SEC-719: Refactor portlet code to make more use of core classes

http://jira.springframework.org/browse/SEC-719. Rewrote provider as a preauthenticated provider.

portlet/src/main/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptor.java

@@ -367,7 +367,6 @@ public class PortletSessionContextIntegrationInterceptor
 
 	}
 
-
 	/**
 	 * Creates a new <code>SecurityContext</code> object.  The specific class is
 	 * determined by the setting of the {@link #context} property.

portlet/src/main/java/org/springframework/security/providers/portlet/PortletAuthenticationProvider.java

@@ -1,198 +0,0 @@
-/*
- * Copyright 2005-2007 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.portlet;
-
-import java.security.Principal;
-import java.util.Map;
-
-import javax.portlet.PortletRequest;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.AuthenticationServiceException;
-import org.springframework.security.BadCredentialsException;
-import org.springframework.security.providers.AuthenticationProvider;
-import org.springframework.security.providers.dao.UserCache;
-import org.springframework.security.providers.dao.cache.NullUserCache;
-import org.springframework.security.userdetails.UserDetails;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.util.Assert;
-
-/**
- * <p>Processes a JSR 168 Portlet authentication request.  The request will typically
- * originate from {@link org.springframework.security.ui.portlet.PortletProcessingInterceptor}.</p>
- *
- * <p>Be aware that this provider is trusting the portal and portlet container to handle
- * actual authentication. If a valid {@link PortletAuthenticationToken} is presented with
- * non-null principal and credentials, then the {@link #authenticate} method will succeed.</p>
- *
- * <p>If the <code>details</code> property of the requesting <code>Authentication</code>
- * object happens to be the <code>PortletRequest</code>, then this provider will place
- * the contents of the <code>USER_INFO</code> map from of the request attributes into
- * the <code>details</code> property of the authentication result.</p>
- *
- * @author John A. Lewis
- * @since 2.0
- * @version $Id$
- */
-public class PortletAuthenticationProvider
-		implements AuthenticationProvider, InitializingBean {
-
-	//~ Static fields/initializers =====================================================================================
-
-	private static final Log logger = LogFactory.getLog(PortletAuthenticationProvider.class);
-
-	//~ Instance fields ================================================================================================
-
-	private PortletAuthoritiesPopulator portletAuthoritiesPopulator;
-	private UserCache userCache = new NullUserCache();
-
-	//~ Methods ========================================================================================================
-
-	public void afterPropertiesSet() throws Exception {
-	    Assert.notNull(this.portletAuthoritiesPopulator, "An authorities populator must be set");
-		Assert.notNull(this.userCache, "A user cache must be set");
-	}
-
-	public boolean supports(Class authentication) {
-		return PortletAuthenticationToken.class.isAssignableFrom(authentication);
-	}
-
-	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-
-		// make sure we support the authentication
-		if (!supports(authentication.getClass())) {
-			return null;
-		}
-
-		if (logger.isDebugEnabled())
-			logger.debug("portlet authentication request: " + authentication);
-
-		// make sure there is a valid principal in the authentication attempt
-		Object principal = authentication.getPrincipal();
-		if (principal == null) {
-			throw new BadCredentialsException("No principal presented - user is not authenticated");
-		}
-
-		// make sure there are valid credentials in the authentication attempt
-		Object credentials = authentication.getCredentials();
-		if (credentials == null) {
-			throw new BadCredentialsException("No credentials presented - user is not authenticated");
-		}
-
-		// determine the username string from the principal
-		String username = getUsernameFromPrincipal(principal);
-		if (username == null) {
-			throw new BadCredentialsException("No username available - user is not authenticated");
-		}
-
-		// try to retrieve the user from the cache
-		UserDetails user = this.userCache.getUserFromCache(username);
-
-		// if the user is null then it wasn't in the cache so go get it
-		if (user == null) {
-
-			if (logger.isDebugEnabled())
-				logger.debug("user not found in the cache");
-
-			// get the user from the authorities populator
-			user = this.portletAuthoritiesPopulator.getUserDetails(authentication);
-
-			if (user == null) {
-				throw new AuthenticationServiceException(
-					"portletAuthoritiesPopulator returned null, which is an interface contract violation");
-			}
-
-			// store the result back in the cache
-			this.userCache.putUserInCache(user);
-
-		} else {
-
-			if (logger.isDebugEnabled())
-				logger.debug("got user from the cache");
-		}
-
-		// build the resulting successful authentication token
-		PortletAuthenticationToken result = new PortletAuthenticationToken(
-				user, authentication.getCredentials(), user.getAuthorities());
-		result.setAuthenticated(true);
-
-		// see if the detail property on the request is the PortletRequest
-		if (authentication.getDetails() instanceof PortletRequest) {
-			// if available, place the USER_INFO map into the details property of the result
-			PortletRequest request = (PortletRequest)authentication.getDetails();
-			Map userInfo = null;
-			try {
-				userInfo = (Map)request.getAttribute(PortletRequest.USER_INFO);
-			} catch (Exception e) {
-				logger.warn("unable to retrieve USER_INFO map from portlet request", e);
-			}
-			result.setDetails(userInfo);
-		} else {
-			// copy any other details information forward
-			result.setDetails(authentication.getDetails());
-		}
-
-		if (logger.isDebugEnabled())
-			logger.debug("portlet authentication succeeded: " + result);
-
-		return result;
-	}
-
-	/**
-	 * This method attempt to determine the username string from the principal object.
-	 * If the principal object is a {@link UserDetails} object then it will use the
-	 * {@link UserDetails#getUsername() method.  If the principal object is a
-	 * {@link Principal} object then it will use the {@link Principal#getName()}
-	 * method.  Otherwise it will simply call the <code>toString()<code> method
-	 * on the principal object and return that.
-	 * @param principal the principal object to inspect for a username
-	 * @return the determined username, or null if no principal is passed
-	 */
-	public static final String getUsernameFromPrincipal(Object principal) {
-		if (principal == null) {
-			return null;
-		}
-		if (principal instanceof UserDetails) {
-			return ((UserDetails)principal).getUsername();
-		}
-		if (principal instanceof Principal) {
-			return ((Principal)principal).getName();
-		}
-		return principal.toString();
-	}
-
-
-	public PortletAuthoritiesPopulator getPortletAuthoritiesPopulator() {
-		return this.portletAuthoritiesPopulator;
-	}
-
-	public void setPortletAuthoritiesPopulator(PortletAuthoritiesPopulator portletAuthoritiesPopulator) {
-		this.portletAuthoritiesPopulator = portletAuthoritiesPopulator;
-	}
-
-	public UserCache getUserCache() {
-		return userCache;
-	}
-
-	public void setUserCache(UserCache userCache) {
-		this.userCache = userCache;
-	}
-
-}

portlet/src/main/java/org/springframework/security/providers/portlet/PortletAuthenticationToken.java

