SEC-739: Removed siteminder provider code.

core/src/main/java/org/springframework/security/providers/siteminder/SiteminderAuthenticationProvider.java

@@ -1,107 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.siteminder;
-
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.AuthenticationServiceException;
-import org.springframework.security.providers.AuthenticationProvider;
-import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
-import org.springframework.security.providers.dao.AbstractUserDetailsAuthenticationProvider;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UserDetailsService;
-import org.springframework.security.userdetails.UserDetailsChecker;
-import org.springframework.security.userdetails.checker.AccountStatusUserDetailsChecker;
-
-import org.springframework.dao.DataAccessException;
-import org.springframework.util.Assert;
-
-/**
- * An {@link AuthenticationProvider} implementation that retrieves user details from an {@link UserDetailsService}.
- *
- * @author Scott McCrory
- * @version $Id$
- */
-public class SiteminderAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
-    
-    //~ Instance fields ================================================================================================
-
-    /**
-     * Our user details service (which does the real work of checking the user against a back-end user store).
-     */
-    private UserDetailsService userDetailsService;
-    private UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker();
-
-    //~ Methods ========================================================================================================
-
-    /**
-     * @see org.springframework.security.providers.dao.AbstractUserDetailsAuthenticationProvider#additionalAuthenticationChecks(org.springframework.security.userdetails.UserDetails, org.springframework.security.providers.UsernamePasswordAuthenticationToken)
-     */
-    protected void additionalAuthenticationChecks(final UserDetails user,
-            final UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
-
-        // No need for password authentication checks - we only expect one identifying string
-        // from the HTTP Request header (as populated by Siteminder), but we do need to see if
-        // the user's account is OK to let them in.
-
-        userDetailsChecker.check(user);
-    }
-
-    /**
-     * @see org.springframework.security.providers.dao.AbstractUserDetailsAuthenticationProvider#doAfterPropertiesSet()
-     */
-    protected void doAfterPropertiesSet() throws Exception {
-        Assert.notNull(this.userDetailsService, "A UserDetailsService must be set");
-    }
-
-    /**
-     * Return the user details service.
-     * @return The user details service.
-     */
-    public UserDetailsService getUserDetailsService() {
-        return userDetailsService;
-    }
-
-    /**
-     * @see org.springframework.security.providers.dao.AbstractUserDetailsAuthenticationProvider#retrieveUser(java.lang.String, org.springframework.security.providers.UsernamePasswordAuthenticationToken)
-     */
-    protected final UserDetails retrieveUser(final String username,
-            final UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
-
-        UserDetails loadedUser;
-
-        try {
-            loadedUser = this.getUserDetailsService().loadUserByUsername(username);
-        } catch (DataAccessException repositoryProblem) {
-            throw new AuthenticationServiceException(repositoryProblem.getMessage(), repositoryProblem);
-        }
-
-        if (loadedUser == null) {
-            throw new AuthenticationServiceException(
-                    "UserDetailsService returned null, which is an interface contract violation");
-        }
-
-        return loadedUser;
-    }
-
-    /**
-     * Sets the user details service.
-     * @param userDetailsService The user details service.
-     */
-    public void setUserDetailsService(final UserDetailsService userDetailsService) {
-        this.userDetailsService = userDetailsService;
-    }
-
-}

core/src/main/java/org/springframework/security/providers/siteminder/package.html

@@ -1,5 +0,0 @@
-<html>
-<body>
-A Siteminder authentication provider.
-</body>
-</html>

core/src/main/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilter.java

@@ -1,270 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.ui.webapp;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-
-import org.springframework.security.context.HttpSessionContextIntegrationFilter;
-import org.springframework.security.context.SecurityContext;
-
-import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-
-/**
- * Extends Spring Security's AuthenticationProcessingFilter to pick up CA/Netegrity Siteminder headers.
- * <p>
- * Also provides a backup form-based authentication and the ability set source key names.
- * <p>
- * <b>Siteminder</b> must present two <b>headers</b> to this filter, a username and password. You must set the
- * header keys before this filter is used for authentication, otherwise Siteminder checks will be skipped. If the
- * Siteminder check is unsuccessful (i.e. if the headers are not found), then the form parameters will be checked (see
- * next paragraph). This allows applications to optionally function even when their Siteminder infrastructure is
- * unavailable, as is often the case during development.
