Removed maven structure from sandbox, and 'other' module, which is out of date.

sandbox/other/pom.xml

@@ -1,87 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-  <modelVersion>4.0.0</modelVersion>
-  <parent>
-    <groupId>org.springframework.security</groupId>
-    <artifactId>spring-security-sandbox</artifactId>
-    <version>3.0.0.CI-SNAPSHOT</version>
-  </parent>
-  <artifactId>spring-security-sandbox-other</artifactId>
-  <name>Spring Security - Other Sandbox Code</name>
-  <description>Spring Security Miscellaneous sandbox utilities</description>
-  <dependencies>
-    <dependency>
-      <groupId>org.springframework.security</groupId>
-      <artifactId>spring-security-core</artifactId>
-      <version>${project.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.springframework.security</groupId>
-      <artifactId>spring-security-ldap</artifactId>
-      <version>${project.version}</version>
-    </dependency>
-    <dependency>
-        <groupId>org.springframework.security</groupId>
-        <artifactId>spring-security-core</artifactId>
-        <version>${project.version}</version>
-        <classifier>tests</classifier>
-        <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.springframework</groupId>
-      <artifactId>spring-test</artifactId>
-      <optional>true</optional>
-    </dependency>
-    <dependency>
-        <groupId>org.springframework</groupId>
-        <artifactId>spring-jdbc</artifactId>
-        <optional>true</optional>
-    </dependency>
-    <dependency>
-      <groupId>org.springframework.ldap</groupId>
-      <artifactId>spring-ldap-core</artifactId>
-      <optional>true</optional>
-    </dependency>
-    <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>servlet-api</artifactId>
-      <optional>true</optional>
-    </dependency>
-    <dependency>
-      <groupId>ehcache</groupId>
-      <artifactId>ehcache</artifactId>
-      <version>1.1</version>
-      <optional>true</optional>
-    </dependency>
-    <dependency>
-        <groupId>org.aspectj</groupId>
-        <artifactId>aspectjrt</artifactId>
-    </dependency>
-    <dependency>
-        <groupId>org.aspectj</groupId>
-        <artifactId>aspectjweaver</artifactId>
-    </dependency>
-    <dependency>
-      <groupId>ldapsdk</groupId>
-      <artifactId>ldapsdk</artifactId>
-      <version>4.1</version>
-    </dependency>
-<!--
-    <dependency>
-      <groupId>org.samba.jcifs</groupId>
-      <artifactId>jcifs</artifactId>
-      <version>1.2.6</version>
-      <type>jar</type>
-
-    </dependency>
--->
-      <dependency>
-        <groupId>hsqldb</groupId>
-        <artifactId>hsqldb</artifactId>
-        <version>1.8.0.4</version>
-          <scope>test</scope>
-      </dependency>
-  </dependencies>
-</project>

sandbox/other/src/main/java/org/springframework/security/ldap/ppolicy/AccountLockedException.java

@@ -1,15 +0,0 @@
-package org.springframework.security.ldap.ppolicy;
-
-/**
- * @author Luke
- * @version $Id$
- */
-public class AccountLockedException extends PasswordPolicyException {
-    public AccountLockedException(String msg) {
-        super(msg);
-    }
-
-    public AccountLockedException(String msg, Throwable t) {
-        super(msg, t);
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ldap/ppolicy/OracleIDPasswordPolicyControl.java

@@ -1,11 +0,0 @@
-package org.springframework.security.ldap.ppolicy;
-
-/**
- * @author Luke
- * @version $Id$
- */
-public class OracleIDPasswordPolicyControl extends PasswordPolicyControl {
-    public String getID() {
-        return "2.16.840.1.113894.1.8.6";
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ldap/ppolicy/PasswordExpiredException.java

@@ -1,15 +0,0 @@
-package org.springframework.security.ldap.ppolicy;
-
-/**
- * @author Luke
- * @version $Id$
- */
-public class PasswordExpiredException extends PasswordPolicyException {
-    public PasswordExpiredException(String msg) {
-        super(msg);
-    }
-
-    public PasswordExpiredException(String msg, Throwable t) {
-        super(msg, t);
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ldap/ppolicy/PasswordInHistoryException.java

@@ -1,16 +0,0 @@
-package org.springframework.security.ldap.ppolicy;
-
-/**
- * @author Luke
- * @version $Id$
- */
-public class PasswordInHistoryException extends PasswordPolicyException {
-
-    public PasswordInHistoryException(String msg) {
-        super(msg);
-    }
-
-    public PasswordInHistoryException(String msg, Throwable t) {
-        super(msg, t);
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyControl.java

@@ -1,91 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.ldap.ppolicy;
-
-import javax.naming.ldap.Control;
-
-
-/**
- * A Password Policy request control.<p>Based on the information in the corresponding internet draft on LDAP
- * password policy.</p>
- *
- * @author Stefan Zoerner
- * @author Luke Taylor
- * @version $Id$
- *
- * @see PasswordPolicyResponseControl
- * @see <a href="http://www.ietf.org/internet-drafts/draft-behera-ldap-password-policy-09.txt">Password Policy for LDAP
- *      Directories</a>
- */
-public class PasswordPolicyControl implements Control {
-    //~ Static fields/initializers =====================================================================================
-
-    /** OID of the Password Policy Control */
-    public static final String OID = "1.3.6.1.4.1.42.2.27.8.5.1";
-
-    //~ Instance fields ================================================================================================
-
-    private boolean critical;
-
-    //~ Constructors ===================================================================================================
-
-/**
-     * Creates a non-critical (request) control.
-     */
-    public PasswordPolicyControl() {
-        this(Control.NONCRITICAL);
-    }
-
-/**
-     * Creates a (request) control.
-     * 
-     * @param critical indicates whether the control is
-     *                 critical for the client
-     */
-    public PasswordPolicyControl(boolean critical) {
-        this.critical = critical;
-    }
-
-    //~ Methods ========================================================================================================
-
-    /**
-     * Retrieves the ASN.1 BER encoded value of the LDAP control. The request value for this control is always
-     * empty.
-     *
-     * @return always null
-     */
-    public byte[] getEncodedValue() {
-        return null;
-    }
-
-    /**
-     * Returns the OID of the Password Policy Control.
-     *
-     * @return DOCUMENT ME!
-     */
-    public String getID() {
-        return OID;
-    }
-
-    /**
-     * Returns whether the control is critical for the client.
-     *
-     * @return DOCUMENT ME!
-     */
-    public boolean isCritical() {
-        return critical;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyControlFactory.java

@@ -1,49 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.ldap.ppolicy;
-
-import org.springframework.security.ldap.ppolicy.PasswordPolicyControl;
-
-import javax.naming.ldap.Control;
-import javax.naming.ldap.ControlFactory;
-
-
-/**
- * Transforms a control object to a PasswordPolicyResponseControl object, if appropriate.
- *
- * @author Stefan Zoerner
- * @author Luke Taylor
- * @version $Id$
- */
-public class PasswordPolicyControlFactory extends ControlFactory {
-    //~ Methods ========================================================================================================
-
-    /**
-     * Creates an instance of PasswordPolicyResponseControl if the passed control is a response control of this
-     * type. Attributes of the result are filled with the correct values (e.g. error code).
-     *
-     * @param ctl the control the check
-     *
-     * @return a response control of type PasswordPolicyResponseControl, or null
-     */
-    public Control getControlInstance(Control ctl) {
-        if (ctl.getID().equals(PasswordPolicyControl.OID)) {
-            return new PasswordPolicyResponseControl(ctl.getEncodedValue());
-        }
-
-        return null;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyException.java

@@ -1,17 +0,0 @@
-package org.springframework.security.ldap.ppolicy;
-
-import org.springframework.security.AuthenticationException;
-
-/**
- * @author Luke
- * @version $Id$
- */
-public class PasswordPolicyException extends AuthenticationException {
-    public PasswordPolicyException(String msg) {
-        super(msg);
-    }
-
-    public PasswordPolicyException(String msg, Throwable t) {
-        super(msg, t);
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyResponseControl.java

