SEC-532: Remove FilterInvocationDefinitionSource-related classes which are no longer needed.

core/src/main/java/org/springframework/security/intercept/web/FIDSToFilterChainMapConverter.java

@@ -5,6 +5,7 @@ import org.springframework.util.Assert;
 import org.springframework.security.ConfigAttribute;
 import org.springframework.security.ConfigAttributeDefinition;
 import org.springframework.security.util.FilterChainProxy;
+import org.springframework.security.util.UrlMatcher;
 
 import javax.servlet.Filter;
 import java.util.*;
@@ -24,16 +25,13 @@ import java.util.regex.Pattern;
 public class FIDSToFilterChainMapConverter {
 
     private LinkedHashMap filterChainMap = new LinkedHashMap();
+    private UrlMatcher matcher;
 
-    public FIDSToFilterChainMapConverter(FilterInvocationDefinitionSource source, ApplicationContext appContext) {
+    public FIDSToFilterChainMapConverter(DefaultFilterInvocationDefinitionSource fids, ApplicationContext appContext) {
         // TODO: Check if this is necessary. Retained from refactoring of FilterChainProxy
-        Assert.notNull(source.getConfigAttributeDefinitions(), "FilterChainProxy requires the " +
+        Assert.notNull(fids.getConfigAttributeDefinitions(), "FilterChainProxy requires the " +
                 "FilterInvocationDefinitionSource to return a non-null response to getConfigAttributeDefinitions()");
-        Assert.isTrue(source instanceof DefaultFilterInvocationDefinitionSource,
-                "Can't handle FilterInvocationDefinitionSource type " + source.getClass());
-        
-
-        DefaultFilterInvocationDefinitionSource fids = (DefaultFilterInvocationDefinitionSource)source;
+        matcher = fids.getUrlMatcher();
         Map requestMap = fids.getRequestMap();
         Iterator paths = requestMap.keySet().iterator();
 
@@ -64,4 +62,8 @@ public class FIDSToFilterChainMapConverter {
     public Map getFilterChainMap() {
         return filterChainMap;
     }
+
+    public UrlMatcher getMatcher() {
+        return matcher;
+    }
 }

core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinition.java

@@ -1,27 +0,0 @@
-/* Copyright 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.intercept.web;
-
-/**
- * Interface to join {@link FilterInvocationDefinitionMap} and
- * {@link FilterInvocationDefinitionSource}.
- *
- * @author <a href="mailto:carlos@apache.org">Carlos Sanchez</a>
- * @version $Id$
- * @since 1.1
- */
-public interface FilterInvocationDefinition extends FilterInvocationDefinitionMap, FilterInvocationDefinitionSource {
-}

core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionMap.java

@@ -1,36 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.intercept.web;
-
-import org.springframework.security.ConfigAttributeDefinition;
-
-
-/**
- * Exposes methods required so that a property editor can populate the relevant
- * {@link FilterInvocationDefinitionSource}.
- *
- * @author Ben Alex
- * @version $Id$
- */
-public interface FilterInvocationDefinitionMap {
-    //~ Methods ========================================================================================================
-
-    void addSecureUrl(String expression, ConfigAttributeDefinition attr);
-
-    boolean isConvertUrlToLowercaseBeforeComparison();
-
-    void setConvertUrlToLowercaseBeforeComparison(boolean convertUrlToLowercaseBeforeComparison);
-}

core/src/main/java/org/springframework/security/intercept/web/PathBasedFilterInvocationDefinitionMap.java