- * <p>
- * <b>Login forms</b> must present two <b>parameters</b> to this filter: a username and password. If not
- * specified, the parameter names to use are contained in the static fields {@link #SPRING_SECURITY_FORM_USERNAME_KEY}
- * and {@link #SPRING_SECURITY_FORM_PASSWORD_KEY}.
- */
-public class SiteminderAuthenticationProcessingFilter extends AuthenticationProcessingFilter {
-    //~ Static fields/initializers =====================================================================================
-
-    /** Log instance for debugging */
-    private static final Log logger = LogFactory.getLog(SiteminderAuthenticationProcessingFilter.class);
-
-    //~ Instance fields ================================================================================================
-
-    /** Form password request key. */
-    private String formPasswordParameterKey = null;
-
-    /** Form username request key. */
-    private String formUsernameParameterKey = null;
-
-    /** Siteminder password header key. */
-    private String siteminderPasswordHeaderKey = null;
-
-    /** Siteminder username header key. */
-    private String siteminderUsernameHeaderKey = null;
-
-    //~ Constructors ===================================================================================================
-
-    /**
-     * Basic constructor.
-     */
-    public SiteminderAuthenticationProcessingFilter() {
-        super();
-    }
-
-    //~ Methods ========================================================================================================
-
-    /**
-     *
-     * @see org.springframework.security.ui.AbstractProcessingFilter#attemptAuthentication(javax.servlet.http.HttpServletRequest)
-     */
-    public Authentication attemptAuthentication(HttpServletRequest request)
-        throws AuthenticationException {
-        String username = null;
-        String password = null;
-
-        // Check the Siteminder headers for authentication info
-        if ((siteminderUsernameHeaderKey != null) && (siteminderUsernameHeaderKey.length() > 0)
-            && (siteminderPasswordHeaderKey != null) && (siteminderPasswordHeaderKey.length() > 0)) {
-            username = request.getHeader(siteminderUsernameHeaderKey);
-            password = request.getHeader(siteminderPasswordHeaderKey);
-        }
-
-        // If the Siteminder authentication info wasn't available, then get it
-        // from the form parameters
-        if ((username == null) || (username.length() == 0) || (password == null) || (password.length() == 0)) {
-            if (logger.isDebugEnabled()) {
-                logger.debug("Siteminder headers not found for authentication, so trying to use form values");
-            }
-
-            if ((formUsernameParameterKey != null) && (formUsernameParameterKey.length() > 0)) {
-                username = request.getParameter(formUsernameParameterKey);
-            } else {
-                username = request.getParameter(SPRING_SECURITY_FORM_USERNAME_KEY);
-            }
-
-            password = obtainPassword(request);
-        }
-
-        // Convert username and password to upper case. This is normally not a
-        // good practice but we do it here because Siteminder gives us the username
-        // in lower case, while most backing systems store it in upper case.
-        if (username != null) {
-            username = username.toUpperCase();
-        } else {
-            // If username is null, set to blank to avoid a NPE.
-            username = "";
-        }
-
-        if (password != null) {
-            password = password.toUpperCase();
-        } else {
-            // If password is null, set to blank to avoid a NPE.
-            password = "";
-        }
-
-        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);
-
-        // Allow subclasses to set the "details" property
-        setDetails(request, authRequest);
-
-        // Place the last username attempted into HttpSession for views
-        request.getSession().setAttribute(SPRING_SECURITY_LAST_USERNAME_KEY, username);
-
-        return this.getAuthenticationManager().authenticate(authRequest);
-    }
-
-    /**
-     * Returns the form password parameter key.
-     *
-     * @return The form password parameter key.
-     */
-    public String getFormPasswordParameterKey() {
-        return formPasswordParameterKey;
-    }
-
-    /**
-     * Returns the form username parameter key.
-     *
-     * @return The form username parameter key.
-     */
-    public String getFormUsernameParameterKey() {
-        return formUsernameParameterKey;
-    }
-
-    /**
-     * Returns the Siteminder password header key.
-     *
-     * @return The Siteminder password header key.
-     */
-    public String getSiteminderPasswordHeaderKey() {
-        return siteminderPasswordHeaderKey;
-    }
-
-    /**
-     * Returns the Siteminder username header key.