@@ -1,358 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.ldap.ppolicy;
-
-import netscape.ldap.ber.stream.BERChoice;
-import netscape.ldap.ber.stream.BERElement;
-import netscape.ldap.ber.stream.BEREnumerated;
-import netscape.ldap.ber.stream.BERInteger;
-
-//import com.novell.ldap.asn1.LBERDecoder;
-//import com.novell.ldap.asn1.ASN1Sequence;
-//import com.novell.ldap.asn1.ASN1Tagged;
-//import com.novell.ldap.asn1.ASN1OctetString;
-import netscape.ldap.ber.stream.BERSequence;
-import netscape.ldap.ber.stream.BERTag;
-import netscape.ldap.ber.stream.BERTagDecoder;
-
-import org.springframework.security.ldap.ppolicy.PasswordPolicyControl;
-import org.springframework.dao.DataRetrievalFailureException;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-
-/**
- * Represent the response control received when a <tt>PasswordPolicyControl</tt> is used when binding to a
- * directory. Currently tested with the OpenLDAP 2.3.19 implementation of the LDAP Password Policy Draft.  It extends
- * the request control with the control specific data. This is accomplished by the properties timeBeforeExpiration,
- * graceLoginsRemaining and errorCodes. getEncodedValue returns the unchanged value of the response control as a byte
- * array.
- *
- * @author Stefan Zoerner
- * @author Luke Taylor
- * @version $Id$
- *
- * @see org.springframework.security.ldap.ppolicy.PasswordPolicyControl
- * @see <a href="http://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/">Stefan Zoerner's IBM developerworks
- *      article on LDAP controls.</a>
- */
-public class PasswordPolicyResponseControl extends PasswordPolicyControl {
-    //~ Static fields/initializers =====================================================================================
-
-    private static final Log logger = LogFactory.getLog(PasswordPolicyResponseControl.class);
-    public static final int ERROR_NONE = -1;
-    public static final int ERROR_PASSWORD_EXPIRED = 0;
-    public static final int ERROR_ACCOUNT_LOCKED = 1;
-    public static final int WARNINGS_DEFAULT = -1;
-    private static final String[] errorText = {
-            "password expired", "account locked", "change after reset", "password mod not allowed",
-            "must supply old password", "invalid password syntax", "password too short", "password too young",
-            "password in history"
-        };
-
-    //~ Instance fields ================================================================================================
-
-    private byte[] encodedValue;
-    private int errorCode = ERROR_NONE;
-    private int graceLoginsRemaining = WARNINGS_DEFAULT;
-    private int timeBeforeExpiration = WARNINGS_DEFAULT;
-
-    //~ Constructors ===================================================================================================
-
-    /**
-     * Decodes the Ber encoded control data. The ASN.1 value of the control data is:<pre>
-     *    PasswordPolicyResponseValue ::= SEQUENCE {       warning [0] CHOICE {
-     *           timeBeforeExpiration [0] INTEGER (0 .. maxInt),
-     *           graceAuthNsRemaining [1] INTEGER (0 .. maxInt) } OPTIONAL,       error   [1] ENUMERATED {
-     *           passwordExpired             (0),          accountLocked               (1),
-     *           changeAfterReset            (2),          passwordModNotAllowed       (3),
-     *           mustSupplyOldPassword       (4),          insufficientPasswordQuality (5),
-     *           passwordTooShort            (6),          passwordTooYoung            (7),
-     *           passwordInHistory           (8) } OPTIONAL }</pre>
-     *
-     */    
-    public PasswordPolicyResponseControl(byte[] encodedValue) {
-        this.encodedValue = encodedValue;
-
-        //PPolicyDecoder decoder = new JLdapDecoder();
-        PPolicyDecoder decoder = new NetscapeDecoder();
-
-        try {
-            decoder.decode();
-        } catch (IOException e) {
-            throw new DataRetrievalFailureException("Failed to parse control value", e);
-        }
-    }
-
-    //~ Methods ========================================================================================================
-
-    /**
-     * Returns the unchanged value of the response control.  Returns the unchanged value of the response
-     * control as byte array.
-     */
-    public byte[] getEncodedValue() {
-        return encodedValue;
-    }
-
-    /**
-     * Returns the error code, or ERROR_NONE, if no error is present.
-     *
-     * @return the error code (0-8), or ERROR_NONE
-     */
-    public int getErrorCode() {
-        return errorCode;
-    }
-
-    /**
-     * Returns the graceLoginsRemaining.
-     *
-     * @return Returns the graceLoginsRemaining.
-     */
-    public int getGraceLoginsRemaining() {
-        return graceLoginsRemaining;
-    }
-
-    /**
-     * Returns the timeBeforeExpiration.
-     *
-     * @return Returns the time before expiration in seconds
-     */
-    public int getTimeBeforeExpiration() {
-        return timeBeforeExpiration;
-    }
-
-    /**
-     * Checks whether an error is present.
-     *
-     * @return true, if an error is present
-     */
-    public boolean hasError() {
-        return this.getErrorCode() != ERROR_NONE;
-    }
-
-    /**
-     * Checks whether a warning is present.
-     *
-     * @return true, if a warning is present
-     */
-    public boolean hasWarning() {
-        return (graceLoginsRemaining != WARNINGS_DEFAULT) || (timeBeforeExpiration != WARNINGS_DEFAULT);
-    }
-
-    public boolean isExpired() {
-        return errorCode == ERROR_PASSWORD_EXPIRED;
-    }
-
-    /**
-     * Determines whether an account locked error has been returned.
-     *
-     * @return true if the account is locked.
-     */
-    public boolean isLocked() {
-        return errorCode == ERROR_ACCOUNT_LOCKED;
-    }
-
-    /**
-     * Create a textual representation containing error and warning messages, if any are present.
-     *
-     * @return error and warning messages
-     */
-    public String toString() {
-        StringBuilder sb = new StringBuilder("PasswordPolicyResponseControl");
-
-        if (hasError()) {
-            sb.append(", error: ").append(errorText[errorCode]);
-        }
-
-        if (graceLoginsRemaining != WARNINGS_DEFAULT) {
-            sb.append(", warning: ").append(graceLoginsRemaining).append(" grace logins remain");
-        }
-
-        if (timeBeforeExpiration != WARNINGS_DEFAULT) {
-            sb.append(", warning: time before expiration is ").append(timeBeforeExpiration);
-        }
-
-        if (!hasError() && !hasWarning()) {
-            sb.append(" (no error, no warning)");
-        }
-
-        return sb.toString();
-    }
-
-    //~ Inner Interfaces ===============================================================================================
-
-    private interface PPolicyDecoder {
-        void decode() throws IOException;
-    }
-
-    //~ Inner Classes ==================================================================================================
-    
-    /**
-     * Decoder based on Netscape ldapsdk library
-     */
-    private class NetscapeDecoder implements PPolicyDecoder {
-        public void decode() throws IOException {
-            int[] bread = {0};
-            BERSequence seq = (BERSequence) BERElement.getElement(new SpecificTagDecoder(),
-                    new ByteArrayInputStream(encodedValue), bread);
-
-            int size = seq.size();
-
-            if (logger.isDebugEnabled()) {
-                logger.debug("PasswordPolicyResponse, ASN.1 sequence has " + size + " elements");
-            }
-
-            for (int i = 0; i < seq.size(); i++) {
-                BERTag elt = (BERTag) seq.elementAt(i);
-
-                int tag = elt.getTag() & 0x1F;
-
-                if (tag == 0) {
-                    BERChoice warning = (BERChoice) elt.getValue();
-
-                    BERTag content = (BERTag) warning.getValue();
-                    int value = ((BERInteger) content.getValue()).getValue();
-
-                    if ((content.getTag() & 0x1F) == 0) {
-                        timeBeforeExpiration = value;
-                    } else {
-                        graceLoginsRemaining = value;
-                    }
-                } else if (tag == 1) {
-                    BEREnumerated error = (BEREnumerated) elt.getValue();
-                    errorCode = error.getValue();
-                }
-            }
-        }
-
-        class SpecificTagDecoder extends BERTagDecoder {
-            /** Allows us to remember which of the two options we're decoding */
-            private Boolean inChoice = null;
-
-            public BERElement getElement(BERTagDecoder decoder, int tag, InputStream stream, int[] bytesRead,
-                boolean[] implicit) throws IOException {
-                tag &= 0x1F;
-                implicit[0] = false;
-
-                if (tag == 0) {
-                    // Either the choice or the time before expiry within it
-                    if (inChoice == null) {
-                        setInChoice(true);
-
-                        // Read the choice length from the stream (ignored)
-                        BERElement.readLengthOctets(stream, bytesRead);
-
-                        int[] componentLength = new int[1];
-                        BERElement choice = new BERChoice(decoder, stream, componentLength);
-                        bytesRead[0] += componentLength[0];
-
-                        // inChoice = null;
-                        return choice;
-                    } else {
-                        // Must be time before expiry
-                        return new BERInteger(stream, bytesRead);
-                    }
-                } else if (tag == 1) {
-                    // Either the graceLogins or the error enumeration.
-                    if (inChoice == null) {
-                        // The enumeration
-                        setInChoice(false);
-
-                        return new BEREnumerated(stream, bytesRead);
-                    } else {
-                        if (inChoice.booleanValue()) {
-                            // graceLogins
-                            return new BERInteger(stream, bytesRead);
-                        }
-                    }
-                }
-
-                throw new DataRetrievalFailureException("Unexpected tag " + tag);
-            }
-
-            private void setInChoice(boolean inChoice) {
-                this.inChoice = new Boolean(inChoice);
-            }
-        }
-    }
-
-/** Decoder based on the OpenLDAP/Novell JLDAP library */
-
-//    private class JLdapDecoder implements PPolicyDecoder {
-//
-//        public void decode() throws IOException {
-//
-//            LBERDecoder decoder = new LBERDecoder();
-//
-//            ASN1Sequence seq = (ASN1Sequence)decoder.decode(encodedValue);
-//
-//            if(seq == null) {
-//
-//            }
-//
-//            int size = seq.size();
-//
-//            if(logger.isDebugEnabled()) {
-//                logger.debug("PasswordPolicyResponse, ASN.1 sequence has " +
-//                        size + " elements");
-//            }
-//
-//            for(int i=0; i < size; i++) {
-//
-//                ASN1Tagged taggedObject = (ASN1Tagged)seq.get(i);
-//
-//                int tag = taggedObject.getIdentifier().getTag();
-//
-//                ASN1OctetString value = (ASN1OctetString)taggedObject.taggedValue();
-//                byte[] content = value.byteValue();
-//
-//                if(tag == 0) {
-//                    parseWarning(content, decoder);
-//
-//                } else if(tag == 1) {
-//                    // Error: set the code to the value
-//                    errorCode = content[0];
-//                }
-//            }
-//        }
-//
-//        private void parseWarning(byte[] content, LBERDecoder decoder) {
-//            // It's the warning (choice). Parse the number and set either the
-//            // expiry time or number of logins remaining.
-//            ASN1Tagged taggedObject = (ASN1Tagged)decoder.decode(content);
-//            int contentTag = taggedObject.getIdentifier().getTag();
-//            content = ((ASN1OctetString)taggedObject.taggedValue()).byteValue();
-//            int number;
-//
-//            try {
-//                number = ((Long)decoder.decodeNumeric(new ByteArrayInputStream(content), content.length)).intValue();
-//            } catch(IOException e) {
-//                throw new LdapDataAccessException("Failed to parse number ", e);
-//            }
-//
-//            if(contentTag == 0) {
-//                timeBeforeExpiration = number;
-//            } else if (contentTag == 1) {
-//                graceLoginsRemaining = number;
-//            }
-//        }
-//    }
-}

sandbox/other/src/main/java/org/springframework/security/providers/ldap/authenticator/OracleIDBindAuthenticator.java

@@ -1,77 +0,0 @@
-package org.springframework.security.providers.ldap.authenticator;
-
-import org.springframework.security.ldap.SpringSecurityContextSource;
-import org.springframework.security.ldap.ppolicy.AccountLockedException;
-import org.springframework.security.ldap.ppolicy.PasswordExpiredException;
-import org.springframework.security.ldap.ppolicy.PasswordPolicyException;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-
-/**
- * @author Luke
- * @version $Id$
- */
-public class OracleIDBindAuthenticator extends BindAuthenticator {
-    //~ Static fields/initializers =====================================================================================
-
-    private static final Log logger = LogFactory.getLog(OracleIDBindAuthenticator.class);
-
-    private static final Pattern oidErrorMsgPattern = Pattern.compile("^\\[LDAP: error code ([0-9]+) - .*:([0-9]{4}):.*");
-
-    //~ Constructors ===================================================================================================
-
-    protected OracleIDBindAuthenticator(SpringSecurityContextSource contextSource) {
-        super(contextSource);
-    }
-
-/**
-    9000 GSL_PWDEXPIRED_EXCP Your Password has expired. Please contact the Administrator to change your password.
-    9001 GSL_ACCOUNTLOCKED_EXCP Your account is locked. Please contact the Administrator.
-    9002 GSL_EXPIREWARNING_EXCP Your Password will expire in pwdexpirewarning seconds. Please change your password now.
-    9003 GSL_PWDMINLENGTH_EXCP Your Password must be at least pwdminlength characters long.
-    9004 GSL_PWDNUMERIC_EXCP Your Password must contain at least orclpwdalphanumeric numeric characters.
-    9005 GSL_PWDNULL_EXCP Your Password cannot be a Null Password.
-    9006 GSL_PWDINHISTORY_EXCP Your New Password cannot be the same as your Old Password.
-    9007 GSL_PWDILLEGALVALUE_EXCP Your Password cannot be the same as your orclpwdillegalvalues.
-    9008 GSL_GRACELOGIN_EXCP Your Password has expired. You have pwdgraceloginlimit Grace logins left.
-    9050 GSL_ACCTDISABLED_EXCP Your Account has been disabled. Please contact the administrator.
-*/
-    protected void handleBindException(String userDn, String username, Throwable exception) {
-        int errorCode = parseOracleErrorCode(exception.getMessage());
-
-        if (errorCode > 0) {
-            switch (errorCode) {
-                case 9000:
-                    throw new PasswordExpiredException("Password has expired. Please contact an administrator.");
-                case 9001:
-                    throw new AccountLockedException("Account is locked. Please contact an administrator.");
-//                case 9006:
-//                    throw new PasswordInHistoryException("Password must not match previous password");
-            }
-            throw new PasswordPolicyException("OID exception: " + exception.getMessage());
-        }
-
-       // Just debug log the exception
-        super.handleBindException(userDn, username, exception);
-    }
-
-    /**
-     * Attempts to parse the error code from the exception message returned by OID.
-     */
-    private int parseOracleErrorCode(String msg) {
-        Matcher matcher = oidErrorMsgPattern.matcher(msg);
-
-        if (matcher.matches()) {
-            String code = matcher.group(2);
-
-            return Integer.parseInt(code);
-        }
-
-        return -1;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/AttributesSource.java

@@ -1,36 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * Source of the attributes associated with pre-authenticated authentication request. The attributes
- * can be supplied in the cookies, request header, or property (configuration file).
- * 
- * @author Valery Tydykov
- * 
- */
-public interface AttributesSource {
-    /**
-     * Obtain attributes supplied in the request or property.
-     * 
-     * @param request with optional attributes
-     * @return Map<String, String> of attributes: name/value.
-     */
-    public Map obtainAttributes(HttpServletRequest request);
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/AttributesSourceWebAuthenticationDetailsSource.java

@@ -1,96 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.security.ui.AuthenticationDetailsSource;
-import org.springframework.security.ui.WebAuthenticationDetailsSource;
-import org.springframework.util.Assert;
-
-/**
- * Implementation of {@link AuthenticationDetailsSource} which builds the details object from an
- * <tt>HttpServletRequest</tt> object.
- * <p>
- * Uses <code>attributesSource</code> to obtain attributes from the request. Adds obtained
- * attributes to created details object. The details object must be an instance of
- * <tt>AuthenticationDetailsImpl</tt>, which has additional <tt>attributes</tt> property.
- * 
- * @author Valery Tydykov
- */
-public class AttributesSourceWebAuthenticationDetailsSource extends WebAuthenticationDetailsSource
-        implements InitializingBean {
-
-    public AttributesSourceWebAuthenticationDetailsSource() {
-        super();
-        setClazz(AuthenticationDetailsImpl.class);
-    }
-
-    private AttributesSource attributesSource;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.security.ui.WebAuthenticationDetailsSource#buildDetails(java.lang.Object)
-     */
-    public Object buildDetails(Object context) {
-        // build AuthenticationDetailsImpl object
-        Object result = super.buildDetails(context);
-
-        Assert.isInstanceOf(HttpServletRequest.class, context);
-        HttpServletRequest request = (HttpServletRequest) context;
-
-        // extract attributes from the request
-        Map attributes = this.getAttributesSource().obtainAttributes(request);
-
-        // add additional attributes to the AuthenticationDetailsImpl object
-        AuthenticationDetailsImpl authenticationDetails;
-        {
-            Assert.isInstanceOf(AuthenticationDetailsImpl.class, result);
-            authenticationDetails = (AuthenticationDetailsImpl) result;
-            // add attributes from the AttributesSource to the AuthenticationDetailsImpl object
-            authenticationDetails.getAttributes().putAll(attributes);
-        }
-
-        return authenticationDetails;
-    }
-
-    /**
-     * @return the attributesSource
-     */
-    public AttributesSource getAttributesSource() {
-        return this.attributesSource;
-    }
-
-    /**
-     * @param attributesSource the attributesSource to set
-     */
-    public void setAttributesSource(AttributesSource attributesSource) {
-        Assert.notNull(attributesSource, "attributesSource must not be null");
-        this.attributesSource = attributesSource;
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
-     */
-    public void afterPropertiesSet() throws Exception {
-        Assert.notNull(this.attributesSource, "attributesSource must be set");
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/AuthenticationDetailsImpl.java

@@ -1,51 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.springframework.security.ui.WebAuthenticationDetails;
-
-/**
- * A holder of selected HTTP details related to a web authentication request.
- * <p>
- * Has additional <tt>attributes</tt> property.
- * 
- * @author Valery Tydykov
- */
-public class AuthenticationDetailsImpl extends WebAuthenticationDetails {
-    public AuthenticationDetailsImpl(HttpServletRequest request) {
-        super(request);
-    }
-
-    private Map attributes = new HashMap();
-
-    /**
-     * @return the attributes
-     */
-    public Map getAttributes() {
-        return attributes;
-    }
-
-    /**
-     * @param attributes the attributes to set
-     */
-    public void setAttributes(Map attributes) {
-        this.attributes = attributes;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/CookieAttributesSource.java