@@ -1,70 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.intercept.web;
-
-import org.springframework.security.ConfigAttributeDefinition;
-import org.springframework.security.util.AntUrlPathMatcher;
-
-/**
- * Extends DefaultFilterInvocationDefinitionSource, configuring it with a {@link AntUrlPathMatcher} to match URLs
- * using Apache Ant path-based patterns.
- * <p>
- * Apache Ant path expressions are used to match a HTTP request URL against a <code>ConfigAttributeDefinition</code>.
- * <p>
- * The order of registering the Ant paths using the {@link #addSecureUrl(String,ConfigAttributeDefinition)} is
- * very important. The system will identify the <b>first</b>  matching path for a given HTTP URL. It will not proceed
- * to evaluate later paths if a match has already been found. Accordingly, the most specific paths should be
- * registered first, with the most general paths registered last.
- * <p>
- * If no registered paths match the HTTP URL, <code>null</code> is returned.
- * <p>
- * Note that as of 2.0, lower case URL comparisons are made by default, as this is the default strategy for
- * <tt>AntUrlPathMatcher</tt>.
- *
- * @author Ben Alex
- * @author Luke taylor
- * @deprecated DefaultFilterInvocationDefinitionSource should now be used with an AntUrlPathMatcher instead.
- * @version $Id$
- */
-public class PathBasedFilterInvocationDefinitionMap extends DefaultFilterInvocationDefinitionSource
-        implements FilterInvocationDefinition {
-
-    //~ Constructors ===================================================================================================
-
-    public PathBasedFilterInvocationDefinitionMap() {
-        super(new AntUrlPathMatcher());
-        setStripQueryStringFromUrls(true);
-    }
-
-    //~ Methods ========================================================================================================
-
-    public void addSecureUrl(String antPath, String method, ConfigAttributeDefinition attr) {
-        // SEC-501: If using lower case comparison, we should convert the paths to lower case
-        // as any upper case characters included by mistake will prevent the URL from ever being matched.
-        // This shouldn't be needed anymore. The property editor complains if there is upper case text in the URL
-        // and the namespace implementation does the conversion itself, so it is safe to use the parent class
-        // directly. 
-        if (getUrlMatcher().requiresLowerCaseUrl()) {
-            antPath = antPath.toLowerCase();
-        }
-
-        super.addSecureUrl(antPath, method, attr);
-    }
-
-    public void setConvertUrlToLowercaseBeforeComparison(boolean bool) {
-        ((AntUrlPathMatcher)getUrlMatcher()).setRequiresLowerCaseUrl(bool);
-    }
-}

core/src/main/java/org/springframework/security/intercept/web/RegExpBasedFilterInvocationDefinitionMap.java

@@ -1,42 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.intercept.web;
-
-import org.springframework.security.util.RegexUrlPathMatcher;
-
-
-/**
- * Configures an {@link DefaultFilterInvocationDefinitionSource} with a regular expression URL matching strategy
- * {@link RegexUrlPathMatcher}.
- *
- * @author Ben Alex
- * @author Luke Taylor
- * @deprecated
- * @version $Id$
- */
-public class RegExpBasedFilterInvocationDefinitionMap extends DefaultFilterInvocationDefinitionSource
-    implements FilterInvocationDefinition {
-
-    //~ Constructors ===================================================================================================
-    
-    public RegExpBasedFilterInvocationDefinitionMap() {
-        super(new RegexUrlPathMatcher());
-    }
-
-    public void setConvertUrlToLowercaseBeforeComparison(boolean bool) {
-        ((RegexUrlPathMatcher)getUrlMatcher()).setRequiresLowerCaseUrl(bool);
-    }
-}

core/src/main/java/org/springframework/security/providers/preauth/PreAuthenticatedUserDetailsService.java

@@ -15,13 +15,12 @@ public interface PreAuthenticatedUserDetailsService {
 
 	/**
 	 *
-	 * @param aPreAuthenticatedAuthenticationToken
+	 * @param token
 	 *            The pre-authenticated authentication token
 	 * @return UserDetails for the given authentication token.
 	 * @throws UsernameNotFoundException
 	 *             if no user details can be found for the given authentication
 	 *             token
 	 */
-	UserDetails getUserDetails(PreAuthenticatedAuthenticationToken aPreAuthenticatedAuthenticationToken)
-			throws UsernameNotFoundException;
+	UserDetails getUserDetails(PreAuthenticatedAuthenticationToken token) throws UsernameNotFoundException;
 }

core/src/main/java/org/springframework/security/util/AntUrlPathMatcher.java

@@ -17,6 +17,14 @@ public class AntUrlPathMatcher implements UrlMatcher {
     private boolean requiresLowerCaseUrl = true;
     private PathMatcher pathMatcher = new AntPathMatcher();
 