@@ -1,57 +0,0 @@
-/*
- * Copyright 2005-2007 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.portlet;
-
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.providers.AbstractAuthenticationToken;
-
-/**
- * <code>Authentication</code> implementation for JSR 168 Portlet authentication.  <p>The
- * corresponding authentication provider is  {@link PortletAuthenticationProvider}.</p>
- *
- * @author John A. Lewis
- * @since 2.0
- * @version $Id$
- */
-public class PortletAuthenticationToken extends AbstractAuthenticationToken {
-
-	//~ Instance fields ================================================================================================
-
-	private static final long serialVersionUID = 1L;
-
-	private Object principal;
-	private Object credentials;
-
-	//~ Constructors ===================================================================================================
-
-	public PortletAuthenticationToken(Object principal, Object credentials, GrantedAuthority[] authorities) {
-		super(authorities);
-		this.principal = principal;
-		this.credentials = credentials;
-	}
-
-	//~ Methods ========================================================================================================
-
-	public Object getPrincipal() {
-		return this.principal;
-	}
-
-	public Object getCredentials() {
-		return this.credentials;
-	}
-
-}

portlet/src/main/java/org/springframework/security/providers/portlet/PortletAuthoritiesPopulator.java

@@ -1,45 +0,0 @@
-/*
- * Copyright 2005-2007 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.portlet;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.userdetails.UserDetails;
-
-/**
- * Populates the <code>UserDetails</code> associated with the
- * portlet user presented by the portlet container.
- *
- * @author John A. Lewis
- * @since 2.0
- * @version $Id$
- */
-public interface PortletAuthoritiesPopulator {
-
-	//~ Methods ========================================================================================================
-
-	/**
-	 * Obtains the granted authorities for the specified Authentication object.
-	 * <p>May throw any <code>AuthenticationException</code> or return <code>null</code>
-	 * if the authorities are unavailable.</p>
-	 * @param authentication the authentication object seeking authorities
-	 * @return the details of the indicated user (at minimum the granted authorities and the username)
-	 * @throws AuthenticationException if the user details are not available or the authentication is not valid for some reason
-	 */
-	public UserDetails getUserDetails(Authentication authentication) throws AuthenticationException;
-
-}

portlet/src/main/java/org/springframework/security/providers/portlet/package.html

@@ -1,5 +0,0 @@
-<html>
-<body>
-An authentication provider that can uses the security model in the Portlet 1.0 (JSR 168) Specification.
-</body>
-</html>

portlet/src/main/java/org/springframework/security/providers/portlet/populator/ContainerPortletAuthoritiesPopulator.java

@@ -1,144 +0,0 @@
-/*
- * Copyright 2005-2007 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.portlet.populator;
-
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-import javax.portlet.PortletRequest;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.AuthenticationServiceException;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.providers.portlet.PortletAuthenticationProvider;
-import org.springframework.security.providers.portlet.PortletAuthoritiesPopulator;
-import org.springframework.security.userdetails.User;
-import org.springframework.security.userdetails.UserDetails;
-
-/**
- * <p>Populates the portlet authorities via role information from the portlet container.
- * Primarily it uses the <code>PortletRequest.isUserInRole(role)</code> method to
- * check if the user is in a list of configured roles.</p>
- *
- * <p>This bean has the following configurable properties:</p>
- * <ul>
- *     <li><code>rolesToCheck</code> : A list of strings containing names of roles to check.
- *         These roles must also be properly declared in a &lt;security-role-ref&gt; element
- *         of the portlet descriptor in the portlet.xml file.</li>
- *     <li><code>rolePrefix</code> : The prefix to be added onto each role name that as it is
- *         added to the list of authorities.  The default value is 'ROLE_'.</li>
- *     <li><code>userRole</code> : The authority that all authenticated users will automatically
- *         be granted.  The default value is 'ROLE_USER'.  Set this to null to avoid having any
- *         value automatically populated.</li>
- * </ul>
- *
- * <p>This populator depends on finding the <code>PortletRequest<code> when calling the
- * {@link Authentication#getDetails()} method on the object passed to
- * {@link #getUserDetails(Authentication)}.  If not, it will throw an
- * {@link AuthenticationServiceException}.
- *
- * @author John A. Lewis
- * @since 2.0
- * @version $Id$
- */
-public class ContainerPortletAuthoritiesPopulator
-		implements PortletAuthoritiesPopulator {
-
-	//~ Static fields/initializers =====================================================================================
-
-	public static final String DEFAULT_ROLE_PREFIX = "ROLE_";
-	public static final String DEFAULT_USER_ROLE = "ROLE_USER";
-
-	//~ Instance fields ================================================================================================
-
-	private List rolesToCheck;
-	private String rolePrefix = DEFAULT_ROLE_PREFIX;
-	private String userRole = DEFAULT_USER_ROLE;
-
-	//~ Methods ========================================================================================================
-
-	public UserDetails getUserDetails(Authentication authentication)
-		throws AuthenticationException {
-
-		// get the username and password for the authentication
-		String username = PortletAuthenticationProvider.getUsernameFromPrincipal(authentication.getPrincipal());
-		String password = authentication.getCredentials().toString();
-
-		// see if we can load authorities from the portlet request
-		Object details = authentication.getDetails();
-		if (!(details instanceof PortletRequest)) {
-			throw new AuthenticationServiceException("expected Authentication.getDetails() to return a PortletRequest");
-		}
-		GrantedAuthority[] authorities = loadGrantedAuthorities((PortletRequest)details);
-
-		// construct and return the new user
-		return new User(username, password, true, true, true, true,	authorities);
-	}
-
-	private GrantedAuthority[] loadGrantedAuthorities(PortletRequest request) {
-
-		// start the list and add the standard user role
-		ArrayList authorities = new ArrayList();
-		if (this.userRole != null && this.userRole.length() > 0)
-			authorities.add(new GrantedAuthorityImpl(getUserRole()));
-
-		// iterate through the configured list of roles to check (if there is one)
-		if (this.rolesToCheck != null) {
-			for(Iterator i = this.rolesToCheck.iterator(); i.hasNext(); ) {
-				String role = (String)i.next();
-
-				// if the request says the user has that role, then add it
-				if (request.isUserInRole(role)) {
-					authorities.add(new GrantedAuthorityImpl(getRolePrefix() + role));
-				}
-
-			}
-		}
-
-		// return the array of GrantedAuthority objects
-		return (GrantedAuthority[])authorities.toArray(new GrantedAuthority[authorities.size()]);
-	}
-
-
-	public List getRolesToCheck() {
-		return rolesToCheck;
-	}
-
-	public void setRolesToCheck(List rolesToCheck) {
-		this.rolesToCheck = rolesToCheck;
-	}
-
-	public String getRolePrefix() {
-		return rolePrefix;
-	}
-
-	public void setRolePrefix(String rolePrefix) {
-		this.rolePrefix = rolePrefix;
-	}
-
-	public String getUserRole() {
-		return userRole;
-	}
-
-	public void setUserRole(String userRole) {
-		this.userRole = userRole;
-	}
-
-}