@@ -1,78 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.security.util.ServletUtils;
-import org.springframework.util.Assert;
-
-/**
- * Source of the attributes associated with pre-authenticated authentication request. The attributes
- * can be supplied in the cookies. The keys for values to be extracted must be specified as a
- * <tt>keys</tt> property.
- * 
- * @author Valery Tydykov
- * 
- */
-public class CookieAttributesSource implements AttributesSource, InitializingBean {
-
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    // keys for values to be extracted
-    private List keys;
-
-    /**
-     * @return the keys
-     */
-    public List getKeys() {
-        return this.keys;
-    }
-
-    /**
-     * @param keys the keys to set
-     */
-    public void setKeys(List keys) {
-        this.keys = keys;
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.security.ui.preauth.AttributesSource#obtainAttributes(javax.servlet.http.HttpServletRequest)
-     */
-    public Map obtainAttributes(HttpServletRequest request) {
-        Map attributes = ServletUtils.extractCookiesValues(request, this.getKeys());
-
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Obtained attributes=[" + attributes + "] from cookies");
-        }
-
-        return attributes;
-    }
-
-    public void afterPropertiesSet() throws Exception {
-        Assert.notNull(this.keys, "keys must be not null");
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/CookieUsernameSource.java

@@ -1,70 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.security.util.ServletUtils;
-import org.springframework.util.Assert;
-
-/**
- * Source of the username supplied with pre-authenticated authentication request as cookie. The
- * <tt>usernameKey</tt> property must be set, which will be used to extract the username from the
- * cookie.
- * 
- * @author Valery Tydykov
- * 
- */
-public class CookieUsernameSource implements UsernameSource, InitializingBean {
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    // username key
-    private String usernameKey;
-
-    public String obtainUsername(HttpServletRequest request) {
-        String username = ServletUtils.findCookieValue(request, getUsernameKey());
-
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Obtained username=[" + username + "] from cookie");
-        }
-
-        return username;
-    }
-
-    /**
-     * @return the usernameKey
-     */
-    public String getUsernameKey() {
-        return usernameKey;
-    }
-
-    /**
-     * @param usernameKey the usernameKey to set
-     */
-    public void setUsernameKey(String usernameKey) {
-        Assert.hasLength(usernameKey, "usernameKey must be not empty");
-        this.usernameKey = usernameKey;
-    }
-
-    public void afterPropertiesSet() throws Exception {
-        Assert.hasLength(this.usernameKey, "usernameKey must be not empty");
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/HeaderAttributesSource.java

@@ -1,78 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.security.util.ServletUtils;
-import org.springframework.util.Assert;
-
-/**
- * Source of the attributes associated with pre-authenticated authentication request. The attributes
- * can be supplied in the request header. The keys for values to be extracted must be specified as a
- * <tt>keys</tt> property.
- * 
- * @author Valery Tydykov
- * 
- */
-public class HeaderAttributesSource implements AttributesSource, InitializingBean {
-
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    // keys for values to be extracted
-    private List keys;
-
-    /**
-     * @return the keys
-     */
-    public List getKeys() {
-        return this.keys;
-    }
-
-    /**
-     * @param keys the keys to set
-     */
-    public void setKeys(List keys) {
-        this.keys = keys;
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.security.ui.preauth.AttributesSource#obtainAttributes(javax.servlet.http.HttpServletRequest)
-     */
-    public Map obtainAttributes(HttpServletRequest request) {
-        Map attributes = ServletUtils.extractHeaderValues(request, this.getKeys());
-
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Obtained attributes=[" + attributes + "] from header");
-        }
-
-        return attributes;
-    }
-
-    public void afterPropertiesSet() throws Exception {
-        Assert.notNull(this.keys, "keys must be not null");
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/HeaderUsernameSource.java

@@ -1,69 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.util.Assert;
-
-/**
- * Source of the username supplied with pre-authenticated authentication request as header value.
- * The <tt>usernameKey</tt> property must be set, which will be used to extract the username from
- * the header.
- * 
- * @author Valery Tydykov
- * 
- */
-public class HeaderUsernameSource implements UsernameSource, InitializingBean {
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    // username key
-    private String usernameKey;
-
-    public String obtainUsername(HttpServletRequest request) {
-        String userName = request.getHeader(getUsernameKey());
-
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Obtained username=[" + userName + "] from header");
-        }
-
-        return userName;
-    }
-
-    /**
-     * @return the usernameKey
-     */
-    public String getUsernameKey() {
-        return usernameKey;
-    }
-
-    /**
-     * @param usernameKey the usernameKey to set
-     */
-    public void setUsernameKey(String usernameKey) {
-        Assert.hasLength(usernameKey, "usernameKey must be not empty");
-        this.usernameKey = usernameKey;
-    }
-
-    public void afterPropertiesSet() throws Exception {
-        Assert.hasLength(this.usernameKey, "usernameKey must be not empty");
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/PropertyAttributesSource.java

@@ -1,67 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-/**
- * Source of the attributes associated with pre-authenticated authentication request. The attributes
- * can be supplied in the <tt>attributes</tt> property (configuration file).
- * 
- * @author Valery Tydykov
- * 
- */
-public class PropertyAttributesSource implements AttributesSource {
-
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    private Map attributes = new HashMap();
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.security.ui.preauth.AttributesSource#obtainAttributes(javax.servlet.http.HttpServletRequest)
-     */
-    public Map obtainAttributes(HttpServletRequest request) {
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Obtained attributes=[" + attributes + "] from property");
-        }
-
-        return attributes;
-    }
-
-    /**
-     * @return the attributes
-     */
-    public Map getAttributes() {
-        return this.attributes;
-    }
-
-    /**
-     * @param attributes the attributes to set
-     */
-    public void setAttributes(Map attributes) {
-        this.attributes = attributes;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/RemoteUserUsernameSource.java

@@ -1,77 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.security.util.StringUtils;
-
-/**
- * Source of the username supplied with pre-authenticated authentication request as remote user
- * header value. Optionally can strip prefix: "domain\\username" -> "username", if
- * <tt>stripPrefix</tt> property value is "true".
- * 
- * @author Valery Tydykov
- * 
- */
-public class RemoteUserUsernameSource implements UsernameSource {
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    private boolean stripPrefix = true;
-
-    public String obtainUsername(HttpServletRequest request) {
-        String username = request.getRemoteUser();
-
-        if (this.isStripPrefix()) {
-            username = this.stripPrefix(username);
-        }
-
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Obtained username=[" + username + "] from remote user");
-        }
-
-        return username;
-    }
-
-    private String stripPrefix(String userName) {
-        if (!StringUtils.notNull(userName).equals("")) {
-            int index = userName.lastIndexOf("\\");
-            if (index != -1) {
-                userName = userName.substring(index + 1);
-            }
-        }
-
-        return userName;
-    }
-
-    /**
-     * @return the stripPrefix
-     */
-    public boolean isStripPrefix() {
-        return stripPrefix;
-    }
-
-    /**
-     * @param stripPrefix the stripPrefix to set
-     */
-    public void setStripPrefix(boolean stripPrefix) {
-        this.stripPrefix = stripPrefix;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/RequestParameterUsernameSource.java

@@ -1,68 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.util.Assert;
-
-/**
- * Source of the username supplied with pre-authenticated authentication request as request
- * parameter. The <tt>usernameKey</tt> property must be set, which will be used to extract the
- * username from the request parameter.
- * 
- * @author Valery Tydykov
- * 
- */
-public class RequestParameterUsernameSource implements UsernameSource, InitializingBean {
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    private String usernameKey;
-
-    public String obtainUsername(HttpServletRequest request) {
-        String userName = request.getParameter(getUsernameKey());
-
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Obtained username=[" + userName + "] from request parameter");
-        }
-
-        return userName;
-    }
-
-    /**
-     * @return the usernameKey
-     */
-    public String getUsernameKey() {
-        return this.usernameKey;
-    }
-
-    /**
-     * @param usernameKey the usernameKey to set
-     */
-    public void setUsernameKey(String usernameKey) {
-        Assert.hasLength(usernameKey, "usernameKey must be not empty");
-        this.usernameKey = usernameKey;
-    }
-
-    public void afterPropertiesSet() throws Exception {
-        Assert.hasLength(usernameKey, "usernameKey must be not empty");
-    }
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/UsernameSource.java

@@ -1,35 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * Source of the username supplied with pre-authenticated authentication request. The username can
- * be supplied in the request: in cookie, request header, request parameter or as
- * ServletRequest.getRemoteUser().
- * 
- * @author Valery Tydykov
- * 
- */
-public interface UsernameSource {
-    /**
-     * Obtain username supplied in the request.
-     * 
-     * @param request with username
-     * @return username or null if not supplied
-     */
-    public String obtainUsername(HttpServletRequest request);
-}

sandbox/other/src/main/java/org/springframework/security/ui/preauth/UsernameSourcePreAuthenticatedProcessingFilter.java

@@ -1,103 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.springframework.security.ui.FilterChainOrder;
-import org.springframework.util.Assert;
-
-/**
- * Flexible pre-authenticated filter which obtains username and other values supplied in the request
- * (in headers, or in cookies, or in HttpServletRequest.getRemoteUser()), for use with SSO systems.
- * <p>
- * Has additional <tt>usernameSource</tt> property.
- * <p>
- * Will create Authentication object (and attach it to the SecurityContextHolder), if such object
- * does not exist yet.
- * <p>
- * As with most pre-authenticated scenarios, it is essential that the external authentication system
- * is set up correctly as this filter does no authentication whatsoever. All the protection is
- * assumed to be provided externally and if this filter is included inappropriately in a
- * configuration, it would be possible to assume the identity of a user merely by setting the
- * correct header name. This also means it should not be used in combination with other Spring
- * Security authentication mechanisms such as form login, as this would imply there was a means of
- * bypassing the external system which would be risky.
- * <p>
- * 
- * @author Valery Tydykov
- */
-public class UsernameSourcePreAuthenticatedProcessingFilter extends
-        AbstractPreAuthenticatedProcessingFilter {
-    private UsernameSource usernameSource;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.ui.AbstractProcessingFilter#afterPropertiesSet()
-     */
-    public void afterPropertiesSet() throws Exception {
-        super.afterPropertiesSet();
-
-        Assert.notNull(this.getUsernameSource(), "usernameSource must be set");
-    }
-
-    /**
-     * @return the usernameSource
-     */
-    public UsernameSource getUsernameSource() {
-        return usernameSource;
-    }
-
-    /**
-     * @param usernameSource the usernameSource to set
-     */
-    public void setUsernameSource(UsernameSource usernameSource) {
-        Assert.notNull(usernameSource, "usernameSource must be specified");
-
-        this.usernameSource = usernameSource;
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.security.ui.preauth.AbstractPreAuthenticatedProcessingFilter#getPreAuthenticatedCredentials(javax.servlet.http.HttpServletRequest)
-     */
-    protected Object getPreAuthenticatedCredentials(HttpServletRequest request) {
-        // no password - user is already authenticated
-        return "NONE";
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.security.ui.preauth.AbstractPreAuthenticatedProcessingFilter#getPreAuthenticatedPrincipal(javax.servlet.http.HttpServletRequest)
-     */
-    protected Object getPreAuthenticatedPrincipal(HttpServletRequest request) {
-        // obtain username from request
-        String username = this.getUsernameSource().obtainUsername(request);
-
-        return username;
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.core.Ordered#getOrder()
-     */
-    public int getOrder() {
-        return FilterChainOrder.PRE_AUTH_FILTER;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AccountMapper.java

@@ -1,38 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.ldap;
-
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.userdetails.UserDetails;
-
-/**
- * Maps user (loaded from the primary user accounts repository, e.g. LDAP) to username in secondary
- * user accounts repository.
- * 
- * 
- * @author Valery Tydykov
- * 
- */
-public interface AccountMapper {
-
-    /**
-     * Map user to username in secondary user accounts repository.
-     * 
-     * @param user, loaded from the primary user accounts repository.
-     * @return username for secondary user accounts repository.
-     * @throws AuthenticationException if can not map given user.
-     */
-    String map(UserDetails user) throws AuthenticationException;
-}

sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AuthorityByPrefixAccountMapper.java

@@ -1,93 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.ldap;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.util.Assert;
-
-import java.util.List;
-
-/**
- * Maps user (loaded from the primary user accounts repository, e.g. LDAP) to username in secondary
- * user accounts repository. Tries to find user's authority with name starting with
- * <tt>authorityPrefix</tt>.
- * 
- * 
- * @author Valery Tydykov
- * 
- */
-public class AuthorityByPrefixAccountMapper implements AccountMapper, InitializingBean {
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    // prefix of the authority to find
-    private String authorityPrefix;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.security.userdetails.ldap.AccountMapper#map(org.springframework.security.userdetails.UserDetails)
-     */
-    public String map(UserDetails user) throws AuthenticationException {
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Mapping account=[" + user.getUsername()
-                    + "]: search authorities for authority prefix=[" + this.getAuthorityPrefix()
-                    + "]");
-        }
-
-        // search authorities for authority prefix
-        List<GrantedAuthority> authorities = user.getAuthorities();
-        for (int i = 0; i < authorities.size(); i++) {
-            String authority = authorities.get(i).getAuthority();
-            if (authority.startsWith(this.getAuthorityPrefix())) {
-                if (this.logger.isDebugEnabled()) {
-                    this.logger.debug("Authority found=[" + authority + "]");
-                }
-
-                return authority;
-            }
-        }
-
-        // not found
-        // TODO message with UserDetails and authorityPrefix?
-        throw new AuthorityNotFoundException(null);
-    }
-
-    /**
-     * @return the authorityPrefix
-     */
-    public String getAuthorityPrefix() {
-        return authorityPrefix;
-    }
-
-    /**
-     * @param authorityPrefix the authorityPrefix to set
-     */
-    public void setAuthorityPrefix(String authorityPrefix) {
-        Assert.hasLength(authorityPrefix, "authorityPrefix must be not empty");
-        this.authorityPrefix = authorityPrefix;
-    }
-
-    public void afterPropertiesSet() throws Exception {
-        Assert.hasLength(authorityPrefix, "authorityPrefix must be not empty");
-    }
-}

sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AuthorityNotFoundException.java