+    public AntUrlPathMatcher() {
+        this(true);
+    }
+
+    public AntUrlPathMatcher(boolean requiresLowerCaseUrl) {
+        this.requiresLowerCaseUrl = requiresLowerCaseUrl;
+    }
+
     public Object compile(String path) {
         if (requiresLowerCaseUrl) {
             return path.toLowerCase();

core/src/main/java/org/springframework/security/util/FilterChainProxy.java

@@ -106,7 +106,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
     /** Compiled pattern version of the filter chain map */
     private Map filterChainMap;
     private UrlMatcher matcher = new AntUrlPathMatcher();
-    private FilterInvocationDefinitionSource fids;
+    private DefaultFilterInvocationDefinitionSource fids;
 
     //~ Methods ========================================================================================================
 
@@ -114,7 +114,9 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
         // Convert the FilterDefinitionSource to a filterChainMap if set
         if (fids != null) {
             Assert.isNull(uncompiledFilterChainMap, "Set the filterChainMap or FilterInvocationDefinitionSource but not both");
-            setFilterChainMap(new FIDSToFilterChainMapConverter(fids, applicationContext).getFilterChainMap());
+            FIDSToFilterChainMapConverter converter = new FIDSToFilterChainMapConverter(fids, applicationContext);
+            setFilterChainMap(converter.getFilterChainMap());
+            setMatcher(converter.getMatcher());
             fids = null;
         }
 
@@ -238,10 +240,9 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
      * @deprecated Use namespace configuration or call setFilterChainMap instead.
      */
     public void setFilterInvocationDefinitionSource(FilterInvocationDefinitionSource fids) {
-        if( fids instanceof RegExpBasedFilterInvocationDefinitionMap) {
-            matcher = new RegexUrlPathMatcher();
-        }
-        this.fids = fids;
+        Assert.isInstanceOf(DefaultFilterInvocationDefinitionSource.class, fids,
+                "Must be a DefaultFilterInvocationDefinitionSource");
+        this.fids = (DefaultFilterInvocationDefinitionSource) fids;
     }
 
     /**

core/src/test/java/org/springframework/security/intercept/web/PathBasedFilterInvocationDefinitionMapTests.java → core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java

@@ -18,43 +18,40 @@ package org.springframework.security.intercept.web;
 import org.springframework.security.ConfigAttributeDefinition;
 import org.springframework.security.MockFilterChain;
 import org.springframework.security.SecurityConfig;
+import org.springframework.security.util.AntUrlPathMatcher;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 
 import org.junit.Test;
+import org.junit.Before;
 import static org.junit.Assert.*;
 import static org.junit.Assert.assertEquals;
 
 /**
- * Tests parts of {@link PathBasedFilterInvocationDefinitionMap} not tested by {@link
- * FilterInvocationDefinitionSourceEditorWithPathsTests}.
+ * Tests parts of {@link DefaultFilterInvocationDefinitionSource} not tested by {@link
+ * FilterInvocationDefinitionSourceEditorTests}.
  *
  * @author Ben Alex
  * @version $Id$
  */
-public class PathBasedFilterInvocationDefinitionMapTests {
+public class DefaultFilterInvocationDefinitionSourceTests {
+    DefaultFilterInvocationDefinitionSource map;
 
     //~ Methods ========================================================================================================
+    @Before
+    public void createMap() {
+        map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher());
+        map.setStripQueryStringFromUrls(true);
+    }
 
     @Test
     public void convertUrlToLowercaseIsTrueByDefault() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
         assertTrue(map.isConvertUrlToLowercaseBeforeComparison());
     }
 