portlet/src/main/java/org/springframework/security/providers/portlet/populator/DaoPortletAuthoritiesPopulator.java

@@ -1,74 +0,0 @@
-/*
- * Copyright 2005-2007 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.portlet.populator;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.AuthenticationServiceException;
-import org.springframework.security.providers.portlet.PortletAuthenticationProvider;
-import org.springframework.security.providers.portlet.PortletAuthoritiesPopulator;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UserDetailsService;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.util.Assert;
-
-/**
- * Populates the portlet authorities via a {@link UserDetailsService}.
- *
- * @author John A. Lewis
- * @since 2.0
- * @version $Id$
- */
-public class DaoPortletAuthoritiesPopulator
-		implements PortletAuthoritiesPopulator,	InitializingBean {
-
-	//~ Instance fields ================================================================================================
-
-	private UserDetailsService userDetailsService;
-
-	//~ Methods ========================================================================================================
-
-	public void afterPropertiesSet() throws Exception {
-		Assert.notNull(this.userDetailsService, "A userDetailsService must be set");
-	}
-
-	public UserDetails getUserDetails(Authentication authentication)
-			throws AuthenticationException {
-
-		// make sure the Authentication object is valid
-		if (authentication == null || authentication.getPrincipal() == null) {
-			throw new AuthenticationServiceException(
-					"must pass valid Authentication object with non-null principal");
-		}
-
-		// get the username from the principal
-		String username = PortletAuthenticationProvider.getUsernameFromPrincipal(authentication.getPrincipal());
-
-		// call the UserDetailsService with the username
-		return this.userDetailsService.loadUserByUsername(username);
-	}
-
-
-	public UserDetailsService getUserDetailsService() {
-		return userDetailsService;
-	}
-
-	public void setUserDetailsService(UserDetailsService userDetailsService) {
-		this.userDetailsService = userDetailsService;
-	}
-
-}

portlet/src/main/java/org/springframework/security/providers/portlet/populator/package.html

@@ -1,5 +0,0 @@
-<html>
-<body>
-Implementations that populate GrantedAuthority[]s of Portlet authentications.
-</body>
-</html>

portlet/src/main/java/org/springframework/security/ui/portlet/PortletAuthenticationDetails.java

@@ -0,0 +1,33 @@
+package org.springframework.security.ui.portlet;
+
+import java.io.Serializable;
+import java.util.Map;
+
+import javax.portlet.PortletRequest;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+public class PortletAuthenticationDetails implements Serializable {    
+    //~ Instance fields ================================================================================================
+    protected final Log logger = LogFactory.getLog(PortletAuthenticationDetails.class);
+    protected Map userInfo;
+
+    //~ Constructors ===================================================================================================
+        
+    public PortletAuthenticationDetails(PortletRequest request) {
+        try {
+            userInfo = (Map)request.getAttribute(PortletRequest.USER_INFO);
+        } catch (Exception e) {
+            logger.warn("unable to retrieve USER_INFO map from portlet request", e);
+        }
+    }
+
+    public Map getUserInfo() {
+        return userInfo;
+    }
+    
+    public String toString() {
+    	return "User info: " + userInfo.toString();
+    }
+}

portlet/src/main/java/org/springframework/security/ui/portlet/PortletPreAuthenticatedAuthenticationDetails.java