@@ -1,35 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.ldap;
-
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.GrantedAuthority;
-
-/**
- * Thrown if an {@link AccountMapper} implementation cannot find a {@link GrantedAuthority} by the
- * given prefix.
- * 
- * @author Valery Tydykov
- */
-public class AuthorityNotFoundException extends AuthenticationException {
-
-    public AuthorityNotFoundException(String msg, Throwable t) {
-        super(msg, t);
-    }
-
-    public AuthorityNotFoundException(String msg) {
-        super(msg);
-    }
-}

sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/ReplacingUserDetailsMapper.java

@@ -1,134 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.ldap;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.dao.DataAccessException;
-import org.springframework.ldap.core.DirContextOperations;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.AuthenticationServiceException;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UserDetailsService;
-import org.springframework.util.Assert;
-
-import java.util.List;
-/**
- * The context mapper used by the LDAP authentication provider to create an LDAP user object.
- * Creates the final <tt>UserDetails</tt> object that will be returned by the provider once the
- * user has been authenticated, replacing the original <tt>UserDetails</tt> object. Has additional
- * properties <tt>userDetailsService</tt> and <tt>accountMapper</tt>, which are used to map
- * original user to username in secondary repository and to retrieve UserDetails from the secondary
- * account repository.
- * 
- * 
- * @author Valery Tydykov
- * 
- */
-public class ReplacingUserDetailsMapper extends LdapUserDetailsMapper implements InitializingBean {
-
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    /**
-     * service which will be used to retrieve UserDetails from the secondary account repository
-     */
-    private UserDetailsService userDetailsService;
-
-    /**
-     * mapper which will be used to map original user to username in secondary repository
-     */
-    private AccountMapper accountMapper;
-
-    /**
-     * @return the userDetailsService
-     */
-    public UserDetailsService getUserDetailsService() {
-        return this.userDetailsService;
-    }
-
-    /**
-     * @param userDetailsService the userDetailsService to set
-     */
-    public void setUserDetailsService(UserDetailsService userDetailsService) {
-        Assert.notNull(userDetailsService, "UserDetailsService must be supplied");
-        this.userDetailsService = userDetailsService;
-    }
-
-    /**
-     * @return the accountMapper
-     */
-    public AccountMapper getAccountMapper() {
-        return this.accountMapper;
-    }
-
-    /**
-     * @param accountMapper the accountMapper to set
-     */
-    public void setAccountMapper(AccountMapper accountMapper) {
-        Assert.notNull(accountMapper, "AccountMapper must be supplied");
-        this.accountMapper = accountMapper;
-    }
-
-    public void afterPropertiesSet() throws Exception {
-        Assert.notNull(userDetailsService, "UserDetailsService must be supplied");
-        Assert.notNull(accountMapper, "AccountMapper must be supplied");
-    }
-
-    /*
-     * Creates the final <tt>UserDetails</tt> object that will be returned by the provider once
-     * the user has been authenticated, replacing the original <tt>UserDetails</tt> object.
-     */
-    public UserDetails mapUserFromContext(DirContextOperations ctx, String username,
-            List<GrantedAuthority> authorities) {
-        UserDetails userOriginal = super.mapUserFromContext(ctx, username, authorities);
-
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Replacing UserDetails with username=[" + userOriginal.getUsername()
-                    + "]");
-        }
-
-        // map user to secondary username
-        String usernameMapped = this.getAccountMapper().map(userOriginal);
-
-        // replace original UserDetails with the secondary UserDetails
-        UserDetails user = retrieveUser(usernameMapped);
-
-        return user;
-    }
-
-    protected UserDetails retrieveUser(String username) throws AuthenticationException {
-        UserDetails loadedUser;
-
-        // retrieve UserDetails from the secondary account repository
-        try {
-            loadedUser = this.getUserDetailsService().loadUserByUsername(username);
-        } catch (DataAccessException repositoryProblem) {
-            throw new AuthenticationServiceException(repositoryProblem.getMessage(),
-                repositoryProblem);
-        }
-
-        if (loadedUser == null) {
-            throw new AuthenticationServiceException(
-                "UserDetailsService returned null, which is an interface contract violation");
-        }
-
-        return loadedUser;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/UsernameFromPropertyAccountMapper.java

@@ -1,69 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.ldap;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.util.Assert;
-
-/**
- * Maps user (loaded from the primary user accounts repository, e.g. LDAP) to username in secondary
- * user accounts repository. Maps all users to the same <tt>username</tt>.
- * 
- * 
- * @author Valery Tydykov
- * 
- */
-public class UsernameFromPropertyAccountMapper implements AccountMapper, InitializingBean {
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    // single username to map to
-    private String username;
-
-    public String map(UserDetails user) throws AuthenticationException {
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Mapping account=[" + user.getUsername() + "] to account=["
-                    + this.getUsername() + "]");
-        }
-
-        // map all users to the same userName
-        return this.getUsername();
-    }
-
-    public void afterPropertiesSet() throws Exception {
-        Assert.hasLength(username, "userName must be not empty");
-    }
-
-    /**
-     * @return the username
-     */
-    public String getUsername() {
-        return this.username;
-    }
-
-    /**
-     * @param username the username to set
-     */
-    public void setUsername(String username) {
-        Assert.hasLength(username, "userName must be not empty");
-        this.username = username;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/UsernameFromUserdetailsAccountMapper.java

@@ -1,47 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.ldap;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.userdetails.UserDetails;
-
-/**
- * Maps user (loaded from the primary user accounts repository, e.g. LDAP) to username in secondary
- * user accounts repository. One-to-one mapping, e.g. maps user with <tt>username</tt> to user
- * with the same <tt>username</tt>.
- * 
- * @author Joel Emery
- * 
- */
-public class UsernameFromUserdetailsAccountMapper implements AccountMapper {
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    public String map(UserDetails user) throws AuthenticationException {
-        // get username from UserDetails
-        String username = user.getUsername();
-
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Mapping account=[" + username + "] to account=[" + username + "]");
-        }
-
-        // map cn to userName
-        return username;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/AccountMapper.java

@@ -1,37 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.preauth;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-
-/**
- * Maps username (from the primary user accounts repository, e.g. LDAP) to username in secondary
- * user accounts repository.
- * 
- * 
- * @author Valery Tydykov
- * 
- */
-public interface AccountMapper {
-    /**
-     * Map username to username in secondary user accounts repository.
-     * 
-     * @param authenticationRequest, with username from the primary user accounts repository.
-     * @return username for secondary user accounts repository.
-     * @throws AuthenticationException if cannot map given username.
-     */
-    String map(Authentication authenticationRequest) throws AuthenticationException;
-}

sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UserDetailsMappingServiceWrapper.java

@@ -1,96 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.preauth;
-
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.dao.DataAccessException;
-import org.springframework.security.Authentication;
-import org.springframework.security.userdetails.AuthenticationUserDetailsService;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UserDetailsService;
-import org.springframework.security.userdetails.UsernameNotFoundException;
-import org.springframework.util.Assert;
-
-/**
- * This implementation for AuthenticationUserDetailsService wraps a regular Spring Security
- * UserDetailsService implementation, to retrieve a UserDetails object based on the mapping of the
- * user name contained in a PreAuthenticatedAuthenticationToken to user name expected by the
- * userDetailsService.
- * 
- * @author Valery Tydykov
- */
-public class UserDetailsMappingServiceWrapper implements AuthenticationUserDetailsService,
-        InitializingBean {
-    private UserDetailsService userDetailsService;
-
-    private AccountMapper accountMapper;
-
-    /**
-     * Check whether all required properties have been set.
-     * 
-     * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
-     */
-    public void afterPropertiesSet() throws Exception {
-        Assert.notNull(this.userDetailsService, "UserDetailsService must be set");
-        Assert.notNull(this.accountMapper, "AccountMapper must be set");
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.security.userdetails.AuthenticationUserDetailsService#loadUserDetails(org.springframework.security.Authentication)
-     */
-    public UserDetails loadUserDetails(Authentication authentication)
-            throws UsernameNotFoundException, DataAccessException {
-
-        // Determine username for the secondary authentication repository
-        String username = this.getAccountMapper().map(authentication);
-
-        // get the UserDetails object from the wrapped UserDetailsService implementation
-        return userDetailsService.loadUserByUsername(username);
-    }
-
-    /**
-     * Set the wrapped UserDetailsService implementation
-     * 
-     * @param aUserDetailsService The wrapped UserDetailsService to set
-     */
-    public void setUserDetailsService(UserDetailsService userDetailsService) {
-        Assert.notNull(userDetailsService, "UserDetailsService must not be null");
-        this.userDetailsService = userDetailsService;
-    }
-
-    /**
-     * @return the accountMapper
-     */
-    public AccountMapper getAccountMapper() {
-        return this.accountMapper;
-    }
-
-    /**
-     * @param accountMapper the accountMapper to set
-     */
-    public void setAccountMapper(AccountMapper accountMapper) {
-        Assert.notNull(accountMapper, "accountMapper must not be null");
-        this.accountMapper = accountMapper;
-    }
-
-    /**
-     * @return the userDetailsService
-     */
-    public UserDetailsService getUserDetailsService() {
-        return this.userDetailsService;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UsernameFromPropertyAccountMapper.java

@@ -1,74 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.preauth;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-import org.springframework.util.Assert;
-
-/**
- * Maps username (from the primary user accounts repository, e.g. LDAP) to username in secondary
- * user accounts repository. Maps all users to the same <tt>username</tt>.
- * 
- * 
- * @author Valery Tydykov
- * 
- */
-public class UsernameFromPropertyAccountMapper implements AccountMapper, InitializingBean {
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    // single username to map to
-    private String username;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.security.providers.preauth.AccountMapper#map(org.springframework.security.Authentication)
-     */
-    public String map(Authentication authenticationRequest) throws AuthenticationException {
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Mapping account=[" + authenticationRequest.getName()
-                    + "] to account=[" + this.getUsername() + "]");
-        }
-
-        // map all users to the same userName
-        return this.getUsername();
-    }
-
-    /**
-     * @return the username
-     */
-    public String getUsername() {
-        return username;
-    }
-
-    /**
-     * @param username the username to set
-     */
-    public void setUsername(String username) {
-        Assert.hasLength(username, "username must be not empty");
-        this.username = username;
-    }
-
-    public void afterPropertiesSet() throws Exception {
-        Assert.hasLength(username, "username must be set");
-    }
-}

sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UsernameFromRequestAccountMapper.java

@@ -1,51 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.preauth;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-
-/**
- * Maps username (from the primary user accounts repository, e.g. LDAP) to username in secondary
- * user accounts repository. Uses username supplied in the <tt>authenticationRequest</tt> as
- * secondary authentication storage username.
- * 
- * 
- * @author Valery Tydykov
- * 
- */
-public class UsernameFromRequestAccountMapper implements AccountMapper {
-    /**
-     * Logger for this class and subclasses
-     */
-    protected final Log logger = LogFactory.getLog(this.getClass());
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.springframework.security.providers.preauth.AccountMapper#map(org.springframework.security.Authentication)
-     */
-    public String map(Authentication authenticationRequest) throws AuthenticationException {
-        String username = authenticationRequest.getName();
-        if (this.logger.isDebugEnabled()) {
-            this.logger.debug("Mapping account=[" + username + "] to account=[" + username + "]");
-        }
-
-        // use SSO username as secondary authentication storage username
-        return username;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/util/ServletUtils.java