-    @Test
-    public void convertUrlToLowercaseSetterRespected() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
-        map.setConvertUrlToLowercaseBeforeComparison(false);
-        assertFalse(map.isConvertUrlToLowercaseBeforeComparison());
-    }
-
     @Test
     public void lookupNotRequiringExactMatchSuccessIfNotMatching() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
-        map.setConvertUrlToLowercaseBeforeComparison(true);
-
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();
         def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
         map.addSecureUrl("/secure/super/**", def);
@@ -70,8 +67,6 @@ public class PathBasedFilterInvocationDefinitionMapTests {
      */
     @Test
     public void lookupNotRequiringExactMatchSucceedsIfSecureUrlPathContainsUpperCase() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
-
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();
         def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
         map.addSecureUrl("/SeCuRE/super/**", def);
@@ -85,8 +80,7 @@ public class PathBasedFilterInvocationDefinitionMapTests {
 
     @Test
     public void lookupRequiringExactMatchFailsIfNotMatching() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
-        map.setConvertUrlToLowercaseBeforeComparison(false);
+        map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(false));
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();
         def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
         map.addSecureUrl("/secure/super/**", def);
@@ -99,8 +93,7 @@ public class PathBasedFilterInvocationDefinitionMapTests {
 
     @Test
     public void lookupRequiringExactMatchIsSuccessful() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
-        map.setConvertUrlToLowercaseBeforeComparison(false);
+        map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(false));
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();
         def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
         map.addSecureUrl("/SeCurE/super/**", def);
@@ -113,7 +106,6 @@ public class PathBasedFilterInvocationDefinitionMapTests {
 
     @Test
     public void lookupRequiringExactMatchWithAdditionalSlashesIsSuccessful() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();
         def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
         map.addSecureUrl("/someAdminPage.html**", def);
@@ -126,7 +118,6 @@ public class PathBasedFilterInvocationDefinitionMapTests {
 
     @Test(expected = IllegalArgumentException.class)
     public void unknownHttpMethodIsRejected() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();
         def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
         map.addSecureUrl("/someAdminPage.html**", "UNKNOWN", def);
@@ -134,7 +125,6 @@ public class PathBasedFilterInvocationDefinitionMapTests {
 
     @Test
     public void httpMethodLookupSucceeds() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();
         def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
         map.addSecureUrl("/somepage**", "GET", def);
@@ -146,7 +136,6 @@ public class PathBasedFilterInvocationDefinitionMapTests {
 
     @Test
     public void requestWithDifferentHttpMethodDoesntMatch() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();
         def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
         map.addSecureUrl("/somepage**", "GET", def);
@@ -158,7 +147,7 @@ public class PathBasedFilterInvocationDefinitionMapTests {
 
     @Test
     public void httpMethodSpecificUrlTakesPrecedence() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
+
 
         // Even though this is added before the method-specific def, the latter should match
         ConfigAttributeDefinition allMethodDef = new ConfigAttributeDefinition();
@@ -178,8 +167,7 @@ public class PathBasedFilterInvocationDefinitionMapTests {
      * Check fixes for SEC-321
      */
     @Test
-    public void extraQuestionMarkStillMatches() {
-        PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
+    public void extraQuestionMarkStillMatches() {        
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();
         def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
         map.addSecureUrl("/someAdminPage.html*", def);

core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorTests.java

@@ -21,6 +21,7 @@ import org.springframework.security.ConfigAttributeDefinition;
 import org.springframework.security.MockFilterChain;
 import org.springframework.security.SecurityConfig;
 import org.springframework.security.util.RegexUrlPathMatcher;
+import org.springframework.security.util.AntUrlPathMatcher;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
@@ -30,8 +31,8 @@ import java.util.regex.PatternSyntaxException;
 