@@ -0,0 +1,37 @@
+package org.springframework.security.ui.portlet;
+
+import java.util.Arrays;
+
+import javax.portlet.PortletRequest;
+
+import org.springframework.security.GrantedAuthority;
+import org.springframework.security.MutableGrantedAuthoritiesContainer;
+import org.springframework.util.Assert;
+
+public class PortletPreAuthenticatedAuthenticationDetails extends PortletAuthenticationDetails implements MutableGrantedAuthoritiesContainer {
+    
+    private GrantedAuthority[] preAuthenticatedGrantedAuthorities = null;
+    
+    public PortletPreAuthenticatedAuthenticationDetails(PortletRequest request) {
+        super(request);
+    }
+    
+    public GrantedAuthority[] getGrantedAuthorities() {
+        Assert.notNull(preAuthenticatedGrantedAuthorities, "Pre-authenticated granted authorities have not been set");
+        GrantedAuthority[] result = new GrantedAuthority[preAuthenticatedGrantedAuthorities.length];
+        System.arraycopy(preAuthenticatedGrantedAuthorities, 0, result, 0, result.length);
+        return result;
+    }
+
+    public void setGrantedAuthorities(GrantedAuthority[] authorities) {
+        this.preAuthenticatedGrantedAuthorities = new GrantedAuthority[authorities.length];
+        System.arraycopy(authorities, 0, preAuthenticatedGrantedAuthorities, 0, preAuthenticatedGrantedAuthorities.length);
+    }
+    
+    public String toString() {
+        StringBuffer sb = new StringBuffer();
+        sb.append(super.toString() + "; ");
+        sb.append("preAuthenticatedGrantedAuthorities: " + Arrays.asList(preAuthenticatedGrantedAuthorities));
+        return sb.toString();
+    }
+}

portlet/src/main/java/org/springframework/security/ui/portlet/PortletPreAuthenticatedAuthenticationDetailsSource.java

@@ -0,0 +1,27 @@
+package org.springframework.security.ui.portlet;
+
+import java.util.ArrayList;
+
+import javax.portlet.PortletRequest;
+
+import org.springframework.security.ui.preauth.j2ee.AbstractPreAuthenticatedAuthenticationDetailsSource;
+
+public class PortletPreAuthenticatedAuthenticationDetailsSource extends AbstractPreAuthenticatedAuthenticationDetailsSource {
+    
+    public PortletPreAuthenticatedAuthenticationDetailsSource() {
+         setClazz(PortletPreAuthenticatedAuthenticationDetails.class);
+    }
+
+    protected String[] getUserRoles(Object context, String[] mappableRoles) {
+        ArrayList portletRoles = new ArrayList();
+
+        for (int i = 0; i < mappableRoles.length; i++) {
+            if (((PortletRequest)context).isUserInRole(mappableRoles[i])) {
+                portletRoles.add(mappableRoles[i]);
+            }
+        }
+        
+        return (String[]) portletRoles.toArray(new String[portletRoles.size()]);
+    }
+
+}

portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingFilterEntryPoint.java

@@ -16,18 +16,7 @@
 
 package org.springframework.security.ui.portlet;
 
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletResponse;
-
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.ui.AuthenticationEntryPoint;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.core.Ordered;
+import org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint;
 
 /**
  * <p>In the case of relying on Portlet authentication to access Servlet resources
@@ -42,34 +31,6 @@ import org.springframework.core.Ordered;
  * @since 2.0
  * @version $Id$
  */
-public class PortletProcessingFilterEntryPoint implements AuthenticationEntryPoint, Ordered {
-
-	//~ Static fields/initializers =====================================================================================
-
-	private static final Log logger = LogFactory.getLog(PortletProcessingFilterEntryPoint.class);
-
-	//~ Instance fields ================================================================================================
-
-	private int order = Integer.MAX_VALUE; // ~ default
-
-	//~ Methods ========================================================================================================
-
-	public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
-	public void commence(ServletRequest request, ServletResponse response,
-			AuthenticationException authException) throws IOException, ServletException {
-
-		if (logger.isDebugEnabled())
-			logger.debug("portlet entry point called. Rejecting access");
-
-		HttpServletResponse httpResponse = (HttpServletResponse)response;
-		httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied");
-	}
+public class PortletProcessingFilterEntryPoint extends PreAuthenticatedProcessingFilterEntryPoint {
 
 }

portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java

@@ -35,10 +35,10 @@ import org.springframework.security.AuthenticationException;
 import org.springframework.security.AuthenticationManager;
 import org.springframework.security.context.SecurityContext;
 import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.providers.portlet.PortletAuthenticationProvider;
-import org.springframework.security.providers.portlet.PortletAuthenticationToken;
-import org.springframework.security.providers.portlet.populator.ContainerPortletAuthoritiesPopulator;
+import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;
 import org.springframework.security.ui.AbstractProcessingFilter;
+import org.springframework.security.ui.AuthenticationDetailsSource;
+import org.springframework.security.ui.AuthenticationDetailsSourceImpl;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.beans.factory.InitializingBean;
@@ -81,8 +81,7 @@ import org.springframework.web.portlet.ModelAndView;
  * @since 2.0
  * @version $Id$
  */
-public class PortletProcessingInterceptor implements
-		HandlerInterceptor, InitializingBean {
+public class PortletProcessingInterceptor implements HandlerInterceptor, InitializingBean {
 
 	//~ Static fields/initializers =====================================================================================
 
@@ -93,6 +92,15 @@ public class PortletProcessingInterceptor implements
 	private AuthenticationManager authenticationManager;
 
 	private List userNameAttributes;
+	
+	private AuthenticationDetailsSource authenticationDetailsSource;
+	
+	private boolean useAuthTypeAsCredentials = false;
+
+	public PortletProcessingInterceptor() {
+	    authenticationDetailsSource = new AuthenticationDetailsSourceImpl();
+	    ((AuthenticationDetailsSourceImpl)authenticationDetailsSource).setClazz(PortletAuthenticationDetails.class);
+    }
 
 	//~ Methods ========================================================================================================
 
@@ -140,13 +148,12 @@ public class PortletProcessingInterceptor implements
 			try {
 
 				// build the authentication request from the PortletRequest
-				PortletAuthenticationToken authRequest = new PortletAuthenticationToken(
+			    PreAuthenticatedAuthenticationToken authRequest = new PreAuthenticatedAuthenticationToken(
 						getPrincipalFromRequest(request),
-						getCredentialsFromRequest(request),
-						null);
+						getCredentialsFromRequest(request));
 
 				// put the PortletRequest into the authentication request as the "details"
-				authRequest.setDetails(request);
+				authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
 
 				if (logger.isDebugEnabled())
 					logger.debug("Beginning authentication request for user '" + authRequest.getName() + "'");
@@ -158,16 +165,18 @@ public class PortletProcessingInterceptor implements
 				Authentication authResult = authenticationManager.authenticate(authRequest);
 