@@ -1,99 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.util;
-
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-
-import org.springframework.util.Assert;
-
-/**
- * Servlet API-related methods.
- * 
- * @author Valery Tydykov
- * 
- */
-public final class ServletUtils {
-    /**
-     * This is a static class that should not be instantiated.
-     */
-    private ServletUtils() throws InstantiationException {
-    }
-
-    public static Map extractHeaderValues(HttpServletRequest request, List keys) {
-        Assert.notNull(request);
-        Assert.notNull(keys);
-
-        final Map headerValues = new HashMap();
-        // for each header name/value
-        for (Enumeration en = request.getHeaderNames(); en.hasMoreElements();) {
-            String key = (String) en.nextElement();
-
-            if (keys.contains(key)) {
-                // found key in the list of the keys to return
-                String value = request.getHeader(key);
-                headerValues.put(key, value);
-            }
-        }
-
-        return headerValues;
-    }
-
-    public static Map extractCookiesValues(HttpServletRequest request, List keys) {
-        Assert.notNull(request);
-        Assert.notNull(keys);
-
-        final Map cookiesValues = new HashMap();
-        final Cookie[] cookies = request.getCookies();
-        if (cookies != null) {
-            // for each cookie
-            for (int i = 0; i < cookies.length; i++) {
-                String key = cookies[i].getName();
-
-                if (keys.contains(key)) {
-                    // found key in the list of the keys to return
-                    String value = cookies[i].getValue();
-                    cookiesValues.put(key, value);
-                }
-            }
-        }
-
-        return cookiesValues;
-    }
-
-    public static String findCookieValue(final HttpServletRequest request, final String key) {
-        Assert.notNull(request);
-
-        String value = null;
-        final Cookie[] cookies = request.getCookies();
-        if (cookies != null) {
-            // find cookie key
-            for (int i = 0; i < cookies.length; i++) {
-                if (StringUtils.notNull(cookies[i].getName()).equals(key)) {
-                    // cookie key found
-                    value = cookies[i].getValue();
-                    break;
-                }
-            }
-        }
-
-        return value;
-    }
-}

sandbox/other/src/main/java/org/springframework/security/util/StringUtils.java

@@ -1,69 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.util;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * String manipulation methods.
- * 
- * @author Valery Tydykov
- * 
- */
-public final class StringUtils {
-
-    /**
-     * This is a static class that should not be instantiated.
-     */
-    private StringUtils() throws InstantiationException {
-    }
-
-    /**
-     * Tokenizes source string using another string as separator.
-     * 
-     * @param source source string
-     * @param separator separator string
-     * @return List of tokens found in the source string.
-     */
-    public static List tokenizeString(String source, String separator) {
-        List tokens = new ArrayList();
-        if (source != null && source.length() > 0) {
-            while (source.indexOf(separator) != -1) {
-                int index = source.indexOf(separator);
-                tokens.add(source.substring(0, index));
-                source = source.substring(index + separator.length());
-            }
-            tokens.add(source);
-        }
-        return tokens;
-    }
-
-    /**
-     * Make sure a string is not null.
-     * 
-     * @param object string, might be null
-     * @return empty string if the original was null or not String, else the original
-     */
-    public static String notNull(Object object) {
-        if (object == null) {
-            return "";
-        } else if (!(object instanceof String)) {
-            return String.valueOf(object);
-        } else {
-            return (String) object;
-        }
-    }
-}

sandbox/other/src/test/java/org/springframework/security/AspectJParsingTests.java

@@ -1,51 +0,0 @@
-package org.springframework.security;
-
-import java.lang.reflect.Method;
-import java.util.HashSet;
-import java.util.Set;
-
-import junit.framework.Assert;
-
-import org.aspectj.lang.annotation.Pointcut;
-import org.aspectj.weaver.tools.PointcutExpression;
-import org.aspectj.weaver.tools.PointcutParser;
-import org.aspectj.weaver.tools.PointcutPrimitive;
-import org.junit.Test;
-
-/**
- * A quick play with AspectJ pointcut parsing. Was contemplating using this for MapBasedMethodDefinitionSource refactoring,
- * but decided to revisit at a future point. Requires aspectjweaver-1.5.3.jar in classpath.
- * 
- * @author Ben Alex
- */
-
-public class AspectJParsingTests {
-    private static final Set DEFAULT_SUPPORTED_PRIMITIVES = new HashSet();
-
-    @Pointcut("execution(int TargetObject.countLength(String))")
-    public void goodPointcut() {}
-
-    static {
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.CALL);
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.EXECUTION);
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.ARGS);
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.REFERENCE);
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.THIS);
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.TARGET);
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.WITHIN);
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.AT_ANNOTATION);
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.AT_WITHIN);
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.AT_ARGS);
-        DEFAULT_SUPPORTED_PRIMITIVES.add(PointcutPrimitive.AT_TARGET);
-    }
-
-    @Test
-    public void testMatches() throws Exception {
-        PointcutParser parser = PointcutParser.getPointcutParserSupportingSpecifiedPrimitivesAndUsingContextClassloaderForResolution(DEFAULT_SUPPORTED_PRIMITIVES);
-        PointcutExpression expression = parser.parsePointcutExpression("org.springframework.security.AspectJParsingTests.goodPointcut()");
-
-        Method exec = OtherTargetObject.class.getMethod("countLength", new Class[] {String.class});
-        Assert.assertTrue(expression.matchesMethodExecution(exec).alwaysMatches());
-    }
-
-}

sandbox/other/src/test/java/org/springframework/security/ldap/ppolicy/PasswordPolicyResponseControlTests.java

@@ -1,128 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.ldap.ppolicy;
-
-import junit.framework.TestCase;
-
-import javax.naming.NamingException;
-import javax.naming.ldap.InitialLdapContext;
-import javax.naming.ldap.Control;
-
-/**
- * Tests for <tt>PasswordPolicyResponse</tt>.
- *
- * @author Luke Taylor
- * @version $Id$
- */
-public class PasswordPolicyResponseControlTests extends TestCase {
-    //~ Methods ========================================================================================================
-
-    /**
-     * Useful method for obtaining data from a server for use in tests
-     */
-//    public void testAgainstServer() throws Exception {
-//        Hashtable env = new Hashtable();
-//        env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
-//        env.put(Context.PROVIDER_URL, "ldap://gorille:389/");
-//        env.put(Context.SECURITY_AUTHENTICATION, "simple");
-//        env.put(Context.SECURITY_PRINCIPAL, "cn=manager,dc=security,dc=org");
-//        env.put(Context.SECURITY_CREDENTIALS, "security");
-//        env.put(LdapContext.CONTROL_FACTORIES, PasswordPolicyControlFactory.class.getName());
-//
-//        InitialLdapContext ctx = new InitialLdapContext(env, null);
-//
-//        Control[] rctls = { new PasswordPolicyControl(false) };
-//
-//        ctx.setRequestControls(rctls);
-//
-//        try {
-//            ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, "uid=bob,ou=people,dc=security,dc=org" );
-//            ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, "bobspassword");
-//            Object o = ctx.lookup("");
-//
-//            System.out.println(o);
-//
-//        } catch(NamingException ne) {
-//            // Ok.
-//            System.err.println(ne);
-//        }
-//
-//        PasswordPolicyResponseControl ctrl = getPPolicyResponseCtl(ctx);
-//        System.out.println(ctrl);
-//
-//        assertNotNull(ctrl);
-//
-//        //com.sun.jndi.ldap.LdapPoolManager.showStats(System.out);
-//    }
-
-
-    private PasswordPolicyResponseControl getPPolicyResponseCtl(InitialLdapContext ctx) throws NamingException {
-        Control[] ctrls = ctx.getResponseControls();
-
-        for (int i = 0; ctrls != null && i < ctrls.length; i++) {
-            if (ctrls[i] instanceof PasswordPolicyResponseControl) {
-                return (PasswordPolicyResponseControl) ctrls[i];
-            }
-        }
-
-        return null;
-    }
-
-    public void testOpenLDAP33SecondsTillPasswordExpiryCtrlIsParsedCorrectly() {
-        byte[] ctrlBytes = {0x30, 0x05, (byte) 0xA0, 0x03, (byte) 0xA0, 0x1, 0x21};
-
-        PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
-
-        assertTrue(ctrl.hasWarning());
-        assertEquals(33, ctrl.getTimeBeforeExpiration());
-    }
-
-    public void testOpenLDAP496GraceLoginsRemainingCtrlIsParsedCorrectly() {
-        byte[] ctrlBytes = {0x30, 0x06, (byte) 0xA0, 0x04, (byte) 0xA1, 0x02, 0x01, (byte) 0xF0};
-
-        PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
-
-        assertTrue(ctrl.hasWarning());
-        assertEquals(496, ctrl.getGraceLoginsRemaining());
-    }
-
-    public void testOpenLDAP5GraceLoginsRemainingCtrlIsParsedCorrectly() {
-        byte[] ctrlBytes = {0x30, 0x05, (byte) 0xA0, 0x03, (byte) 0xA1, 0x01, 0x05};
-
-        PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
-
-        assertTrue(ctrl.hasWarning());
-        assertEquals(5, ctrl.getGraceLoginsRemaining());
-    }
-
-    public void testOpenLDAPAccountLockedCtrlIsParsedCorrectly() {
-        byte[] ctrlBytes = {0x30, 0x03, (byte) 0xA1, 0x01, 0x01};
-
-        PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
-
-        assertTrue(ctrl.hasError() && ctrl.isLocked());
-        assertFalse(ctrl.hasWarning());
-    }
-
-    public void testOpenLDAPPasswordExpiredCtrlIsParsedCorrectly() {
-        byte[] ctrlBytes = {0x30, 0x03, (byte) 0xA1, 0x01, 0x00};
-
-        PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
-
-        assertTrue(ctrl.hasError() && ctrl.isExpired());
-        assertFalse(ctrl.hasWarning());
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/AllTests.java

@@ -1,32 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests extends TestCase {
-
-    public AllTests(String s) {
-        super(s);
-    }
-
-    public static Test suite() {
-        TestSuite suite = new TestSuite();
-        suite.addTest(org.springframework.security.ui.preauth.AllTests.suite());
-        return suite;
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/preauth/AllTests.java

@@ -1,47 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests extends TestCase {
-
-    public AllTests(String s) {
-        super(s);
-    }
-
-    public static Test suite() {
-        TestSuite suite = new TestSuite();
-        suite
-            .addTestSuite(org.springframework.security.ui.preauth.AttributesSourceWebAuthenticationDetailsSourceTest.class);
-        suite
-            .addTestSuite(org.springframework.security.ui.preauth.CookieAttributesSourceTest.class);
-        suite.addTestSuite(org.springframework.security.ui.preauth.CookieUsernameSourceTest.class);
-        suite
-            .addTestSuite(org.springframework.security.ui.preauth.HeaderAttributesSourceTest.class);
-        suite.addTestSuite(org.springframework.security.ui.preauth.HeaderUsernameSourceTest.class);
-        suite
-            .addTestSuite(org.springframework.security.ui.preauth.PropertyAttributesSourceTest.class);
-        suite
-            .addTestSuite(org.springframework.security.ui.preauth.RemoteUserUsernameSourceTest.class);
-        suite
-            .addTestSuite(org.springframework.security.ui.preauth.RequestParameterUsernameSourceTest.class);
-        suite
-            .addTestSuite(org.springframework.security.ui.preauth.UsernameSourcePreAuthenticatedProcessingFilterTest.class);
-        return suite;
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/preauth/AttributesSourceWebAuthenticationDetailsSourceTest.java

@@ -1,176 +0,0 @@
-/**
- * 
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.Cookie;
-
-import junit.framework.TestCase;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-
-/**
- * @author Valery Tydykov
- * 
- */
-public class AttributesSourceWebAuthenticationDetailsSourceTest extends TestCase {
-
-    AttributesSourceWebAuthenticationDetailsSource authenticationDetailsSource;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        authenticationDetailsSource = new AttributesSourceWebAuthenticationDetailsSource();
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        authenticationDetailsSource = null;
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.ui.preauth.AttributesSourceWebAuthenticationDetailsSource#buildDetails(java.lang.Object)}.
-     */
-    public final void testBuildDetailsObjectHeader() {
-        authenticationDetailsSource.setClazz(AuthenticationDetailsImpl.class);
-
-        String key1 = "key1";
-        String value1 = "value1";
-        String key2 = "key2";
-        String value2 = "value2";
-        String key3 = "key3";
-        String value3 = "value3";
-
-        {
-            HeaderAttributesSource attributesSource = new HeaderAttributesSource();
-
-            {
-                List keys = new ArrayList();
-                keys.add(key1);
-                keys.add(key2);
-                keys.add(key3);
-                attributesSource.setKeys(keys);
-            }
-
-            authenticationDetailsSource.setAttributesSource(attributesSource);
-        }
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.addHeader(key1, value1);
-        request.addHeader(key2, value2);
-        request.addHeader(key3, value3);
-        AuthenticationDetailsImpl authenticationDetails = (AuthenticationDetailsImpl) authenticationDetailsSource
-            .buildDetails(request);
-
-        assertEquals(value1, authenticationDetails.getAttributes().get(key1));
-        assertEquals(value2, authenticationDetails.getAttributes().get(key2));
-        assertEquals(value3, authenticationDetails.getAttributes().get(key3));
-    }
-
-    public final void testBuildDetailsObjectCookie() {
-        authenticationDetailsSource.setClazz(AuthenticationDetailsImpl.class);
-
-        String key1 = "key1";
-        String value1 = "value1";
-        String key2 = "key2";
-        String value2 = "value2";
-        String key3 = "key3";
-        String value3 = "value3";
-
-        {
-            CookieAttributesSource attributesSource = new CookieAttributesSource();
-
-            {
-                List keys = new ArrayList();
-                keys.add(key1);
-                keys.add(key2);
-                keys.add(key3);
-                attributesSource.setKeys(keys);
-            }
-
-            authenticationDetailsSource.setAttributesSource(attributesSource);
-        }
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-
-        {
-            Cookie[] cookies = new Cookie[] { new Cookie(key1, value1), new Cookie(key2, value2),
-                    new Cookie(key3, value3) };
-            request.setCookies(cookies);
-        }
-
-        AuthenticationDetailsImpl authenticationDetails = (AuthenticationDetailsImpl) authenticationDetailsSource
-            .buildDetails(request);
-
-        assertEquals(value1, authenticationDetails.getAttributes().get(key1));
-        assertEquals(value2, authenticationDetails.getAttributes().get(key2));
-        assertEquals(value3, authenticationDetails.getAttributes().get(key3));
-    }
-
-    public final void testBuildDetailsObjectProperty() {
-        authenticationDetailsSource.setClazz(AuthenticationDetailsImpl.class);
-
-        String key1 = "key1";
-        String value1 = "value1";
-        String key2 = "key2";
-        String value2 = "value2";
-        String key3 = "key3";
-        String value3 = "value3";
-
-        {
-            PropertyAttributesSource attributesSource = new PropertyAttributesSource();
-
-            {
-                Map attributes = new HashMap();
-                attributes.put(key1, value1);
-                attributes.put(key2, value2);
-                attributes.put(key3, value3);
-                attributesSource.setAttributes(attributes);
-            }
-
-            authenticationDetailsSource.setAttributesSource(attributesSource);
-        }
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-
-        AuthenticationDetailsImpl authenticationDetails = (AuthenticationDetailsImpl) authenticationDetailsSource
-            .buildDetails(request);
-
-        assertEquals(value1, authenticationDetails.getAttributes().get(key1));
-        assertEquals(value2, authenticationDetails.getAttributes().get(key2));
-        assertEquals(value3, authenticationDetails.getAttributes().get(key3));
-    }
-
-    public final void testSetUsername() {
-        try {
-            authenticationDetailsSource.setAttributesSource(null);
-            fail("exception expected");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-
-    public final void testAfterPropertiesSet() {
-        try {
-            authenticationDetailsSource.afterPropertiesSet();
-            fail("expected exception");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/preauth/CookieAttributesSourceTest.java