-     *
-     * @return The Siteminder username header key.
-     */
-    public String getSiteminderUsernameHeaderKey() {
-        return siteminderUsernameHeaderKey;
-    }
-
-    /**
-     * Overridden method to obtain different value depending on whether Siteminder or form validation is being
-     * performed.
-     *
-     * @param request so that request attributes can be retrieved
-     *
-     * @return the password that will be presented in the <code>Authentication</code> request token to the
-     *         <code>AuthenticationManager</code>
-     */
-    protected String obtainPassword(HttpServletRequest request) {
-        if ((formPasswordParameterKey != null) && (formPasswordParameterKey.length() > 0)) {
-            return request.getParameter(formPasswordParameterKey);
-        } else {
-            return request.getParameter(SPRING_SECURITY_FORM_PASSWORD_KEY);
-        }
-    }
-
-    /**
-     * Overridden to perform authentication not only on j_security_check, but also on requests for the default
-     * target URL when the user isn't already authenticated.<p>Thank you Paul Garvey for providing a
-     * straightforward solution (and code) for this!</p>
-     *
-     * @see org.springframework.security.ui.AbstractProcessingFilter#requiresAuthentication(javax.servlet.http.HttpServletRequest,
-     *      javax.servlet.http.HttpServletResponse)
-     */
-    protected boolean requiresAuthentication(final HttpServletRequest request, final HttpServletResponse response) {
-        String uri = request.getRequestURI();
-        int pathParamIndex = uri.indexOf(';');
-
-        if (pathParamIndex > 0) {
-            // strip everything after the first semi-colon
-            uri = uri.substring(0, pathParamIndex);
-        }
-
-        //attempt authentication if j_secuity_check is present or if the getDefaultTargetUrl()
-        //is present and user is not already authenticated.
-        boolean bAuthenticated = false;
-        SecurityContext context = (SecurityContext)
-                request.getSession().getAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
-
-        if (context != null) {
-            Authentication auth = context.getAuthentication();
-
-            if ((auth != null) && auth instanceof UsernamePasswordAuthenticationToken) {
-                UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) auth;
-                bAuthenticated = token.isAuthenticated();
-            }
-        }
-
-        // if true is returned then authentication will be attempted.
-        boolean bAttemptAuthentication = (uri.endsWith(request.getContextPath() + getFilterProcessesUrl()))
-                || ((getDefaultTargetUrl() != null) && uri.endsWith(getDefaultTargetUrl()) && !bAuthenticated);
-
-        if (logger.isDebugEnabled()) {
-            logger.debug("Authentication attempted for the following URI ==> " + uri + " is " + bAttemptAuthentication);
-        }
-
-        return bAttemptAuthentication;
-    }
-
-    /**
-     * Sets the form password parameter key.
-     *
-     * @param key The form password parameter key.
-     */
-    public void setFormPasswordParameterKey(final String key) {
-        this.formPasswordParameterKey = key;
-    }
-
-    /**
-     * Sets the form username parameter key.
-     *
-     * @param key The form username parameter key.
-     */
-    public void setFormUsernameParameterKey(final String key) {
-        this.formUsernameParameterKey = key;
-    }
-
-    /**
-     * Sets the Siteminder password header key.
-     *
-     * @param key The Siteminder password header key.
-     */
-    public void setSiteminderPasswordHeaderKey(final String key) {
-        this.siteminderPasswordHeaderKey = key;
-    }
-
-    /**
-     * Sets the Siteminder username header key.
-     *
-     * @param key The Siteminder username header key.
-     */
-    public void setSiteminderUsernameHeaderKey(final String key) {
-        this.siteminderUsernameHeaderKey = key;
-    }
-}

core/src/test/java/org/springframework/security/providers/siteminder/SiteminderAuthenticationProviderTests.java

@@ -1,404 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.providers.siteminder;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.AccountExpiredException;
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationServiceException;
-import org.springframework.security.BadCredentialsException;
-import org.springframework.security.CredentialsExpiredException;
-import org.springframework.security.DisabledException;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.LockedException;
-import org.springframework.security.providers.TestingAuthenticationToken;
-import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
-import org.springframework.security.providers.dao.MockUserCache;
-import org.springframework.security.providers.dao.cache.EhCacheBasedUserCache;
-import org.springframework.security.providers.dao.cache.NullUserCache;
-import org.springframework.security.userdetails.User;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UserDetailsService;
-import org.springframework.security.userdetails.UsernameNotFoundException;
-import org.springframework.dao.DataAccessException;
-import org.springframework.dao.DataRetrievalFailureException;
-
-/**
- * Tests {@link SiteminderAuthenticationProvider}.