 
 /**
- * Tests {@link FilterInvocationDefinitionSourceEditor} and its associated default {@link
- * RegExpBasedFilterInvocationDefinitionMap}.
+ * Tests {@link FilterInvocationDefinitionSourceEditor} and its associated default
+ * {@link DefaultFilterInvocationDefinitionSource}.
  *
  * @author Ben Alex
  * @version $Id$
@@ -273,4 +274,42 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase {
         DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
         assertEquals(2, map.getMapSize());
     }
+
+    public void testAntPathDirectiveIsDetected() {
+        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
+        editor.setAsText(
+            "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
+
+        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
+        assertTrue(map.getUrlMatcher() instanceof AntUrlPathMatcher);
+    }
+
+    public void testInvalidNameValueFailsToParse() {
+        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
+
+        try {
+            // Use a "==" instead of an "="
+            editor.setAsText("         PATTERN_TYPE_APACHE_ANT\r\n    /secure/*==ROLE_SUPERVISOR,ROLE_TELLER      \r\n");
+            fail("Shouldn't be able to use '==' for config attribute.");
+        } catch (IllegalArgumentException expected) {}
+    }
+
+    public void testSingleUrlParsing() throws Exception {
+        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
+        editor.setAsText("PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE,ANOTHER_ROLE");
+
+        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
+
+        MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null);
+        httpRequest.setServletPath("/secure/super/very_secret.html");
+
+        ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
+                    new MockHttpServletResponse(), new MockFilterChain()));
+
+        ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
+        expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE"));
+        expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE"));
+
+        assertEquals(expected, returned);
+    }
 }