 				// process a successful authentication
-				if (logger.isDebugEnabled())
+				if (logger.isDebugEnabled()) {
 					logger.debug("Authentication success: " + authResult);
+				}
+				
 				ctx.setAuthentication(authResult);
 				onSuccessfulAuthentication(request, response, authResult);
 
 			} catch (AuthenticationException failed) {
-
 				// process an unsuccessful authentication
-				if (logger.isDebugEnabled())
-					logger.debug("Authentication failed - updating ContextHolder to contain null Authentication");
+				if (logger.isDebugEnabled()) {
+					logger.debug("Authentication failed - updating ContextHolder to contain null Authentication", failed);
+				}
 				ctx.setAuthentication(null);
 				request.getPortletSession().setAttribute(
 						AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY,
@@ -251,10 +260,13 @@ public class PortletProcessingInterceptor implements
 	 * @return the determined credentials object, or null if none found
 	 */
 	protected Object getCredentialsFromRequest(PortletRequest request) {
-		return request.getAuthType();
+		if (useAuthTypeAsCredentials) {
+			return request.getAuthType();
+		}
+		
+		return "dummy";
 	}
 
-
 	/**
 	 * Callback for custom processing prior to the authentication attempt.
 	 * @param request the portlet request to be authenticated
@@ -286,20 +298,23 @@ public class PortletProcessingInterceptor implements
 		throws IOException {}
 
 
-	public AuthenticationManager getAuthenticationManager() {
-		return authenticationManager;
-	}
-
 	public void setAuthenticationManager(AuthenticationManager authenticationManager) {
 		this.authenticationManager = authenticationManager;
 	}
 
-	public List getUserNameAttributes() {
-		return userNameAttributes;
-	}
-
 	public void setUserNameAttributes(List userNameAttributes) {
 		this.userNameAttributes = userNameAttributes;
 	}
 
+    public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
+        this.authenticationDetailsSource = authenticationDetailsSource;
+    }
+
+    /**
+     *  
+     * @param useAuthTypeAsCredentials
+     */
+	public void setUseAuthTypeAsCredentials(boolean useAuthTypeAsCredentials) {
+		this.useAuthTypeAsCredentials = useAuthTypeAsCredentials;
+	}
 }

portlet/src/test/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptorTests.java

@@ -22,8 +22,8 @@ import junit.framework.TestCase;
 
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.providers.portlet.PortletAuthenticationToken;
 import org.springframework.security.providers.portlet.PortletTestUtils;
+import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;
 import org.springframework.security.userdetails.User;
 import org.springframework.mock.web.portlet.MockActionRequest;
 import org.springframework.mock.web.portlet.MockActionResponse;
@@ -97,8 +97,8 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
 	public void testNormalRenderRequestProcessing() throws Exception {
 
 		// Build an Authentication object we simulate came from PortletSession
-		PortletAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
-		PortletAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
+	    PreAuthenticatedAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
+	    PreAuthenticatedAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
 
 		// Build a Context to store in PortletSession (simulating prior request)
 		SecurityContext sc = new SecurityContextImpl();
@@ -134,8 +134,8 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
 	public void testNormalActionRequestProcessing() throws Exception {
 
 		// Build an Authentication object we simulate came from PortletSession
-		PortletAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
-		PortletAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
+		PreAuthenticatedAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
+		PreAuthenticatedAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
 
 		// Build a Context to store in PortletSession (simulating prior request)
 		SecurityContext sc = new SecurityContextImpl();
@@ -167,8 +167,8 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
 	public void testUpdatesCopiedBackIntoSession() throws Exception {
 
 		// Build an Authentication object we simulate came from PortletSession
-		PortletAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
-		PortletAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
+	    PreAuthenticatedAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
+	    PreAuthenticatedAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
 
 		// Build a Context to store in PortletSession (simulating prior request)
 		SecurityContext sc = new SecurityContextImpl();
@@ -226,7 +226,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
 
 		// Execute the interceptor
 		interceptor.preHandleAction(request, response, null);
-		PortletAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
+		PreAuthenticatedAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
 		SecurityContextHolder.getContext().setAuthentication(principal);
 		interceptor.afterActionCompletion(request, response, null, null);
 
@@ -289,7 +289,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
 
 		// Execute the interceptor
 		interceptor.preHandleAction(request, response, null);
-		PortletAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
+		PreAuthenticatedAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
 		SecurityContextHolder.getContext().setAuthentication(principal);
 		interceptor.afterActionCompletion(request, response, null, null);
 
@@ -312,7 +312,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
 
 		// Execute the interceptor
 		interceptor.preHandleAction(request, response, null);
-		PortletAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
+		PreAuthenticatedAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
 		SecurityContextHolder.getContext().setAuthentication(principal);
 		interceptor.afterActionCompletion(request, response, null, null);
 
@@ -323,8 +323,8 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
 	public void testUsePortletScopeSession() throws Exception {
 
 		// Build an Authentication object we simulate came from PortletSession
-		PortletAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
-		PortletAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
+	    PreAuthenticatedAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
+	    PreAuthenticatedAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
 
 		// Build a Context to store in PortletSession (simulating prior request)
 		SecurityContext sc = new SecurityContextImpl();

portlet/src/test/java/org/springframework/security/providers/portlet/PortletAuthenticationProviderTests.java