- *
- * @author Ben Alex
- * @version $Id$
- */
-public class SiteminderAuthenticationProviderTests extends TestCase {
-    //~ Methods ========================================================================================================
-
-    public void testAuthenticateFailsIfAccountExpired() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("peter", "opal");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceUserPeterAccountExpired());
-        provider.setUserCache(new MockUserCache());
-
-        try {
-            provider.authenticate(token);
-            fail("Should have thrown AccountExpiredException");
-        } catch (AccountExpiredException expected) {
-            assertTrue(true);
-        }
-    }
-
-    public void testAuthenticateFailsIfAccountLocked() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("peter", "opal");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceUserPeterAccountLocked());
-        provider.setUserCache(new MockUserCache());
-
-        try {
-            provider.authenticate(token);
-            fail("Should have thrown LockedException");
-        } catch (LockedException expected) {
-            assertTrue(true);
-        }
-    }
-
-    public void testAuthenticateFailsIfCredentialsExpired() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("peter", "opal");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceUserPeterCredentialsExpired());
-        provider.setUserCache(new MockUserCache());
-
-        try {
-            provider.authenticate(token);
-            fail("Should have thrown CredentialsExpiredException");
-        } catch (CredentialsExpiredException expected) {
-            assertTrue(true);
-        }
-
-    }
-
-    public void testAuthenticateFailsIfUserDisabled() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("peter", "opal");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceUserPeter());
-        provider.setUserCache(new MockUserCache());
-
-        try {
-            provider.authenticate(token);
-            fail("Should have thrown DisabledException");
-        } catch (DisabledException expected) {
-            assertTrue(true);
-        }
-    }
-
-    public void testAuthenticateFailsWhenUserDetailsServiceHasBackendFailure() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("rod", "koala");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceSimulateBackendError());
-        provider.setUserCache(new MockUserCache());
-
-        try {
-            provider.authenticate(token);
-            fail("Should have thrown AuthenticationServiceException");
-        } catch (AuthenticationServiceException expected) {
-            assertTrue(true);
-        }
-    }
-
-    public void testAuthenticateFailsWithEmptyUsername() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(null, "koala");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceUserrod());
-        provider.setUserCache(new MockUserCache());
-
-        try {
-            provider.authenticate(token);
-            fail("Should have thrown BadCredentialsException");
-        } catch (BadCredentialsException expected) {
-            assertTrue(true);
-        }
-    }
-
-    public void testAuthenticateFailsWithInvalidUsernameAndHideUserNotFoundExceptionFalse() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("INVALID_USER", "koala");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setHideUserNotFoundExceptions(false); // we want UsernameNotFoundExceptions
-        provider.setUserDetailsService(new MockUserDetailsServiceUserrod());
-        provider.setUserCache(new MockUserCache());
-
-        try {
-            provider.authenticate(token);
-            fail("Should have thrown UsernameNotFoundException");
-        } catch (UsernameNotFoundException expected) {
-            assertTrue(true);
-        }
-    }
-
-    public void testAuthenticateFailsWithInvalidUsernameAndHideUserNotFoundExceptionsWithDefaultOfTrue() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("INVALID_USER", "koala");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        assertTrue(provider.isHideUserNotFoundExceptions());
-        provider.setUserDetailsService(new MockUserDetailsServiceUserrod());
-        provider.setUserCache(new MockUserCache());
-
-        try {
-            provider.authenticate(token);
-            fail("Should have thrown BadCredentialsException");
-        } catch (BadCredentialsException expected) {
-            assertTrue(true);
-        }
-    }
-
-    public void testAuthenticateFailsWithMixedCaseUsernameIfDefaultChanged() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("RDd", "koala");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceUserrod());
-        provider.setUserCache(new MockUserCache());
-
-        try {
-            provider.authenticate(token);
-            fail("Should have thrown BadCredentialsException");
-        } catch (BadCredentialsException expected) {
-            assertTrue(true);
-        }
-    }
-
-    public void testAuthenticates() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("rod", "koala");
