20 yıl önce · e02dbd5c34
--- a/core/src/main/java/org/acegisecurity/adapters/HttpRequestIntegrationFilter.java
+++ b/core/src/main/java/org/acegisecurity/adapters/HttpRequestIntegrationFilter.java
@@ -79,13 +79,13 @@ public class HttpRequestIntegrationFilter implements Filter {
 
				 
			
 
				                 if (logger.isDebugEnabled()) {
			
 
				                     logger.debug(
			
 
				-                        "SecurityContext updated with Authentication from container: '"
			
 
				+                        "SecurityContextHolder updated with Authentication from container: '"
			
 
				                         + principal + "'");
			
 
				                 }
			
 
				             } else {
			
 
				                 if (logger.isDebugEnabled()) {
			
 
				                     logger.debug(
			
 
				-                        "ContextHolder not set with new Authentication as Principal was: '"
			
 
				+                        "SecurityContextHolder not set with new Authentication as Principal was: '"
			
 
				                         + principal + "'");
			
 
				                 }
			
 
				             }
			
--- a/core/src/main/java/org/acegisecurity/context/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java
+++ b/core/src/main/java/org/acegisecurity/context/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java
@@ -98,7 +98,7 @@ public class AuthenticationSimpleHttpInvokerRequestExecutor
 
				 
			
 
				             if (logger.isDebugEnabled()) {
			
 
				                 logger.debug(
			
 
				-                    "HttpInvocation now presenting via BASIC authentication ContextHolder-derived: "
			
 
				+                    "HttpInvocation now presenting via BASIC authentication SecurityContextHolder-derived: "
			
 
				                     + auth.toString());
			
 
				             }
			
 
				         } else {
			
--- a/core/src/main/java/org/acegisecurity/providers/jaas/SecurityContextLoginModule.java
+++ b/core/src/main/java/org/acegisecurity/providers/jaas/SecurityContextLoginModule.java
@@ -38,22 +38,22 @@ import javax.security.auth.spi.LoginModule;
 
				  * conjunction with it. <br />
			
 
				  * The {@link JaasAuthenticationProvider} allows Acegi to authenticate against
			
 
				  * Jaas. <br />
			
 
				- * The SecureContextLoginModule allows a Jaas based application to
			
 
				+ * The SecurityContextLoginModule allows a Jaas based application to
			
 
				  * authenticate against Acegi. If there is no Authentication in the {@link
			
 
				  * SecurityContextHolder} the login() method will throw a LoginException by
			
 
				  * default. This functionality can be changed with the
			
 
				  * <tt>ignoreMissingAuthentication</tt> option by setting it to "true".
			
 
				  * Setting  ignoreMissingAuthentication=true will tell the
			
 
				- * SecureContextLoginModule to simply return false and be ignored if the
			
 
				+ * SecurityContextLoginModule to simply return false and be ignored if the
			
 
				  * authentication is null.
			
 
				  *
			
 
				  * @author Brian Moseley
			
 
				  * @author Ray Krueger
			
 
				  */
			
 
				-public class SecureContextLoginModule implements LoginModule {
			
 
				+public class SecurityContextLoginModule implements LoginModule {
			
 
				     //~ Static fields/initializers =============================================
			
 
				 
			
 
				-    private static final Log log = LogFactory.getLog(SecureContextLoginModule.class);
			
 
				+    private static final Log log = LogFactory.getLog(SecurityContextLoginModule.class);
			
 
				 
			
 
				     //~ Instance fields ========================================================
			
 
				 
			
--- a/core/src/main/java/org/acegisecurity/wrapper/SecurityContextHolderAwareRequestFilter.java
+++ b/core/src/main/java/org/acegisecurity/wrapper/SecurityContextHolderAwareRequestFilter.java
@@ -28,12 +28,12 @@ import javax.servlet.http.HttpServletRequest;
 
				 
			
 
				 /**
			
 
				  * A <code>Filter</code> which populates the <code>ServletRequest</code> with
			
 
				- * an {@link ContextHolderAwareRequestWrapper}.
			
 
				+ * an {@link SecurityContextHolderAwareRequestWrapper}.
			