@@ -1,80 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.Cookie;
-
-import junit.framework.TestCase;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-
-/**
- * @author Valery Tydykov
- * 
- */
-public class CookieAttributesSourceTest extends TestCase {
-
-    CookieAttributesSource attributesSource;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        attributesSource = new CookieAttributesSource();
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        attributesSource = null;
-    }
-
-    public final void testObtainAttributes() {
-        String key1 = "key1";
-        String value1 = "value1";
-        String key2 = "key2";
-        String value2 = "value2";
-        String key3 = "key3";
-
-        {
-            List keys = new ArrayList();
-            keys.add(key1);
-            keys.add(key2);
-            keys.add(key3);
-            attributesSource.setKeys(keys);
-        }
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        {
-            Cookie[] cookies = new Cookie[] { new Cookie(key1, value1), new Cookie(key2, value2) };
-            request.setCookies(cookies);
-        }
-
-        Map attributes = attributesSource.obtainAttributes(request);
-
-        assertEquals(value1, attributes.get(key1));
-        assertEquals(value2, attributes.get(key2));
-        assertEquals(null, attributes.get(key3));
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/preauth/CookieUsernameSourceTest.java

@@ -1,64 +0,0 @@
-/**
- * 
- */
-package org.springframework.security.ui.preauth;
-
-import javax.servlet.http.Cookie;
-
-import junit.framework.TestCase;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-
-/**
- * @author tydykov
- * 
- */
-public class CookieUsernameSourceTest extends TestCase {
-
-    CookieUsernameSource usernameSource;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        usernameSource = new CookieUsernameSource();
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        usernameSource = null;
-    }
-
-    public final void testObtainUsernameSupplied() {
-        String key1 = "key1";
-        String value1 = "value1";
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        {
-            Cookie[] cookies = new Cookie[] { new Cookie(key1, value1) };
-            request.setCookies(cookies);
-        }
-
-        usernameSource.setUsernameKey(key1);
-        String username = usernameSource.obtainUsername(request);
-
-        assertEquals(value1, username);
-    }
-
-    public final void testObtainUsernameNotSupplied() {
-        String key1 = "key1";
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-
-        usernameSource.setUsernameKey(key1);
-        String username = usernameSource.obtainUsername(request);
-
-        assertEquals(null, username);
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/preauth/HeaderAttributesSourceTest.java

@@ -1,76 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-
-import junit.framework.TestCase;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-
-/**
- * @author Valery Tydykov
- * 
- */
-public class HeaderAttributesSourceTest extends TestCase {
-
-    HeaderAttributesSource attributesSource;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        attributesSource = new HeaderAttributesSource();
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        attributesSource = null;
-    }
-
-    public final void testObtainAttributes() {
-        String key1 = "key1";
-        String value1 = "value1";
-        String key2 = "key2";
-        String value2 = "value2";
-        String key3 = "key3";
-
-        {
-            List keys = new ArrayList();
-            keys.add(key1);
-            keys.add(key2);
-            keys.add(key3);
-            attributesSource.setKeys(keys);
-        }
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.addHeader(key1, value1);
-        request.addHeader(key2, value2);
-
-        Map attributes = attributesSource.obtainAttributes(request);
-
-        assertEquals(value1, attributes.get(key1));
-        assertEquals(value2, attributes.get(key2));
-        assertEquals(null, attributes.get(key3));
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/preauth/HeaderUsernameSourceTest.java

@@ -1,70 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import junit.framework.TestCase;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-
-/**
- * @author Valery Tydykov
- * 
- */
-public class HeaderUsernameSourceTest extends TestCase {
-
-    HeaderUsernameSource usernameSource;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        usernameSource = new HeaderUsernameSource();
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        usernameSource = null;
-    }
-
-    public final void testObtainUsernameSupplied() {
-        String key1 = "key1";
-        String value1 = "value1";
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.addHeader(key1, value1);
-
-        usernameSource.setUsernameKey(key1);
-        String username = usernameSource.obtainUsername(request);
-
-        assertEquals(value1, username);
-    }
-
-    public final void testObtainUsernameNotSupplied() {
-        String key1 = "key1";
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-
-        usernameSource.setUsernameKey(key1);
-        String username = usernameSource.obtainUsername(request);
-
-        assertEquals(null, username);
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/preauth/PropertyAttributesSourceTest.java

@@ -1,74 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import junit.framework.TestCase;
-
-/**
- * @author Valery Tydykov
- * 
- */
-public class PropertyAttributesSourceTest extends TestCase {
-
-    PropertyAttributesSource attributesSource;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        attributesSource = new PropertyAttributesSource();
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        attributesSource = null;
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.ui.preauth.PropertyAttributesSource#obtainAttributes(javax.servlet.http.HttpServletRequest)}.
-     */
-    public final void testObtainAttributes() {
-        String key1 = "key1";
-        String value1 = "value1";
-        String key2 = "key2";
-        String value2 = "value2";
-        String key3 = "key3";
-        String value3 = "value3";
-
-        {
-            Map attributes = new HashMap();
-            attributes.put(key1, value1);
-            attributes.put(key2, value2);
-            attributes.put(key3, value3);
-            attributesSource.setAttributes(attributes);
-        }
-
-        Map attributes = attributesSource.obtainAttributes(null);
-
-        assertEquals(value1, attributes.get(key1));
-        assertEquals(value2, attributes.get(key2));
-        assertEquals(value3, attributes.get(key3));
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/preauth/RemoteUserUsernameSourceTest.java

@@ -1,65 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import junit.framework.TestCase;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-
-/**
- * @author Valery Tydykov
- * 
- */
-public class RemoteUserUsernameSourceTest extends TestCase {
-
-    RemoteUserUsernameSource usernameSource;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        usernameSource = new RemoteUserUsernameSource();
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        usernameSource = null;
-    }
-
-    public final void testObtainUsernameSupplied() {
-        String value1 = "value1";
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.setRemoteUser(value1);
-
-        String username = usernameSource.obtainUsername(request);
-
-        assertEquals(value1, username);
-    }
-
-    public final void testObtainUsernameNotSupplied() {
-        MockHttpServletRequest request = new MockHttpServletRequest();
-
-        String username = usernameSource.obtainUsername(request);
-
-        assertEquals(null, username);
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/preauth/RequestParameterUsernameSourceTest.java

@@ -1,70 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import junit.framework.TestCase;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-
-/**
- * @author Valery Tydykov
- * 
- */
-public class RequestParameterUsernameSourceTest extends TestCase {
-
-    RequestParameterUsernameSource usernameSource;
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        usernameSource = new RequestParameterUsernameSource();
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        usernameSource = null;
-    }
-
-    public final void testObtainUsernameSupplied() {
-        String key1 = "key1";
-        String value1 = "value1";
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        request.addParameter(key1, value1);
-
-        usernameSource.setUsernameKey(key1);
-        String username = usernameSource.obtainUsername(request);
-
-        assertEquals(value1, username);
-    }
-
-    public final void testObtainUsernameNotSupplied() {
-        String key1 = "key1";
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-
-        usernameSource.setUsernameKey(key1);
-        String username = usernameSource.obtainUsername(request);
-
-        assertEquals(null, username);
-    }
-}

sandbox/other/src/test/java/org/springframework/security/ui/preauth/UsernameSourcePreAuthenticatedProcessingFilterTest.java

@@ -1,232 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.preauth;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.servlet.FilterChain;
-import javax.servlet.http.Cookie;
-
-import junit.framework.TestCase;
-
-import org.springframework.mock.web.MockFilterChain;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.Authentication;
-import org.springframework.security.MockAuthenticationManager;
-import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.ui.WebAuthenticationDetails;
-
-/**
- * 
- * @author Valery Tydykov
- */
-public class UsernameSourcePreAuthenticatedProcessingFilterTest extends TestCase {
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        super.setUp();
-        // crear security context
-        SecurityContextHolder.getContext().setAuthentication(null);
-    }
-
-    public static final String PROJECT_ID_KEY = "projectIdKey";
-
-    public static final String PROJECT_ID = "projectId";
-
-    public static final String USERNAME_KEY = "usernameKey";
-
-    public static final String USERNAME = "username";
-
-    public void tearDown() throws Exception {
-        // crear security context
-        SecurityContextHolder.getContext().setAuthentication(null);
-        super.tearDown();
-    }
-
-    public void testAttemptAuthenticationNormalOperation() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        // supply username in request header
-        request.addHeader(USERNAME_KEY, USERNAME);
-
-        UsernameSourcePreAuthenticatedProcessingFilter filter = new UsernameSourcePreAuthenticatedProcessingFilter();
-        {
-            MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
-            filter.setAuthenticationManager(authMgr);
-        }
-        {
-            HeaderUsernameSource usernameSource = new HeaderUsernameSource();
-            usernameSource.setUsernameKey(USERNAME_KEY);
-            filter.setUsernameSource(usernameSource);
-        }
-
-        FilterChain filterChain = new MockFilterChain();
-        MockHttpServletResponse response = new MockHttpServletResponse();
-        filter.doFilterHttp(request, response, filterChain);
-
-        Authentication result = SecurityContextHolder.getContext().getAuthentication();
-
-        assertTrue(result != null);
-        assertEquals(USERNAME, result.getPrincipal());
-        assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails())
-            .getRemoteAddress());
-    }
-
-    public void testAttemptAuthenticationNoUsername() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        // no username in request
-
-        UsernameSourcePreAuthenticatedProcessingFilter filter = new UsernameSourcePreAuthenticatedProcessingFilter();
-        {
-            HeaderUsernameSource usernameSource = new HeaderUsernameSource();
-            usernameSource.setUsernameKey(USERNAME_KEY);
-            filter.setUsernameSource(usernameSource);
-        }
-
-        FilterChain filterChain = new MockFilterChain();
-        MockHttpServletResponse response = new MockHttpServletResponse();
-
-        filter.doFilterHttp(request, response, filterChain);
-
-        Authentication result = SecurityContextHolder.getContext().getAuthentication();
-        assertTrue(result == null);
-    }
-
-    public void testAttemptAuthenticationContextPopulatingWebAuthenticationDetailsSourceFromHeader()
-            throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest();
-
-        request.addHeader(USERNAME_KEY, USERNAME);
-        request.addHeader(PROJECT_ID_KEY, PROJECT_ID);
-
-        String key3 = "key3";
-        String value3 = "value3";
-        request.addHeader(key3, value3);
-
-        UsernameSourcePreAuthenticatedProcessingFilter filter = new UsernameSourcePreAuthenticatedProcessingFilter();
-
-        {
-            MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
-            filter.setAuthenticationManager(authMgr);
-        }
-        {
-            AttributesSourceWebAuthenticationDetailsSource authenticationDetailsSource = new AttributesSourceWebAuthenticationDetailsSource();
-            authenticationDetailsSource.setClazz(AuthenticationDetailsImpl.class);
-            {
-                HeaderAttributesSource attributesSource = new HeaderAttributesSource();
-
-                {
-                    List keys = new ArrayList();
-                    keys.add(PROJECT_ID_KEY);
-                    keys.add(key3);
-                    attributesSource.setKeys(keys);
-                }
-
-                authenticationDetailsSource.setAttributesSource(attributesSource);
-            }
-
-            filter.setAuthenticationDetailsSource(authenticationDetailsSource);
-        }
-        {
-            HeaderUsernameSource usernameSource = new HeaderUsernameSource();
-            usernameSource.setUsernameKey(USERNAME_KEY);
-            filter.setUsernameSource(usernameSource);
-        }
-
-        FilterChain filterChain = new MockFilterChain();
-        MockHttpServletResponse response = new MockHttpServletResponse();
-        filter.doFilterHttp(request, response, filterChain);
-
-        Authentication result = SecurityContextHolder.getContext().getAuthentication();
-
-        assertTrue(result != null);
-        assertEquals(USERNAME, result.getPrincipal());
-        assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails())
-            .getRemoteAddress());
-        assertEquals(PROJECT_ID, ((AuthenticationDetailsImpl) result.getDetails()).getAttributes()
-            .get(PROJECT_ID_KEY));
-        assertEquals(value3, ((AuthenticationDetailsImpl) result.getDetails()).getAttributes().get(
-            key3));
-    }
-
-    public void testAttemptAuthenticationContextPopulatingWebAuthenticationDetailsSourceFromCookies()
-            throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        String usernameKey = "usernameKey1";
-        String username = "username1";
-        request.addHeader(usernameKey, username);
-
-        String key2 = "key2";
-        String value2 = "value2";
-        String key3 = "key3";
-        String value3 = "value3";
-
-        {
-            Cookie[] cookies = new Cookie[] { new Cookie(key2, value2), new Cookie(key3, value3) };
-            request.setCookies(cookies);
-        }
-
-        UsernameSourcePreAuthenticatedProcessingFilter filter = new UsernameSourcePreAuthenticatedProcessingFilter();
-        {
-            MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
-            filter.setAuthenticationManager(authMgr);
-        }
-        {
-            AttributesSourceWebAuthenticationDetailsSource authenticationDetailsSource = new AttributesSourceWebAuthenticationDetailsSource();
-            authenticationDetailsSource.setClazz(AuthenticationDetailsImpl.class);
-
-            {
-                CookieAttributesSource attributesSource = new CookieAttributesSource();
-
-                {
-                    List keys = new ArrayList();
-                    keys.add(key2);
-                    keys.add(key3);
-                    attributesSource.setKeys(keys);
-                }
-
-                authenticationDetailsSource.setAttributesSource(attributesSource);
-            }
-
-            filter.setAuthenticationDetailsSource(authenticationDetailsSource);
-        }
-        {
-            HeaderUsernameSource usernameSource = new HeaderUsernameSource();
-            usernameSource.setUsernameKey(usernameKey);
-            filter.setUsernameSource(usernameSource);
-        }
-
-        FilterChain filterChain = new MockFilterChain();
-        MockHttpServletResponse response = new MockHttpServletResponse();
-        filter.doFilterHttp(request, response, filterChain);
-
-        Authentication result = SecurityContextHolder.getContext().getAuthentication();
-
-        assertTrue(result != null);
-        assertEquals(username, result.getPrincipal());
-        assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails())
-            .getRemoteAddress());
-        assertEquals(value2, ((AuthenticationDetailsImpl) result.getDetails()).getAttributes().get(
-            key2));
-        assertEquals(value3, ((AuthenticationDetailsImpl) result.getDetails()).getAttributes().get(
-            key3));
-
-    }
-}