-        token.setDetails("192.168.0.1");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceUserrod());
-        provider.setUserCache(new MockUserCache());
-
-        Authentication result = provider.authenticate(token);
-
-        if (!(result instanceof UsernamePasswordAuthenticationToken)) {
-            fail("Should have returned instance of UsernamePasswordAuthenticationToken");
-        }
-
-        UsernamePasswordAuthenticationToken castResult = (UsernamePasswordAuthenticationToken) result;
-        assertEquals(User.class, castResult.getPrincipal().getClass());
-        assertEquals("koala", castResult.getCredentials());
-        assertEquals("ROLE_ONE", castResult.getAuthorities()[0].getAuthority());
-        assertEquals("ROLE_TWO", castResult.getAuthorities()[1].getAuthority());
-        assertEquals("192.168.0.1", castResult.getDetails());
-    }
-
-    public void testAuthenticatesASecondTime() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("rod", "koala");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceUserrod());
-        provider.setUserCache(new MockUserCache());
-
-        Authentication result = provider.authenticate(token);
-
-        if (!(result instanceof UsernamePasswordAuthenticationToken)) {
-            fail("Should have returned instance of UsernamePasswordAuthenticationToken");
-        }
-
-        // Now try to authenticate with the previous result (with its UserDetails)
-        Authentication result2 = provider.authenticate(result);
-
-        if (!(result2 instanceof UsernamePasswordAuthenticationToken)) {
-            fail("Should have returned instance of UsernamePasswordAuthenticationToken");
-        }
-
-        assertEquals(result.getCredentials(), result2.getCredentials());
-    }
-
-    public void testAuthenticatesWithForcePrincipalAsString() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("rod", "koala");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceUserrod());
-        provider.setUserCache(new MockUserCache());
-        provider.setForcePrincipalAsString(true);
-
-        Authentication result = provider.authenticate(token);
-
-        if (!(result instanceof UsernamePasswordAuthenticationToken)) {
-            fail("Should have returned instance of UsernamePasswordAuthenticationToken");
-        }
-
-        UsernamePasswordAuthenticationToken castResult = (UsernamePasswordAuthenticationToken) result;
-        assertEquals(String.class, castResult.getPrincipal().getClass());
-        assertEquals("rod", castResult.getPrincipal());
-    }
-
-    public void testDetectsNullBeingReturnedFromUserDetailsService() {
-        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("rod", "koala");
-
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceReturnsNull());
-
-        try {
-            provider.authenticate(token);
-            fail("Should have thrown AuthenticationServiceException");
-        } catch (AuthenticationServiceException expected) {
-            assertEquals("UserDetailsService returned null, which is an interface contract violation", expected
-                    .getMessage());
-        }
-    }
-
-    public void testGettersSetters() {
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-
-        provider.setUserCache(new EhCacheBasedUserCache());
-        assertEquals(EhCacheBasedUserCache.class, provider.getUserCache().getClass());
-
-        assertFalse(provider.isForcePrincipalAsString());
-        provider.setForcePrincipalAsString(true);
-        assertTrue(provider.isForcePrincipalAsString());
-    }
-
-    public void testStartupFailsIfNoUserDetailsService() throws Exception {
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-
-        try {
-            provider.afterPropertiesSet();
-            fail("Should have thrown IllegalArgumentException");
-        } catch (IllegalArgumentException expected) {
-            assertTrue(true);
-        }
-    }
-
-    public void testStartupFailsIfNoUserCacheSet() throws Exception {
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        provider.setUserDetailsService(new MockUserDetailsServiceUserrod());
-        assertEquals(NullUserCache.class, provider.getUserCache().getClass());
-        provider.setUserCache(null);
-
-        try {
-            provider.afterPropertiesSet();
-            fail("Should have thrown IllegalArgumentException");
-        } catch (IllegalArgumentException expected) {
-            assertTrue(true);
-        }
-    }
-
-    public void testStartupSuccess() throws Exception {
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        UserDetailsService userDetailsService = new MockUserDetailsServiceUserrod();
-        provider.setUserDetailsService(userDetailsService);
-        provider.setUserCache(new MockUserCache());
-        assertEquals(userDetailsService, provider.getUserDetailsService());
-        provider.afterPropertiesSet();
-        assertTrue(true);
-    }
-
-    public void testSupports() {
-        SiteminderAuthenticationProvider provider = new SiteminderAuthenticationProvider();
-        assertTrue(provider.supports(UsernamePasswordAuthenticationToken.class));