 
				  *
			
 
				  * @author Orlando Garcia Carmona
			
 
				  * @version $Id$
			
 
				  */
			
 
				-public class ContextHolderAwareRequestFilter implements Filter {
			
 
				+public class SecurityContextHolderAwareRequestFilter implements Filter {
			
 
				     //~ Methods ================================================================
			
 
				 
			
 
				     public void destroy() {}
			
@@ -43,8 +43,8 @@ public class ContextHolderAwareRequestFilter implements Filter {
 
				         throws IOException, ServletException {
			
 
				         HttpServletRequest request = (HttpServletRequest) servletRequest;
			
 
				 
			
 
				-        if (!(request instanceof ContextHolderAwareRequestWrapper)) {
			
 
				-            request = new ContextHolderAwareRequestWrapper(request);
			
 
				+        if (!(request instanceof SecurityContextHolderAwareRequestWrapper)) {
			
 
				+            request = new SecurityContextHolderAwareRequestWrapper(request);
			
 
				         }
			
 
				 
			
 
				         filterChain.doFilter(request, servletResponse);
			
--- a/core/src/main/java/org/acegisecurity/wrapper/SecurityContextHolderAwareRequestWrapper.java
+++ b/core/src/main/java/org/acegisecurity/wrapper/SecurityContextHolderAwareRequestWrapper.java
@@ -30,7 +30,7 @@ import javax.servlet.http.HttpServletRequestWrapper;
 
				 /**
			
 
				  * An Acegi Security-aware <code>HttpServletRequestWrapper</code>, which uses
			
 
				  * the <code>SecurityContext</code>-defined <code>Authentication</code> object
			
 
				- * for {@link ContextHolderAwareRequestWrapper#isUserInRole(java.lang.String)}
			
 
				+ * for {@link SecurityContextHolderAwareRequestWrapper#isUserInRole(java.lang.String)}
			
 
				  * and {@link javax.servlet.http.HttpServletRequestWrapper#getRemoteUser()}
			
 
				  * responses.
			
 
				  *
			
@@ -38,14 +38,14 @@ import javax.servlet.http.HttpServletRequestWrapper;
 
				  * @author Ben Alex
			
 
				  * @version $Id$
			
 
				  */
			
 
				-public class ContextHolderAwareRequestWrapper extends HttpServletRequestWrapper {
			
 
				+public class SecurityContextHolderAwareRequestWrapper extends HttpServletRequestWrapper {
			
 
				     //~ Instance fields ========================================================
			
 
				 
			
 
				     private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl();
			
 
				 
			
 
				     //~ Constructors ===========================================================
			
 
				 
			
 
				-    public ContextHolderAwareRequestWrapper(HttpServletRequest request) {
			
 
				+    public SecurityContextHolderAwareRequestWrapper(HttpServletRequest request) {
			
 
				         super(request);
			
 
				     }
			
 
				 
			
--- a/core/src/test/java/org/acegisecurity/context/HttpSessionContextIntegrationFilterTests.java
+++ b/core/src/test/java/org/acegisecurity/context/HttpSessionContextIntegrationFilterTests.java
@@ -181,7 +181,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
 
				         executeFilterInContainerSimulator(new MockFilterConfig(), filter,
			
 
				             request, response, chain);
			
 
				 
			
 
				-        // Obtain new/update Authentication from HttpSession
			
 
				+        // Obtain new/updated Authentication from HttpSession
			
 
				         SecurityContext context = (SecurityContext) request.getSession(false)
			
 
				                                                            .getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
			
 
				         assertEquals(updatedPrincipal,
			
@@ -204,7 +204,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
 
				         executeFilterInContainerSimulator(new MockFilterConfig(), filter,
			
 
				             request, response, chain);
			
 
				 
			
 
				-        // Obtain new/update Authentication from HttpSession
			
 
				+        // Check the session is null
			
 
				         assertNull(request.getSession(false));
			
 
				     }
			
 
				 
			
--- a/core/src/test/java/org/acegisecurity/providers/jaas/SecurityContextLoginModuleTests.java
+++ b/core/src/test/java/org/acegisecurity/providers/jaas/SecurityContextLoginModuleTests.java
@@ -30,14 +30,14 @@ import javax.security.auth.login.LoginException;
 
				 
			
 
				 
			
 
				 /**
			
 
				- * Testst SecureContextLoginModule
			
 
				+ * Tests SecurityContextLoginModule
			
 
				  *
			
 
				  * @author Ray Krueger
			
 
				  */
			
 
				-public class SecureContextLoginModuleTests extends TestCase {
			
 
				+public class SecurityContextLoginModuleTests extends TestCase {
			
 
				     //~ Instance fields ========================================================
			
 
				 