core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorWithPathsTests.java

@@ -1,197 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.intercept.web;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.ConfigAttributeDefinition;
-import org.springframework.security.MockFilterChain;
-import org.springframework.security.SecurityConfig;
-import org.springframework.security.util.AntUrlPathMatcher;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-
-import java.util.Iterator;
-
-
-/**
- * Tests {@link FilterInvocationDefinitionSourceEditor} and its associated {@link
- * PathBasedFilterInvocationDefinitionMap}.
- *
- * @author Ben Alex
- * @version $Id$
- */
-public class FilterInvocationDefinitionSourceEditorWithPathsTests extends TestCase {
-    //~ Constructors ===================================================================================================
-
-    public FilterInvocationDefinitionSourceEditorWithPathsTests() {
-        super();
-    }
-
-    public FilterInvocationDefinitionSourceEditorWithPathsTests(String arg0) {
-        super(arg0);
-    }
-
-    //~ Methods ========================================================================================================
-
-    public void testAntPathDirectiveIsDetected() {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-        editor.setAsText(
-            "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
-
-        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
-        assertTrue(map.getUrlMatcher() instanceof AntUrlPathMatcher);
-    }
-
-    public void testConvertUrlToLowercaseDefaultSettingUnchangedByEditor() {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-        editor.setAsText(
-            "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
-
-        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
-        assertFalse(map.getUrlMatcher().requiresLowerCaseUrl());
-    }
-
-    public void testConvertUrlToLowercaseSettingApplied() {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-        editor.setAsText(
-            "CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON\r\nPATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
-
-        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
-        assertTrue(map.getUrlMatcher().requiresLowerCaseUrl());
-    }
-
-    public void testInvalidNameValueFailsToParse() {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-
-        try {
-            // Use a "==" instead of an "="
-            editor.setAsText("         PATTERN_TYPE_APACHE_ANT\r\n    /secure/*==ROLE_SUPERVISOR,ROLE_TELLER      \r\n");
-            fail("Shouldn't be able to use '==' for config attribute.");
-        } catch (IllegalArgumentException expected) {}
-    }
-
-    public void testIterator() {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-        editor.setAsText(
-            "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
-
-        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
-        Iterator iter = map.getConfigAttributeDefinitions();
-        int counter = 0;
-
-        while (iter.hasNext()) {
-            iter.next();
-            counter++;
-        }
-
-        assertEquals(2, counter);
-    }
-
-    public void testMapReturnsNullWhenNoMatchFound() throws Exception {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-        editor.setAsText("PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE");
-
-        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
-
-        MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null);
-        httpRequest.setServletPath("/totally/different/path/index.html");
-
-        ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
-                    new MockHttpServletResponse(), new MockFilterChain()));
-
-        assertEquals(null, returned);
-    }
-
-    public void testMultiUrlParsing() {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-        editor.setAsText(
-            "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
-
-        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
-        assertEquals(2, map.getMapSize());
-    }
-
-    public void testOrderOfEntriesIsPreservedOrderA() {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-        editor.setAsText(
-            "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/**=ROLE_WE_DONT_HAVE,ANOTHER_ROLE\r\n/secure/**=ROLE_SUPERVISOR,ROLE_TELLER");
-
-        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
-
-        // Test ensures we match the first entry, not the second
-        MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null);
-        httpRequest.setServletPath("/secure/super/very_secret.html");
-
-        ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
-                    new MockHttpServletResponse(), new MockFilterChain()));
-
-        ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
-        expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE"));
-        expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE"));
-
-        assertEquals(expected, returned);
-    }
-
-    public void testOrderOfEntriesIsPreservedOrderB() {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-        editor.setAsText(
-            "PATTERN_TYPE_APACHE_ANT\r\n/secure/**=ROLE_SUPERVISOR,ROLE_TELLER\r\n/secure/super/**=ROLE_WE_DONT_HAVE");
-
-        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
-
-        MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null);
-        httpRequest.setServletPath("/secure/super/very_secret.html");
-
-        ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
-                    new MockHttpServletResponse(), new MockFilterChain()));
-
-        ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
-        expected.addConfigAttribute(new SecurityConfig("ROLE_SUPERVISOR"));
-        expected.addConfigAttribute(new SecurityConfig("ROLE_TELLER"));
-
-        assertEquals(expected, returned);
-    }
-
-    public void testSingleUrlParsing() throws Exception {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-        editor.setAsText("PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE,ANOTHER_ROLE");
-
-        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
-
-        MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null);
-        httpRequest.setServletPath("/secure/super/very_secret.html");
-
-        ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
-                    new MockHttpServletResponse(), new MockFilterChain()));
-
-        ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
-        expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE"));
-        expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE"));
-
-        assertEquals(expected, returned);
-    }
-
-    public void testWhitespaceAndCommentsAndLinesWithoutEqualsSignsAreIgnored() {
-        FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
-        editor.setAsText(
-            "         PATTERN_TYPE_APACHE_ANT\r\n    /secure/super/*=ROLE_WE_DONT_HAVE\r\n    /secure/*=ROLE_SUPERVISOR,ROLE_TELLER      \r\n   \r\n     \r\n   // comment line  \r\n    \r\n");
-
-        DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
-        assertEquals(2, map.getMapSize());
-    }
-}

core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java

@@ -30,6 +30,8 @@ import org.springframework.security.MockAuthenticationManager;
 import org.springframework.security.MockRunAsManager;
 import org.springframework.security.RunAsManager;
 import org.springframework.security.SecurityConfig;
+import org.springframework.security.util.AntUrlPathMatcher;
+import org.springframework.security.util.RegexUrlPathMatcher;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.mock.web.MockHttpServletRequest;
@@ -75,11 +77,10 @@ public class FilterSecurityInterceptorTests extends TestCase {
         SecurityContextHolder.clearContext();
     }
 