-        assertTrue(!provider.supports(TestingAuthenticationToken.class));
-    }
-
-    //~ Inner Classes ==================================================================================================
-
-    private class MockUserDetailsServiceReturnsNull implements UserDetailsService {
-        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
-            return null;
-        }
-    }
-
-    private class MockUserDetailsServiceSimulateBackendError implements UserDetailsService {
-        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
-            throw new DataRetrievalFailureException("This mock simulator is designed to fail");
-        }
-    }
-
-    private class MockUserDetailsServiceUserrod implements UserDetailsService {
-        private String password = "koala";
-
-        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
-            if ("rod".equals(username)) {
-                return new User("rod", password, true, true, true, true, new GrantedAuthority[] {
-                        new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO") });
-            } else {
-                throw new UsernameNotFoundException("Could not find: " + username);
-            }
-        }
-
-        public void setPassword(String password) {
-            this.password = password;
-        }
-    }
-
-    private class MockUserDetailsServiceUserrodWithSalt implements UserDetailsService {
-        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
-            if ("rod".equals(username)) {
-                return new User("rod", "koala{SYSTEM_SALT_VALUE}", true, true, true, true, new GrantedAuthority[] {
-                        new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO") });
-            } else {
-                throw new UsernameNotFoundException("Could not find: " + username);
-            }
-        }
-    }
-
-    private class MockUserDetailsServiceUserPeter implements UserDetailsService {
-        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
-            if ("peter".equals(username)) {
-                return new User("peter", "opal", false, true, true, true, new GrantedAuthority[] {
-                        new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO") });
-            } else {
-                throw new UsernameNotFoundException("Could not find: " + username);
-            }
-        }
-    }
-
-    private class MockUserDetailsServiceUserPeterAccountExpired implements UserDetailsService {
-        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
-            if ("peter".equals(username)) {
-                return new User("peter", "opal", true, false, true, true, new GrantedAuthority[] {
-                        new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO") });
-            } else {
-                throw new UsernameNotFoundException("Could not find: " + username);
-            }
-        }
-    }
-
-    private class MockUserDetailsServiceUserPeterAccountLocked implements UserDetailsService {
-        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
-            if ("peter".equals(username)) {
-                return new User("peter", "opal", true, true, true, false, new GrantedAuthority[] {
-                        new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO") });
-            } else {
-                throw new UsernameNotFoundException("Could not find: " + username);
-            }
-        }
-    }
-
-    private class MockUserDetailsServiceUserPeterCredentialsExpired implements UserDetailsService {
-        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
-            if ("peter".equals(username)) {
-                return new User("peter", "opal", true, true, false, true, new GrantedAuthority[] {
-                        new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO") });
-            } else {
-                throw new UsernameNotFoundException("Could not find: " + username);
-            }
-        }
-    }
-}

core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java

@@ -1,184 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.ui.webapp;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.MockAuthenticationManager;
-import org.springframework.security.ui.WebAuthenticationDetails;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-
-/**
- * Tests SiteminderAuthenticationProcessingFilter.
- *
- * @author Ben Alex
- * @author <a href="mailto:scott@mccrory.us">Scott McCrory</a>
- * @version $Id$
- */
-public class SiteminderAuthenticationProcessingFilterTests extends TestCase {
-    //~ Constructors ===================================================================================================
-
-    /**
-     * Basic constructor.
-     */
-    public SiteminderAuthenticationProcessingFilterTests() {
-    }
-
-    /**
-     * Argument constructor.
-     *
-     * @param arg0
-     */
-    public SiteminderAuthenticationProcessingFilterTests(String arg0) {
-        super(arg0);
-    }
-
-    //~ Methods ========================================================================================================
-
-    /**
-     * Tests the class' getters.