sandbox/other/src/test/java/org/springframework/security/userdetails/AllTests.java

@@ -1,33 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests extends TestCase {
-
-    public AllTests(String s) {
-        super(s);
-    }
-
-    public static Test suite() {
-        TestSuite suite = new TestSuite();
-        suite.addTest(org.springframework.security.userdetails.ldap.AllTests.suite());
-        suite.addTest(org.springframework.security.userdetails.preauth.AllTests.suite());
-        return suite;
-    }
-}

sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/AllTests.java

@@ -1,37 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.ldap;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests extends TestCase {
-
-    public AllTests(String s) {
-        super(s);
-    }
-
-    public static Test suite() {
-        TestSuite suite = new TestSuite();
-        suite
-            .addTestSuite(org.springframework.security.userdetails.ldap.AuthorityByPrefixAccountMapperTest.class);
-        suite
-            .addTestSuite(org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapperTest.class);
-        suite
-            .addTestSuite(org.springframework.security.userdetails.ldap.UsernameFromPropertyAccountMapperTest.class);
-        return suite;
-    }
-}

sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/AuthorityByPrefixAccountMapperTest.java

@@ -1,105 +0,0 @@
-/**
- *
- */
-package org.springframework.security.userdetails.ldap;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.userdetails.User;
-import org.springframework.security.userdetails.UserDetails;
-
-import java.util.*;
-
-/**
- * @author Valery Tydykov
- *
- */
-public class AuthorityByPrefixAccountMapperTest extends TestCase {
-    AuthorityByPrefixAccountMapper mapper;
-
-    /*
-     * (non-Javadoc)
-     *
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        mapper = new AuthorityByPrefixAccountMapper();
-    }
-
-    /*
-     * (non-Javadoc)
-     *
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        mapper = null;
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.AuthorityByPrefixAccountMapper#map(org.springframework.security.userdetails.UserDetails)}.
-     */
-    public final void testNormalOperation() {
-        String expectedAuthority = "prefix1_role1";
-        GrantedAuthority[] authorities = { new GrantedAuthorityImpl(expectedAuthority),
-                new GrantedAuthorityImpl("prefix1_role2") };
-        UserDetails user = new User("username1", "password1", false, false, false, false, Arrays.asList(authorities));
-        mapper.setAuthorityPrefix("prefix1_");
-        String authority = mapper.map(user);
-
-        assertEquals(expectedAuthority, authority);
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.AuthorityByPrefixAccountMapper#map(org.springframework.security.userdetails.UserDetails)}.
-     */
-    public final void testAuthorityNotFoundThrowsException() {
-        String expectedAuthority = "prefix1_role1";
-        GrantedAuthority[] authorities = { new GrantedAuthorityImpl(expectedAuthority) };
-        UserDetails user = new User("username1", "password1", false, false, false, false, Arrays.asList(authorities));
-        mapper.setAuthorityPrefix("NoMatchPrefix");
-
-        try {
-            mapper.map(user);
-            fail("exception expected");
-        } catch (AuthorityNotFoundException expected) {
-        } catch (Exception unexpected) {
-            fail("map throws unexpected exception");
-        }
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.AuthorityByPrefixAccountMapper#afterPropertiesSet()}.
-     */
-    public final void testAfterPropertiesSet() {
-        try {
-            mapper.afterPropertiesSet();
-            fail("exception expected");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-
-    public final void testEmptyPrefixThrowsException() {
-        try {
-            mapper.setAuthorityPrefix("");
-            fail("expected exception");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-
-        try {
-            mapper.setAuthorityPrefix(null);
-            fail("AfterPropertiesSet didn't throw expected exception");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("AfterPropertiesSet throws unexpected exception");
-        }
-    }
-}

sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/ReplacingUserDetailsMapperTest.java

@@ -1,155 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.ldap;
-
-import junit.framework.TestCase;
-
-import org.springframework.ldap.core.DirContextAdapter;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UsernameNotFoundException;
-import org.springframework.security.userdetails.memory.InMemoryDaoImpl;
-import org.springframework.security.userdetails.memory.UserMap;
-import org.springframework.security.userdetails.memory.UserMapEditor;
-import org.springframework.security.util.AuthorityUtils;
-
-/**
- * @author Valery Tydykov
- *
- */
-public class ReplacingUserDetailsMapperTest extends TestCase {
-
-    ReplacingUserDetailsMapper mapper;
-
-    /*
-     * (non-Javadoc)
-     *
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        mapper = new ReplacingUserDetailsMapper();
-    }
-
-    /*
-     * (non-Javadoc)
-     *
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        mapper = null;
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapper#setUserDetailsService(org.springframework.security.userdetails.UserDetailsService)}.
-     */
-    public final void testSetUserDetailsServiceNullThrowsException() {
-        try {
-            mapper.setUserDetailsService(null);
-            fail("exception expected");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapper#setAccountMapper(org.springframework.security.userdetails.ldap.AccountMapper)}.
-     */
-    public final void testSetAccountMapperNullThrowsException() {
-        try {
-            mapper.setAccountMapper(null);
-            fail("exception expected");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapper#afterPropertiesSet()}.
-     */
-    public final void testAfterPropertiesSet() {
-        try {
-            mapper.afterPropertiesSet();
-            fail("expected exception");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapper#mapUserFromContext(org.springframework.ldap.core.DirContextOperations, java.lang.String, org.springframework.security.GrantedAuthority[])}.
-     */
-    public final void testNormalOperation() {
-        String userName = "rod,ok";
-        UsernameFromPropertyAccountMapper accountMapper = new UsernameFromPropertyAccountMapper();
-        accountMapper.setUsername(userName);
-        mapper.setAccountMapper(accountMapper);
-        mapper.setConvertToUpperCase(false);
-
-        {
-            // create secondary user accounts repository
-            InMemoryDaoImpl dao = new InMemoryDaoImpl();
-            UserMapEditor editor = new UserMapEditor();
-            editor.setAsText("rod,ok=koala,ROLE_ONE,ROLE_TWO,enabled\r\n");
-            dao.setUserMap((UserMap) editor.getValue());
-
-            mapper.setUserDetailsService(dao);
-        }
-
-        DirContextAdapter ctx = new DirContextAdapter();
-
-        ctx.setAttributeValues("userRole", new String[] { "X", "Y", "Z" });
-        ctx.setAttributeValue("uid", "ani");
-
-        UserDetails userDetails = mapper.mapUserFromContext(ctx, "ani", AuthorityUtils.NO_AUTHORITIES);
-        // verify that userDetails came from the secondary repository
-        assertEquals("ROLE_ONE", userDetails.getAuthorities().get(0).getAuthority());
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapper#retrieveUser(java.lang.String)}.
-     */
-    public final void testRetrieveUser() {
-        String username = "rod,ok";
-        {
-            // secondary user accounts repository
-            InMemoryDaoImpl dao = new InMemoryDaoImpl();
-            UserMapEditor editor = new UserMapEditor();
-            editor.setAsText("rod,ok=koala,ROLE_ONE,ROLE_TWO,enabled\r\n");
-            dao.setUserMap((UserMap) editor.getValue());
-
-            mapper.setUserDetailsService(dao);
-        }
-
-        UserDetails userDetails = mapper.retrieveUser(username);
-
-        assertEquals("ROLE_ONE", userDetails.getAuthorities().get(0).getAuthority());
-
-        try {
-            mapper.retrieveUser("noMatchUsername");
-            fail("exception expected");
-        } catch (UsernameNotFoundException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-}

sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/UsernameFromPropertyAccountMapperTest.java

@@ -1,89 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.ldap;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.userdetails.User;
-import org.springframework.security.userdetails.UserDetails;
-
-/**
- * @author Valery Tydykov
- *
- */
-public class UsernameFromPropertyAccountMapperTest extends TestCase {
-
-    UsernameFromPropertyAccountMapper mapper;
-
-    /*
-     * (non-Javadoc)
-     *
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        mapper = new UsernameFromPropertyAccountMapper();
-    }
-
-    /*
-     * (non-Javadoc)
-     *
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        mapper = null;
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.UsernameFromPropertyAccountMapper#map(org.springframework.security.userdetails.UserDetails)}.
-     */
-    public final void testNormalOperation() {
-        String usernameExpected = "username1";
-        UserDetails user = new User(usernameExpected, "password1", false, false, false, false, new GrantedAuthority[0]);
-        mapper.setUsername(usernameExpected);
-        String username = mapper.map(user);
-
-        assertEquals(usernameExpected, username);
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.UsernameFromPropertyAccountMapper#setUsername(java.lang.String)}.
-     */
-    public final void testSetUserName() {
-        try {
-            mapper.setUsername(null);
-            fail("exception expected");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.ldap.UsernameFromPropertyAccountMapper#afterPropertiesSet()}.
-     */
-    public final void testAfterPropertiesSet() {
-        try {
-            mapper.afterPropertiesSet();
-            fail("expected exception");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-}

sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/AllTests.java

@@ -1,37 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.preauth;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests extends TestCase {
-
-    public AllTests(String s) {
-        super(s);
-    }
-
-    public static Test suite() {
-        TestSuite suite = new TestSuite();
-        suite
-            .addTestSuite(org.springframework.security.userdetails.preauth.UserDetailsMappingServiceWrapperTest.class);
-        suite
-            .addTestSuite(org.springframework.security.userdetails.preauth.UsernameFromPropertyAccountMapperTest.class);
-        suite
-            .addTestSuite(org.springframework.security.userdetails.preauth.UsernameFromRequestAccountMapperTest.class);
-        return suite;
-    }
-}

sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UserDetailsMappingServiceWrapperTest.java

