|
|
- " </b:property>" +
|
|
|
+ TARGET_BEAN_AND_INTERCEPTOR +
|
|
|
+ AUTH_PROVIDER_XML + ACCESS_MANAGER_XML);
|
|
|
+
|
|
|
+ ITargetObject target = (ITargetObject) appContext.getBean("target");
|
|
|
+
|
|
|
+ // Check both against interface and class
|
|
|
+ try {
|
|
|
+ target.makeLowerCase("TEST");
|
|
|
+ fail("AuthenticationCredentialsNotFoundException expected");
|
|
|
+ } catch (AuthenticationCredentialsNotFoundException expected) {
|
|
|
+ }
|
|
|
+
|
|
|
+ target.makeUpperCase("test");
|
|
|
+ }
|
|
|
+
|
|
|
+ @Test(expected=AuthenticationCredentialsNotFoundException.class)
|
|
|
+ public void securityInterceptorIsAppliedWhenUsedWithBeanNameAutoProxyCreator() {
|
|
|
+ setContext(
|
|
|
+ "<b:bean id='autoProxyCreator' class='org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator'>" +
|
|
|
+ " <b:property name='interceptorNames'>" +
|
|
|
+ " <b:list>" +
|
|
|
+ " <b:value>securityInterceptor</b:value>" +
|
|
|
+ " </b:list>" +
|
|
|
+ " </b:property>" +
|
|
|
+ " <b:property name='beanNames'>" +
|
|
|
+ " <b:list>" +
|
|
|
+ " <b:value>target</b:value>" +
|
|
|
+ " </b:list>" +
|
|
|
+ " </b:property>" +
|
|
|
+ " <b:property name='proxyTargetClass' value='false'/>" +
|
|
|
"</b:bean>" +
|
|
|
+ TARGET_BEAN_AND_INTERCEPTOR +
|
|
|
AUTH_PROVIDER_XML + ACCESS_MANAGER_XML);
|
|
|
|
|
|
ITargetObject target = (ITargetObject) appContext.getBean("target");
|
|
|
- target.makeLowerCase("TEST");
|
|
|
+
|
|
|
+ try {
|
|
|
+ target.makeLowerCase("TEST");
|
|
|
+ fail("AuthenticationCredentialsNotFoundException expected");
|
|
|
+ } catch (AuthenticationCredentialsNotFoundException expected) {
|
|
|
+ }
|
|
|
+
|
|
|
+ target.makeUpperCase("test");
|
|
|
|
|
|
}
|
|
|
|
Luke Taylor