-     */
-    public void testAccessors() {
-        SiteminderAuthenticationProcessingFilter filter = new SiteminderAuthenticationProcessingFilter();
-
-        filter.setFormUsernameParameterKey("usernameParamKey");
-        assertEquals("usernameParamKey", filter.getFormUsernameParameterKey());
-
-        filter.setSiteminderUsernameHeaderKey("usernameHeaderKey");
-        assertEquals("usernameHeaderKey", filter.getSiteminderUsernameHeaderKey());
-    }
-
-    /**
-     * Tests normal form processing.
-     *
-     * @throws Exception
-     */
-    public void testFormNormalOperation() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
-        request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
-
-        MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
-
-        SiteminderAuthenticationProcessingFilter filter = new SiteminderAuthenticationProcessingFilter();
-        filter.setAuthenticationManager(authMgr);
-        filter.init(null);
-
-        Authentication result = filter.attemptAuthentication(request);
-        assertTrue(result != null);
-        assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()).getRemoteAddress());
-    }
-
-    /**
-     * Tests form null password handling.
-     *
-     * @throws Exception
-     */
-    public void testFormNullPasswordHandledGracefully() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
-
-        MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
-
-        SiteminderAuthenticationProcessingFilter filter = new SiteminderAuthenticationProcessingFilter();
-        filter.setAuthenticationManager(authMgr);
-        filter.init(null);
-
-        Authentication result = filter.attemptAuthentication(request);
-        assertTrue(result != null);
-    }
-
-    /**
-     * Tests form null username handling.
-     *
-     * @throws Exception
-     */
-    public void testFormNullUsernameHandledGracefully() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
-
-        MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
-
-        SiteminderAuthenticationProcessingFilter filter = new SiteminderAuthenticationProcessingFilter();
-        filter.setAuthenticationManager(authMgr);
-        filter.init(null);
-
-        Authentication result = filter.attemptAuthentication(request);
-        assertTrue(result != null);
-    }
-
-    /**
-     * Tests the overridden testRequiresAuthentication method.
-     *
-     * @throws Exception
-     */
-    public void testRequiresAuthentication() throws Exception {
-        // Create a Siteminder-style request from an unauthenticated user for a strange URI
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        MockHttpServletResponse response = new MockHttpServletResponse();
-
-        request.addHeader("SM_USER", "A123456");
-
-        // Create the Siteminder filter, set a mock authentication manager to automatically grant access
-        SiteminderAuthenticationProcessingFilter filter = new SiteminderAuthenticationProcessingFilter();
-        filter.setDefaultTargetUrl("/defaultTargetUri");
-
-        MockAuthenticationManager authMgrThatGrantsAccess = new MockAuthenticationManager(true);
-        filter.setAuthenticationManager(authMgrThatGrantsAccess);
-
-        filter.setSiteminderUsernameHeaderKey("SM_USER");
-        filter.init(null);
-
-        // Requests for an unknown URL should NOT require (re)authentication
-        request.setRequestURI("http://an.unknown.url");
-
-        boolean requiresAuthentication = filter.requiresAuthentication(request, response);
-        assertFalse(requiresAuthentication);
-
-        // Requests for the filter processing URI SHOULD require (re)authentication
-        request.setRequestURI(request.getContextPath() + "/j_spring_security_check");
-        requiresAuthentication = filter.requiresAuthentication(request, response);
-        assertTrue(requiresAuthentication);
-
-        // Requests for the default target URI SHOULD require (re)authentication
-        request.setRequestURI(request.getContextPath() + filter.getDefaultTargetUrl());
-        requiresAuthentication = filter.requiresAuthentication(request, response);
-        assertTrue(requiresAuthentication);
-    }
-
-    /**
-     * Tests normal Siteminder header processing.
-     *
-     * @throws Exception
-     */
-    public void testSiteminderNormalOperation() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.addHeader("SM_USER", "A123456");
-
-        MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
-
-        SiteminderAuthenticationProcessingFilter filter = new SiteminderAuthenticationProcessingFilter();
-        filter.setAuthenticationManager(authMgr);
-        filter.setSiteminderUsernameHeaderKey("SM_USER");
-        filter.init(null);
-
-        Authentication result = filter.attemptAuthentication(request);
-        assertTrue(result != null);
-        assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()).getRemoteAddress());
-    }
-}