@@ -1,117 +0,0 @@
-/*
- * Copyright 2005-2007 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.portlet;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.BadCredentialsException;
-import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
-import org.springframework.security.userdetails.UserDetails;
-
-/**
- * Tests {@link PortletAuthenticationProvider}
- *
- * @author John A. Lewis
- * @since 2.0
- * @version $Id$
- */
-public class PortletAuthenticationProviderTests extends TestCase {
-
-	//~ Constructors ===================================================================================================
-
-	public PortletAuthenticationProviderTests() {
-		super();
-	}
-
-	public PortletAuthenticationProviderTests(String arg0) {
-		super(arg0);
-	}
-
-	//~ Methods ========================================================================================================
-
-	public void testRequiresPopulator() throws Exception {
-		PortletAuthenticationProvider provider = new PortletAuthenticationProvider();
-		try {
-			provider.afterPropertiesSet();
-			fail("Should have thrown IllegalArgumentException");
-		} catch (IllegalArgumentException failed) {
-			//ignored
-		}
-	}
-
-	public void testNormalOperation() throws Exception {
-		PortletAuthenticationProvider provider = new PortletAuthenticationProvider();
-		provider.setPortletAuthoritiesPopulator(new MockAuthoritiesPopulator(false));
-		provider.afterPropertiesSet();
-		Authentication result = provider.authenticate(PortletTestUtils.createToken());
-		assertNotNull(result);
-		assertNotNull(result.getAuthorities());
-	}
-
-	public void testAuthenticationIsNullWithUnsupportedToken() {
-		PortletAuthenticationProvider provider = new PortletAuthenticationProvider();
-		Authentication request = new UsernamePasswordAuthenticationToken(PortletTestUtils.TESTUSER, PortletTestUtils.TESTCRED);
-		Authentication result = provider.authenticate(request);
-		assertNull(result);
-	}
-
-	public void testFailsWithNoCredentials() {
-		PortletAuthenticationProvider provider = new PortletAuthenticationProvider();
-		provider.setPortletAuthoritiesPopulator(new MockAuthoritiesPopulator(false));
-		try {
-			provider.authenticate(new PortletAuthenticationToken(PortletTestUtils.TESTUSER, null, null));
-			fail("Should have thrown BadCredentialsException");
-		} catch (BadCredentialsException e) {
-			//ignore
-		}
-	}
-
-	public void testPopulatorRejectionCausesFailure() throws Exception {
-		PortletAuthenticationProvider provider = new PortletAuthenticationProvider();
-		provider.setPortletAuthoritiesPopulator(new MockAuthoritiesPopulator(true));
-		try {
-			provider.authenticate(PortletTestUtils.createToken());
-			fail("Should have thrown BadCredentialsException");
-		} catch (BadCredentialsException e) {
-			//ignore
-		}
-	}
-
-	//~ Inner Classes ==================================================================================================
-
-	public static class MockAuthoritiesPopulator implements PortletAuthoritiesPopulator {
-
-		private boolean reject = false;
-
-		public MockAuthoritiesPopulator (boolean reject) {
-			this.reject = reject;
-		}
-
-		public UserDetails getUserDetails(Authentication authentication)
-			throws AuthenticationException {
-			if (authentication.getCredentials() == null)
-				throw new BadCredentialsException("Invalid Credentials");
-			if (reject)
-				throw new BadCredentialsException("Authentication Rejected");
-			return PortletTestUtils.createUser();
-		}
-
-	}
-
-}

portlet/src/test/java/org/springframework/security/providers/portlet/PortletAuthenticationTokenTests.java

@@ -1,63 +0,0 @@
-/*
- * Copyright 2005-2007 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.portlet;
-
-import junit.framework.TestCase;
-
-/**
- * Tests for {@link PortletAuthenticationToken}.
- *
- * @author John A. Lewis
- * @since 2.0
- * @version $Id$
- */
-public class PortletAuthenticationTokenTests extends TestCase {
-
-	//~ Constructors ===================================================================================================
-
-	public PortletAuthenticationTokenTests() {}
-
-	public PortletAuthenticationTokenTests(String s) {
-		super(s);
-	}
-
-	//~ Methods ========================================================================================================
-
-	public void setUp() throws Exception {
-		super.setUp();
-	}
-
-	public void testPrincipal() throws Exception {
-		PortletAuthenticationToken token = PortletTestUtils.createToken();
-		assertEquals(PortletTestUtils.TESTUSER, token.getPrincipal());
-	}
-
-	public void testCredentials() throws Exception {
-		PortletAuthenticationToken token = PortletTestUtils.createToken();
-		assertEquals(PortletTestUtils.TESTCRED, token.getCredentials());
-	}
-
-	public void testAuthenticated() throws Exception {
-		PortletAuthenticationToken token = PortletTestUtils.createToken();
-		assertTrue(!token.isAuthenticated());
-		token.setAuthenticated(true);
-		assertTrue(token.isAuthenticated());
-		token.setAuthenticated(false);
-		assertTrue(!token.isAuthenticated());
-	}
-
-}

portlet/src/test/java/org/springframework/security/providers/portlet/PortletTestUtils.java

@@ -24,6 +24,8 @@ import org.springframework.security.context.SecurityContext;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.context.SecurityContextImpl;
 import org.springframework.security.providers.TestingAuthenticationToken;
+import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;
+import org.springframework.security.ui.portlet.PortletAuthenticationDetails;
 import org.springframework.security.userdetails.User;
 import org.springframework.security.userdetails.UserDetails;
 import org.springframework.mock.web.portlet.MockActionRequest;
@@ -88,41 +90,25 @@ public class PortletTestUtils {
 		return response;
     }
 
-	public static PortletAuthenticationToken createToken(PortletRequest request) {
-		PortletAuthenticationToken token = new PortletAuthenticationToken(TESTUSER, TESTCRED, null);
-		token.setDetails(request);
+	public static PreAuthenticatedAuthenticationToken createToken(PortletRequest request) {
+		PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(TESTUSER, TESTCRED);
+		token.setDetails(new PortletAuthenticationDetails(request));
 		return token;
 	}
 
-	public static PortletAuthenticationToken createToken() {
+	public static PreAuthenticatedAuthenticationToken createToken() {
 		MockRenderRequest request = createRenderRequest();
 		return createToken(request);
 	}
 
-	public static PortletAuthenticationToken createAuthenticatedToken(UserDetails user) {
-		PortletAuthenticationToken result = new PortletAuthenticationToken(
+	public static PreAuthenticatedAuthenticationToken createAuthenticatedToken(UserDetails user) {
+	    PreAuthenticatedAuthenticationToken result = new PreAuthenticatedAuthenticationToken(
 				user, user.getPassword(), user.getAuthorities());
 		result.setAuthenticated(true);
 		return result;
 	}
-	public static PortletAuthenticationToken createAuthenticatedToken() {
+	public static PreAuthenticatedAuthenticationToken createAuthenticatedToken() {
 		return createAuthenticatedToken(createUser());
 	}
 