			
 
				-    private SecureContextLoginModule module = null;
			
 
				+    private SecurityContextLoginModule module = null;
			
 
				     private Subject subject = new Subject(false, new HashSet(), new HashSet(),
			
 
				             new HashSet());
			
 
				     private UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("principal",
			
@@ -82,7 +82,7 @@ public class SecureContextLoginModuleTests extends TestCase {
 
				             subject.getPrincipals().contains(auth));
			
 
				     }
			
 
				 
			
 
				-    public void testNullAuthenticationInSecureContext()
			
 
				+    public void testNullAuthenticationInSecurityContext()
			
 
				         throws Exception {
			
 
				         try {
			
 
				             SecurityContextHolder.getContext().setAuthentication(null);
			
@@ -92,9 +92,9 @@ public class SecureContextLoginModuleTests extends TestCase {
 
				         }
			
 
				     }
			
 
				 
			
 
				-    public void testNullAuthenticationInSecureContextIgnored()
			
 
				+    public void testNullAuthenticationInSecurityContextIgnored()
			
 
				         throws Exception {
			
 
				-        module = new SecureContextLoginModule();
			
 
				+        module = new SecurityContextLoginModule();
			
 
				 
			
 
				         Map options = new HashMap();
			
 
				         options.put("ignoreMissingAuthentication", "true");
			
@@ -109,7 +109,7 @@ public class SecureContextLoginModuleTests extends TestCase {
 
				     }
			
 
				 
			
 
				     protected void setUp() throws Exception {
			
 
				-        module = new SecureContextLoginModule();
			
 
				+        module = new SecurityContextLoginModule();
			
 
				         module.initialize(subject, null, null, null);
			
 
				         SecurityContextHolder.setContext(new SecurityContextImpl());
			
 
				     }
			
--- a/core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagTests.java
+++ b/core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagTests.java
@@ -79,7 +79,7 @@ public class AuthorizeTagTests extends TestCase {
 
				             Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
			
 
				     }
			
 
				 
			
 
				-    public void testPreventsBodyOutputIfNoSecureContext()
			
 
				+    public void testPreventsBodyOutputIfNoSecurityContext()
			
 
				         throws JspException {
			
 
				         SecurityContextHolder.getContext().setAuthentication(null);
			
 
				         authorizeTag.setIfAnyGranted("ROLE_BANKER");
			
--- a/core/src/test/java/org/acegisecurity/wrapper/SecurityContextHolderAwareRequestFilterTests.java
+++ b/core/src/test/java/org/acegisecurity/wrapper/SecurityContextHolderAwareRequestFilterTests.java
@@ -19,8 +19,8 @@ import junit.framework.TestCase;
 
				 
			
 
				 import net.sf.acegisecurity.MockFilterConfig;
			
 
				 
			
 
				-import net.sf.acegisecurity.wrapper.ContextHolderAwareRequestFilter;
			
 
				-import net.sf.acegisecurity.wrapper.ContextHolderAwareRequestWrapper;
			
 
				+import net.sf.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter;
			
 
				+import net.sf.acegisecurity.wrapper.SecurityContextHolderAwareRequestWrapper;
			
 
				 
			
 
				 import java.io.IOException;
			
 
				 
			
@@ -33,19 +33,19 @@ import org.springframework.mock.web.MockHttpServletRequest;
 
				 
			
 
				 
			
 
				 /**
			
 
				- * Tests {@link ContextHolderAwareRequestFilter}.
			
 
				+ * Tests {@link SecurityContextHolderAwareRequestFilter}.
			
 
				  *
			
 
				  * @author Ben Alex
			
 
				  * @version $Id$
			
 
				  */
			
 
				-public class ContextHolderAwareRequestFilterTests extends TestCase {
			
 
				+public class SecurityContextHolderAwareRequestFilterTests extends TestCase {
			
 
				     //~ Constructors ===========================================================
			
 
				 
			
 
				-    public ContextHolderAwareRequestFilterTests() {
			
 
				+    public SecurityContextHolderAwareRequestFilterTests() {
			
 
				         super();
			
 
				     }
			
 
				 
			
 
				-    public ContextHolderAwareRequestFilterTests(String arg0) {
			
 
				+    public SecurityContextHolderAwareRequestFilterTests(String arg0) {
			
 
				         super(arg0);
			