-    public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass()
-        throws Exception {
+    public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass() throws Exception {
         FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
         interceptor.setAuthenticationManager(new MockAuthenticationManager());
-        interceptor.setObjectDefinitionSource(new RegExpBasedFilterInvocationDefinitionMap());
+        interceptor.setObjectDefinitionSource(new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher()));
         interceptor.setRunAsManager(new MockRunAsManager());
 
         interceptor.setAccessDecisionManager(new AccessDecisionManager() {
@@ -111,7 +112,7 @@ public class FilterSecurityInterceptorTests extends TestCase {
         FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
         interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
         interceptor.setAuthenticationManager(new MockAuthenticationManager());
-        interceptor.setObjectDefinitionSource(new RegExpBasedFilterInvocationDefinitionMap());
+        interceptor.setObjectDefinitionSource(new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher()));
 
         interceptor.setRunAsManager(new RunAsManager() {
                 public boolean supports(Class clazz) {
@@ -177,7 +178,8 @@ public class FilterSecurityInterceptorTests extends TestCase {
         interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
         interceptor.setAuthenticationManager(new MockAuthenticationManager());
 
-        RegExpBasedFilterInvocationDefinitionMap fidp = new RegExpBasedFilterInvocationDefinitionMap();
+        DefaultFilterInvocationDefinitionSource fidp =
+                new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher());
         interceptor.setObjectDefinitionSource(fidp);
         interceptor.setRunAsManager(new MockRunAsManager());
         interceptor.afterPropertiesSet();
@@ -232,7 +234,8 @@ public class FilterSecurityInterceptorTests extends TestCase {
         List mappings = new ArrayList(1);
         mappings.add(mapping);
 
-        PathBasedFilterInvocationDefinitionMap filterInvocationDefinitionSource = new PathBasedFilterInvocationDefinitionMap();
+        DefaultFilterInvocationDefinitionSource filterInvocationDefinitionSource
+                = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher());
         filterInvocationDefinitionSource.setMappings(mappings);
 
         FilterSecurityInterceptor filter = new FilterSecurityInterceptor();

core/src/test/java/org/springframework/security/intercept/web/MockFilterInvocationDefinition.java

@@ -1,64 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.intercept.web;
-
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import org.springframework.security.ConfigAttributeDefinition;
-
-/**
- * Mock for {@link FilterInvocationDefinitionMap}
- *
- * @author <a href="mailto:carlos@apache.org">Carlos Sanchez</a>
- * @version $Id: MockFilterInvocationDefinitionSource.java 1496 2006-05-23
- *          13:38:33Z benalex $
- */
-public class MockFilterInvocationDefinition implements FilterInvocationDefinition {
-
-    private Map secureUrls = new HashMap();
-
-    private boolean convertUrlToLowercaseBeforeComparison = false;
-
-    public void addSecureUrl(String expression, ConfigAttributeDefinition attr) {
-        secureUrls.put(expression, attr);
-    }
-
-    public boolean isConvertUrlToLowercaseBeforeComparison() {
-        return convertUrlToLowercaseBeforeComparison;
-    }
-
-    public void setConvertUrlToLowercaseBeforeComparison(boolean convertUrlToLowercaseBeforeComparison) {
-        this.convertUrlToLowercaseBeforeComparison = convertUrlToLowercaseBeforeComparison;
-    }
-
-    public ConfigAttributeDefinition getSecureUrl(String expression) {
-        return (ConfigAttributeDefinition) secureUrls.get(expression);
-    }
-
-    public ConfigAttributeDefinition getAttributes(Object object) throws IllegalArgumentException {
-        return (ConfigAttributeDefinition) secureUrls.get(object);
-    }
-
-    public Iterator getConfigAttributeDefinitions() {
-        return secureUrls.values().iterator();
-    }
-
-    public boolean supports(Class clazz) {
-        return true;
-    }
-}

core/src/test/java/org/springframework/security/intercept/web/RegExpBasedFilterDefinitionMapTests.java