-    public static void setupSecurityContext(PortletRequest request) {
-		PortletAuthenticationToken token = createToken(request);
-		SecurityContext context = new SecurityContextImpl();
-		context.setAuthentication(token);
-		SecurityContextHolder.setContext(context);
-    }
-
-    public static void setupSecurityContext() {
-		MockRenderRequest request = createRenderRequest();
-		setupSecurityContext(request);
-    }
-
-    public static void cleanupSecurityContext() {
-		SecurityContextHolder.clearContext();
-    }
-
 }

portlet/src/test/java/org/springframework/security/providers/portlet/populator/ContainerPortletAuthoritiesPopulatorTests.java

@@ -1,127 +0,0 @@
-/*
- * Copyright 2005-2007 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.portlet.populator;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.AuthenticationServiceException;
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.providers.portlet.PortletAuthenticationToken;
-import org.springframework.security.providers.portlet.PortletTestUtils;
-import org.springframework.security.userdetails.UserDetails;
-
-
-/**
- * Tests for {@link ContainerPortletAuthoritiesPopulator}
- *
- * @author John A. Lewis
- * @since 2.0
- * @version $Id$
- */
-public class ContainerPortletAuthoritiesPopulatorTests extends TestCase {
-
-	//~ Constructors ===================================================================================================
-
-	public ContainerPortletAuthoritiesPopulatorTests() {
-		super();
-	}
-
-	public ContainerPortletAuthoritiesPopulatorTests(String arg0) {
-		super(arg0);
-	}
-
-	//~ Methods ========================================================================================================
-
-	public final void setUp() throws Exception {
-		super.setUp();
-	}
-
-	private List createRolesToCheck() {
-		ArrayList rolesToCheck = new ArrayList();
-		rolesToCheck.add(PortletTestUtils.PORTALROLE1);
-		rolesToCheck.add("BOGUS1");
-		rolesToCheck.add(PortletTestUtils.PORTALROLE2);
-		rolesToCheck.add("BOGUS2");
-		return rolesToCheck;
-	}
-
-	public void testGetGrantedAuthorities() throws Exception {
-		ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
-		UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
-		assertEquals(1, results.getAuthorities().length);
-		assertEquals(new GrantedAuthorityImpl(ContainerPortletAuthoritiesPopulator.DEFAULT_USER_ROLE), results.getAuthorities()[0]);
-	}
-
-	public void testGetGrantedAuthoritiesCheckRoles() throws Exception {
-		ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
-		populator.setRolesToCheck(createRolesToCheck());
-		UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
-		assertEquals(3, results.getAuthorities().length);
-		assertEquals(new GrantedAuthorityImpl(ContainerPortletAuthoritiesPopulator.DEFAULT_USER_ROLE), results.getAuthorities()[2]);
-		assertEquals(new GrantedAuthorityImpl(PortletTestUtils.TESTROLE1), results.getAuthorities()[0]);
-		assertEquals(new GrantedAuthorityImpl(PortletTestUtils.TESTROLE2), results.getAuthorities()[1]);
-	}
-
-	public void testGetGrantedAuthoritiesCustomPrefix() throws Exception {
-		String prefix = "IHAVE_";
-		ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
-		populator.setRolesToCheck(createRolesToCheck());
-		populator.setRolePrefix(prefix);
-		UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
-		assertEquals(3, results.getAuthorities().length);
-		assertEquals(new GrantedAuthorityImpl(ContainerPortletAuthoritiesPopulator.DEFAULT_USER_ROLE), results.getAuthorities()[2]);
-		assertEquals(new GrantedAuthorityImpl(prefix + PortletTestUtils.PORTALROLE1), results.getAuthorities()[0]);
-		assertEquals(new GrantedAuthorityImpl(prefix + PortletTestUtils.PORTALROLE2), results.getAuthorities()[1]);
-	}
-
-	public void testGetGrantedAuthoritiesNullDefault() throws Exception {
-		ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
-		populator.setUserRole(null);
-		UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
-		assertEquals(0, results.getAuthorities().length);
-	}
-
-	public void testGetGrantedAuthoritiesEmptyDefault() throws Exception {
-		ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
-		populator.setUserRole("");
-		UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
-		assertEquals(0, results.getAuthorities().length);
-	}
-
-	public void testGetGrantedAuthoritiesForInvalidToken() throws Exception {
-		ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
-		PortletAuthenticationToken token = PortletTestUtils.createToken();
-		token.setDetails(null);
-		try {
-			populator.getUserDetails(token);
-			fail("Should have thrown AuthenticationServiceException");
-		} catch (AuthenticationServiceException e) {
-			// ignore
-		}
-		token.setDetails("bogus");
-		try {
-			populator.getUserDetails(token);
-			fail("Should have thrown AuthenticationServiceException");
-		} catch (AuthenticationServiceException e) {
-			// ignore
-		}
-	}
-
-}

portlet/src/test/java/org/springframework/security/providers/portlet/populator/DaoPortletAuthoritiesPopulatorTests.java