@@ -1,111 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.preauth;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.providers.TestingAuthenticationToken;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.memory.InMemoryDaoImpl;
-import org.springframework.security.userdetails.memory.UserMap;
-import org.springframework.security.userdetails.memory.UserMapEditor;
-
-/**
- * @author Valery Tydykov
- *
- */
-public class UserDetailsMappingServiceWrapperTest extends TestCase {
-
-    UserDetailsMappingServiceWrapper service;
-
-    protected void setUp() throws Exception {
-        service = new UserDetailsMappingServiceWrapper();
-    }
-
-    protected void tearDown() throws Exception {
-        service = null;
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.preauth.UserDetailsMappingServiceWrapper#afterPropertiesSet()}.
-     */
-    public final void testAfterPropertiesSet() {
-        try {
-            service.afterPropertiesSet();
-            fail("expected exception");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.preauth.UserDetailsMappingServiceWrapper#loadUserDetails(org.springframework.security.Authentication)}.
-     */
-    public final void testLoadUserDetails() {
-        String username = "rod,ok";
-        UsernameFromPropertyAccountMapper accountMapper = new UsernameFromPropertyAccountMapper();
-        accountMapper.setUsername(username);
-
-        service.setAccountMapper(accountMapper);
-
-        // secondary user accounts repository
-        {
-            InMemoryDaoImpl dao = new InMemoryDaoImpl();
-            UserMapEditor editor = new UserMapEditor();
-            editor.setAsText("rod,ok=koala,ROLE_ONE,ROLE_TWO,enabled\r\n");
-            dao.setUserMap((UserMap) editor.getValue());
-
-            service.setUserDetailsService(dao);
-        }
-
-        Authentication authentication = new TestingAuthenticationToken("any", "any");
-        UserDetails user = service.loadUserDetails(authentication);
-
-        // verify that userDetails came from the secondary repository
-        assertEquals("ROLE_ONE", user.getAuthorities().get(0).getAuthority());
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.preauth.UserDetailsMappingServiceWrapper#setUserDetailsService(org.springframework.security.userdetails.UserDetailsService)}.
-     */
-    public final void testSetUserDetailsService() {
-        try {
-            service.setUserDetailsService(null);
-            fail("exception expected");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.preauth.UserDetailsMappingServiceWrapper#setAccountMapper(org.springframework.security.userdetails.preauth.AccountMapper)}.
-     */
-    public final void testSetAccountMapper() {
-        try {
-            service.setAccountMapper(null);
-            fail("exception expected");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-}

sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UsernameFromPropertyAccountMapperTest.java

@@ -1,89 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.preauth;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.providers.TestingAuthenticationToken;
-
-/**
- * @author Valery Tydykov
- *
- */
-public class UsernameFromPropertyAccountMapperTest extends TestCase {
-
-    UsernameFromPropertyAccountMapper mapper;
-
-    /*
-     * (non-Javadoc)
-     *
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        mapper = new UsernameFromPropertyAccountMapper();
-    }
-
-    /*
-     * (non-Javadoc)
-     *
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        mapper = null;
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.preauth.UsernameFromPropertyAccountMapper#map(org.springframework.security.Authentication)}.
-     */
-    public final void testNormalOperation() {
-        String usernameExpected = "username1";
-        Authentication authenticationRequest = new TestingAuthenticationToken("any", "any");
-        mapper.setUsername(usernameExpected);
-
-        String username = mapper.map(authenticationRequest);
-
-        assertEquals(usernameExpected, username);
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.preauth.UsernameFromPropertyAccountMapper#setUsername(java.lang.String)}.
-     */
-    public final void testSetUsername() {
-        try {
-            mapper.setUsername(null);
-            fail("exception expected");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.preauth.UsernameFromPropertyAccountMapper#afterPropertiesSet()}.
-     */
-    public final void testAfterPropertiesSet() {
-        try {
-            mapper.afterPropertiesSet();
-            fail("expected exception");
-        } catch (IllegalArgumentException expected) {
-        } catch (Exception unexpected) {
-            fail("unexpected exception");
-        }
-    }
-}

sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UsernameFromRequestAccountMapperTest.java

@@ -1,59 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.userdetails.preauth;
-
-import junit.framework.TestCase;
-
-import org.springframework.security.Authentication;
-import org.springframework.security.providers.TestingAuthenticationToken;
-
-/**
- * @author Valery Tydykov
- *
- */
-public class UsernameFromRequestAccountMapperTest extends TestCase {
-
-    UsernameFromRequestAccountMapper mapper;
-
-    /*
-     * (non-Javadoc)
-     *
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception {
-        mapper = new UsernameFromRequestAccountMapper();
-    }
-
-    /*
-     * (non-Javadoc)
-     *
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception {
-        mapper = null;
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.userdetails.preauth.UsernameFromRequestAccountMapper#map(org.springframework.security.Authentication)}.
-     */
-    public final void testNormalOperation() {
-        String usernameExpected = "username1";
-        Authentication authenticationRequest = new TestingAuthenticationToken(usernameExpected, "password1");
-        String username = mapper.map(authenticationRequest);
-
-        assertEquals(usernameExpected, username);
-    }
-}

sandbox/other/src/test/java/org/springframework/security/util/AllTests.java

@@ -1,33 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.util;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests extends TestCase {
-
-    public AllTests(String s) {
-        super(s);
-    }
-
-    public static Test suite() {
-        TestSuite suite = new TestSuite();
-        suite.addTestSuite(org.springframework.security.util.ServletUtilsTest.class);
-        suite.addTestSuite(org.springframework.security.util.StringUtilsTest.class);
-        return suite;
-    }
-}

sandbox/other/src/test/java/org/springframework/security/util/ServletUtilsTest.java

@@ -1,124 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.util;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.Cookie;
-
-import junit.framework.TestCase;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-
-/**
- * @author Valery Tydykov
- * 
- */
-public class ServletUtilsTest extends TestCase {
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.util.ServletUtils#extractHeaderValues(javax.servlet.http.HttpServletRequest, java.util.List)}.
-     */
-    public final void testExtractHeaderValues() {
-        List keys = new ArrayList();
-        String key1 = "key1";
-        keys.add(key1);
-        String key2 = "key2";
-        keys.add(key2);
-        String key3 = "key3";
-        keys.add(key3);
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        String value1 = "value1";
-        request.addHeader(key1, value1);
-        String value2 = "value2";
-        request.addHeader(key2, value2);
-
-        Map values = ServletUtils.extractHeaderValues(request, keys);
-
-        assertEquals(value1, values.get(key1));
-        assertEquals(value2, values.get(key2));
-        assertEquals(null, values.get(key3));
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.util.ServletUtils#extractCookiesValues(javax.servlet.http.HttpServletRequest, java.util.List)}.
-     */
-    public final void testExtractCookiesValues() {
-        List keys = new ArrayList();
-        String key1 = "key1";
-        keys.add(key1);
-        String key2 = "key2";
-        keys.add(key2);
-        String key3 = "key3";
-        keys.add(key3);
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        String value1 = "value1";
-        String value2 = "value2";
-
-        {
-            Cookie[] cookies = new Cookie[] { new Cookie(key1, value1), new Cookie(key2, value2) };
-            request.setCookies(cookies);
-        }
-
-        Map values = ServletUtils.extractCookiesValues(request, keys);
-
-        assertEquals(value1, values.get(key1));
-        assertEquals(value2, values.get(key2));
-        assertEquals(null, values.get(key3));
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.util.ServletUtils#findCookieValue(javax.servlet.http.HttpServletRequest, java.lang.String)}.
-     */
-    public final void testFindCookieValue() {
-        List keys = new ArrayList();
-        String key1 = "key1";
-        keys.add(key1);
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        String valueExpected = "value1";
-        {
-            Cookie[] cookies = new Cookie[] { new Cookie(key1, valueExpected), };
-            request.setCookies(cookies);
-        }
-
-        String value = ServletUtils.findCookieValue(request, key1);
-
-        assertEquals(valueExpected, value);
-    }
-
-    public final void testFindCookieValueNotFound() {
-        List keys = new ArrayList();
-        String key1 = "key1";
-        keys.add(key1);
-
-        MockHttpServletRequest request = new MockHttpServletRequest();
-        {
-            Cookie[] cookies = new Cookie[0];
-            request.setCookies(cookies);
-        }
-
-        String value = ServletUtils.findCookieValue(request, key1);
-
-        assertEquals(null, value);
-    }
-}

sandbox/other/src/test/java/org/springframework/security/util/StringUtilsTest.java

@@ -1,79 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.util;
-
-import java.util.List;
-
-import junit.framework.TestCase;
-
-/**
- * @author Valery Tydykov
- * 
- */
-public class StringUtilsTest extends TestCase {
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.util.StringUtils#tokenizeString(java.lang.String, java.lang.String)}.
-     */
-    public final void testTokenizeString() {
-        {
-            String source = "one,two,three";
-            String separator = ",";
-            List result = StringUtils.tokenizeString(source, separator);
-
-            assertTrue(result.contains("one"));
-            assertTrue(result.contains("two"));
-            assertTrue(result.contains("three"));
-        }
-        {
-            String source = null;
-            String separator = null;
-            List result = StringUtils.tokenizeString(source, separator);
-
-            assertTrue(result.isEmpty());
-        }
-        {
-            String source = "one,two,three";
-            String separator = "noMatch";
-            List result = StringUtils.tokenizeString(source, separator);
-
-            assertTrue(result.contains(source));
-        }
-    }
-
-    /**
-     * Test method for
-     * {@link org.springframework.security.util.StringUtils#notNull(java.lang.Object)}.
-     */
-    public final void testNotNull() {
-        {
-            Object object = null;
-            String result = StringUtils.notNull(object);
-            assertEquals("", result);
-        }
-        {
-            Object object = "myString";
-            String result = StringUtils.notNull(object);
-            assertEquals(object, result);
-        }
-        {
-            String expected = "12345";
-            Object object = new Integer(expected);
-            String result = StringUtils.notNull(object);
-            assertEquals(expected, result);
-        }
-    }
-}

sandbox/other/src/test/java/org/springframework/security/vote/FirstDecisionBased.java

@@ -1,51 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.vote;
-
-import java.util.*;
-
-import org.springframework.security.AccessDeniedException;
-import org.springframework.security.Authentication;
-import org.springframework.security.ConfigAttribute;
-
-/**
- * AccessDecisionManager which bases its result on the first non-abstention from
- * its list of voters.
- *
- * @author Janning Vygen
- */
-public class FirstDecisionBased extends AbstractAccessDecisionManager {
-
-    public void decide(Authentication authentication, Object object, List<ConfigAttribute> config ) throws AccessDeniedException {
-        Iterator voters = this.getDecisionVoters().iterator();
-
-        while (voters.hasNext()) {
-            AccessDecisionVoter voter = (AccessDecisionVoter) voters.next();
-            int result = voter.vote(authentication, object, config);
-
-            switch (result) {
-                case AccessDecisionVoter.ACCESS_GRANTED:
-                return;
-
-                case AccessDecisionVoter.ACCESS_DENIED:
-                    throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
-            }
-        }
-
-        // To get this far, every AccessDecisionVoter abstained
-        checkAllowIfAllAbstainDecisions();
-    }
-}

sandbox/pom.xml

@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-  <modelVersion>4.0.0</modelVersion>
-  <parent>
-    <groupId>org.springframework.security</groupId>
-    <artifactId>spring-security-parent</artifactId>
-    <version>3.0.0.CI-SNAPSHOT</version>
-  </parent>
-  <artifactId>spring-security-sandbox</artifactId>
-  <name>Spring Security - Sandbox</name>
-  <packaging>pom</packaging>
-
-  <modules>
-    <module>other</module>
-  </modules>
-
-  <dependencies>
-    <dependency>
-      <groupId>org.springframework.security</groupId>
-      <artifactId>spring-security-core</artifactId>
-      <version>${pom.version}</version>
-    </dependency>
-  </dependencies>
-
-</project>

sandbox/webflow/pom.xml

@@ -1,12 +1,5 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
     <modelVersion>4.0.0</modelVersion>
-<!--    
-    <parent>
-        <groupId>org.springframework.security</groupId>
-        <artifactId>spring-security-samples</artifactId>
-        <version>2.0.4-SNAPSHOT</version>
-    </parent>
--->    
     <groupId>org.springframework.security</groupId>
     <artifactId>spring-security-samples-webflow</artifactId>
     <name>Spring Security - Webflow sample</name>
@@ -24,9 +17,9 @@
             <version>${project.version}</version>
         </dependency>
         <dependency>
-            <groupId>spring-webflow</groupId>
+            <groupId>org.springframework.webflow</groupId>
             <artifactId>spring-webflow</artifactId>
-            <version>2.0.3.RELEASE</version>
+            <version>2.0.8.RELEASE</version>
         </dependency>
         <dependency>
             <groupId>ognl</groupId>
@@ -36,34 +29,34 @@
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-web</artifactId>
-            <version>2.5.5</version>            
+            <version>3.0.0.RELEASE</version>            
         </dependency>
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-core</artifactId>
-            <version>2.5.5</version>            
+            <version>3.0.0.RELEASE</version>            
         </dependency>                
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-context</artifactId>
-            <version>2.5.5</version>            
+            <version>3.0.0.RELEASE</version>            
         </dependency>        
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-webmvc</artifactId>
-            <version>2.5.5</version>            
+            <version>3.0.0.RELEASE</version>            
         </dependency>
         <dependency>
             <groupId>javax.servlet</groupId>
             <artifactId>servlet-api</artifactId>
             <scope>provided</scope>
-            <version>2.4</version>
+            <version>2.5</version>
         </dependency>
         <dependency>
             <groupId>org.freemarker</groupId>
             <artifactId>freemarker</artifactId>
             <scope>runtime</scope>
-            <version>2.3.12</version>
+            <version>2.3.16</version>
         </dependency>
         <dependency>
             <groupId>log4j</groupId>
@@ -86,7 +79,7 @@
             <plugin>
                 <groupId>org.mortbay.jetty</groupId>
                 <artifactId>maven-jetty-plugin</artifactId>
-                <version>6.1.7</version>
+                <version>6.1.22</version>
                 <configuration>
                     <contextPath>/webflow</contextPath>
                     <connectors>