@@ -1,121 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.intercept.web;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.ConfigAttributeDefinition;
-import org.springframework.security.MockFilterChain;
-import org.springframework.security.SecurityConfig;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-
-
-/**
- * Tests parts of {@link RegExpBasedFilterInvocationDefinitionMap} not tested by {@link
- * FilterInvocationDefinitionSourceEditorTests}.
- *
- * @author Ben Alex
- * @version $Id$
- */
-public class RegExpBasedFilterDefinitionMapTests extends TestCase {
-    //~ Constructors ===================================================================================================
-
-    public RegExpBasedFilterDefinitionMapTests() {
-    }
-
-    public RegExpBasedFilterDefinitionMapTests(String arg0) {
-        super(arg0);
-    }
-
-    //~ Methods ========================================================================================================
-
-    public void testConvertUrlToLowercaseIsFalseByDefault() {
-        RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap();
-        assertFalse(map.isConvertUrlToLowercaseBeforeComparison());
-    }
-
-    public void testConvertUrlToLowercaseSetterRespected() {
-        RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap();
-        map.setConvertUrlToLowercaseBeforeComparison(true);
-        assertTrue(map.isConvertUrlToLowercaseBeforeComparison());
-    }
-
-    public void testLookupNotRequiringExactMatchSuccessIfNotMatching() {
-        RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap();
-        map.setConvertUrlToLowercaseBeforeComparison(true);
-        assertTrue(map.isConvertUrlToLowercaseBeforeComparison());
-
-        ConfigAttributeDefinition def = new ConfigAttributeDefinition();
-        def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
-        map.addSecureUrl("\\A/secure/super.*\\Z", def);
-
-        // Build a HTTP request
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.setRequestURI(null);
-
-        MockHttpServletRequest req = request;
-        req.setServletPath("/SeCuRE/super/somefile.html");
-
-        FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(), new MockFilterChain());
-
-        ConfigAttributeDefinition response = map.lookupAttributes(fi.getRequestUrl());
-        assertEquals(def, response);
-    }
-
-    public void testLookupRequiringExactMatchFailsIfNotMatching() {
-        RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap();
-        assertFalse(map.isConvertUrlToLowercaseBeforeComparison());
-
-        ConfigAttributeDefinition def = new ConfigAttributeDefinition();
-        def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
-        map.addSecureUrl("\\A/secure/super.*\\Z", def);
-
-        // Build a HTTP request
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.setRequestURI(null);
-
-        MockHttpServletRequest req = request;
-        req.setServletPath("/SeCuRE/super/somefile.html");
-
-        FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(), new MockFilterChain());
-
-        ConfigAttributeDefinition response = map.lookupAttributes(fi.getRequestUrl());
-        assertEquals(null, response);
-    }
-
-    public void testLookupRequiringExactMatchIsSuccessful() {
-        RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap();
-        assertFalse(map.isConvertUrlToLowercaseBeforeComparison());
-
-        ConfigAttributeDefinition def = new ConfigAttributeDefinition();
-        def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
-        map.addSecureUrl("\\A/secure/super.*\\Z", def);
-
-        // Build a HTTP request
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.setRequestURI(null);
-
-        MockHttpServletRequest req = request;
-        req.setServletPath("/secure/super/somefile.html");
-
-        FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(), new MockFilterChain());
-
-        ConfigAttributeDefinition response = map.lookupAttributes(fi.getRequestUrl());
-        assertEquals(def, response);
-    }
-}

core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java

@@ -30,7 +30,7 @@ import org.springframework.security.MockApplicationContext;
 import org.springframework.security.MockFilterConfig;
 import org.springframework.security.context.HttpSessionContextIntegrationFilter;
 import org.springframework.security.intercept.web.MockFilterInvocationDefinitionSource;
-import org.springframework.security.intercept.web.PathBasedFilterInvocationDefinitionMap;
+import org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource;
 import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
 
 import java.util.List;
@@ -82,7 +82,8 @@ public class FilterChainProxyTests {
         ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
         cad.addConfigAttribute(new MockConfigAttribute());
 
-        PathBasedFilterInvocationDefinitionMap fids = new PathBasedFilterInvocationDefinitionMap();
+        DefaultFilterInvocationDefinitionSource fids =
+                new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher());
         fids.addSecureUrl("/**", cad);
 
         filterChainProxy.setFilterInvocationDefinitionSource(fids);