@@ -1,100 +0,0 @@
-/*
- * Copyright 2005-2007 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.portlet.populator;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.providers.portlet.PortletAuthenticationToken;
-import org.springframework.security.providers.portlet.PortletTestUtils;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UserDetailsService;
-import org.springframework.security.userdetails.UsernameNotFoundException;
-import org.springframework.dao.DataAccessException;
-
-
-/**
- * Tests for {@link DaoPortletAuthoritiesPopulator}
- *
- * @author John A. Lewis
- * @since 2.0
- * @version $Id$
- */
-public class DaoPortletAuthoritiesPopulatorTests extends TestCase {
-
-	//~ Constructors ===================================================================================================
-
-	public DaoPortletAuthoritiesPopulatorTests() {
-		super();
-	}
-
-	public DaoPortletAuthoritiesPopulatorTests(String arg0) {
-		super(arg0);
-	}
-
-	//~ Methods ========================================================================================================
-
-	public final void setUp() throws Exception {
-		super.setUp();
-	}
-
-	public void testRequiresDao() throws Exception {
-		DaoPortletAuthoritiesPopulator populator = new DaoPortletAuthoritiesPopulator();
-		try {
-			populator.afterPropertiesSet();
-			fail("Should have thrown IllegalArgumentException");
-		} catch (IllegalArgumentException failed) {
-			// ignored
-		}
-	}
-
-	public void testGetGrantedAuthoritiesForValidUser() throws Exception {
-		DaoPortletAuthoritiesPopulator populator = new DaoPortletAuthoritiesPopulator();
-		populator.setUserDetailsService(new MockAuthenticationDao());
-		populator.afterPropertiesSet();
-		UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
-		assertEquals(2, results.getAuthorities().length);
-		assertEquals(new GrantedAuthorityImpl(PortletTestUtils.TESTROLE1), results.getAuthorities()[0]);
-		assertEquals(new GrantedAuthorityImpl(PortletTestUtils.TESTROLE2), results.getAuthorities()[1]);
-	}
-
-	public void testGetGrantedAuthoritiesForInvalidUser() throws Exception {
-		DaoPortletAuthoritiesPopulator populator = new DaoPortletAuthoritiesPopulator();
-		populator.setUserDetailsService(new MockAuthenticationDao());
-		populator.afterPropertiesSet();
-		try {
-			populator.getUserDetails(new PortletAuthenticationToken("dummy", "dummy", null));
-			fail("Should have thrown UsernameNotFoundException");
-		} catch (UsernameNotFoundException e) {
-			// ignore
-		}
-	}
-
-	//~ Inner Classes ==================================================================================================
-
-	private class MockAuthenticationDao implements UserDetailsService {
-
-		public UserDetails loadUserByUsername(String username)
-			throws UsernameNotFoundException, DataAccessException {
-			if (PortletTestUtils.TESTUSER.equals(username))
-				return PortletTestUtils.createUser();
-			throw new UsernameNotFoundException("Could not find: " + username);
-		}
-
-	}
-
-}

portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingFilterEntryPointTests.java

@@ -1,60 +0,0 @@
-/*
- * Copyright 2005-2007 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.ui.portlet;
-
-import javax.servlet.http.HttpServletResponse;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.BadCredentialsException;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-
-/**
- * Tests {@link PortletProcessingFilterEntryPoint}.
- *
- * @author John A. Lewis
- * @since 2.0
- * @version $Id$
- */
-public class PortletProcessingFilterEntryPointTests extends TestCase {
-
-	//~ Constructors ===================================================================================================
-
-	public PortletProcessingFilterEntryPointTests() {
-		super();
-	}
-
-	public PortletProcessingFilterEntryPointTests(String arg0) {
-		super(arg0);
-	}
-
-	//~ Methods ========================================================================================================
-
-	public final void setUp() throws Exception {
-		super.setUp();
-	}
-
-	public void testNormalOperation() throws Exception {
-		MockHttpServletRequest request = new MockHttpServletRequest();
-		MockHttpServletResponse response = new MockHttpServletResponse();
-		PortletProcessingFilterEntryPoint entryPoint = new PortletProcessingFilterEntryPoint();
-		entryPoint.commence(request, response, new BadCredentialsException(null));
-		assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
-	}
-
-}

portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.java

@@ -32,8 +32,8 @@ import org.springframework.security.GrantedAuthorityImpl;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.providers.TestingAuthenticationToken;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
-import org.springframework.security.providers.portlet.PortletAuthenticationToken;
 import org.springframework.security.providers.portlet.PortletTestUtils;
+import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;
 import org.springframework.security.ui.AbstractProcessingFilter;
 import org.springframework.security.userdetails.User;
 import org.springframework.mock.web.portlet.MockActionRequest;
@@ -74,6 +74,7 @@ public class PortletProcessingInterceptorTests extends TestCase {
 
 	public void testRequiresAuthenticationManager() throws Exception {
 		PortletProcessingInterceptor interceptor = new PortletProcessingInterceptor();
+		
 		try {
 			interceptor.afterPropertiesSet();
 			fail("Expected IllegalArgumentException");
@@ -251,14 +252,14 @@ public class PortletProcessingInterceptorTests extends TestCase {
 		public Authentication authenticate(Authentication token) {
 
 			// Make sure we got a valid token
-			if (!(token instanceof PortletAuthenticationToken)) {
-				TestCase.fail("Expected PortletAuthentication object-- got: " + token);
+			if (!(token instanceof PreAuthenticatedAuthenticationToken)) {
+				TestCase.fail("Expected PreAuthenticatedAuthenticationToken object-- got: " + token);
 			}
 
 			// Make sure the token details are the PortletRequest
-			if (!(token.getDetails() instanceof PortletRequest)) {
-				TestCase.fail("Expected Authentication.getDetails to be a PortletRequest object -- got: " + token.getDetails());
-			}
+//			if (!(token.getDetails() instanceof PortletRequest)) {
+//				TestCase.fail("Expected Authentication.getDetails to be a PortletRequest object -- got: " + token.getDetails());
+//			}
 
 			// Make sure it's got a principal
 			if (token.getPrincipal() == null) {
@@ -273,7 +274,7 @@ public class PortletProcessingInterceptorTests extends TestCase {
 			// create resulting Authentication object
 			User user = new User(token.getName(), token.getCredentials().toString(), true, true, true, true,
 					new GrantedAuthority[] {new GrantedAuthorityImpl(PortletTestUtils.TESTROLE1), new GrantedAuthorityImpl(PortletTestUtils.TESTROLE2)});
-			PortletAuthenticationToken result = new PortletAuthenticationToken(
+			PreAuthenticatedAuthenticationToken result = new PreAuthenticatedAuthenticationToken(
 					user, user.getPassword(), user.getAuthorities());
 			result.setAuthenticated(true);
 			return result;