 
				     }
			
 
				 
			
@@ -56,18 +56,18 @@ public class ContextHolderAwareRequestFilterTests extends TestCase {
 
				     }
			
 
				 
			
 
				     public static void main(String[] args) {
			
 
				-        junit.textui.TestRunner.run(ContextHolderAwareRequestFilterTests.class);
			
 
				+        junit.textui.TestRunner.run(SecurityContextHolderAwareRequestFilterTests.class);
			
 
				     }
			
 
				 
			
 
				     public void testCorrectOperation() throws Exception {
			
 
				-        ContextHolderAwareRequestFilter filter = new ContextHolderAwareRequestFilter();
			
 
				+        SecurityContextHolderAwareRequestFilter filter = new SecurityContextHolderAwareRequestFilter();
			
 
				         filter.init(new MockFilterConfig());
			
 
				         filter.doFilter(new MockHttpServletRequest(null, null), null,
			
 
				-            new MockFilterChain(ContextHolderAwareRequestWrapper.class));
			
 
				+            new MockFilterChain(SecurityContextHolderAwareRequestWrapper.class));
			
 
				 
			
 
				         // Now re-execute the filter, ensuring our replacement wrapper is still used
			
 
				         filter.doFilter(new MockHttpServletRequest(null, null), null,
			
 
				-            new MockFilterChain(ContextHolderAwareRequestWrapper.class));
			
 
				+            new MockFilterChain(SecurityContextHolderAwareRequestWrapper.class));
			
 
				 
			
 
				         filter.destroy();
			
 
				     }
			
--- a/core/src/test/java/org/acegisecurity/wrapper/SecurityContextHolderAwareRequestWrapperTests.java
+++ b/core/src/test/java/org/acegisecurity/wrapper/SecurityContextHolderAwareRequestWrapperTests.java
@@ -23,25 +23,25 @@ import net.sf.acegisecurity.GrantedAuthorityImpl;
 
				 import net.sf.acegisecurity.context.SecurityContextHolder;
			
 
				 import net.sf.acegisecurity.providers.TestingAuthenticationToken;
			
 
				 import net.sf.acegisecurity.providers.dao.User;
			
 
				-import net.sf.acegisecurity.wrapper.ContextHolderAwareRequestWrapper;
			
 
				+import net.sf.acegisecurity.wrapper.SecurityContextHolderAwareRequestWrapper;
			
 
				 
			
 
				 import org.springframework.mock.web.MockHttpServletRequest;
			
 
				 
			
 
				 
			
 
				 /**
			
 
				- * Tests {@link ContextHolderAwareRequestWrapper}.
			
 
				+ * Tests {@link SecurityContextHolderAwareRequestWrapper}.
			
 
				  *
			
 
				  * @author Ben Alex
			
 
				  * @version $Id$
			
 
				  */
			
 
				-public class ContextHolderAwareRequestWrapperTests extends TestCase {
			
 
				+public class SecurityContextHolderAwareRequestWrapperTests extends TestCase {
			
 
				     //~ Constructors ===========================================================
			
 
				 
			
 
				-    public ContextHolderAwareRequestWrapperTests() {
			
 
				+    public SecurityContextHolderAwareRequestWrapperTests() {
			
 
				         super();
			
 
				     }
			
 
				 
			
 
				-    public ContextHolderAwareRequestWrapperTests(String arg0) {
			
 
				+    public SecurityContextHolderAwareRequestWrapperTests(String arg0) {
			
 
				         super(arg0);
			
 
				     }
			
 
				 
			
@@ -52,7 +52,7 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
 
				     }
			
 
				 
			
 
				     public static void main(String[] args) {
			
 
				-        junit.textui.TestRunner.run(ContextHolderAwareRequestWrapperTests.class);
			
 
				+        junit.textui.TestRunner.run(SecurityContextHolderAwareRequestWrapperTests.class);
			
 
				     }
			
 
				 
			
 
				     public void testCorrectOperationWithStringBasedPrincipal()
			
@@ -65,7 +65,7 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
 
				         MockHttpServletRequest request = new MockHttpServletRequest();
			
 
				         request.setRequestURI("/");
			
 
				 
			
 
				-        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
			
 
				+        SecurityContextHolderAwareRequestWrapper wrapper = new SecurityContextHolderAwareRequestWrapper(request);
			
 
				 
			
 
				         assertEquals("marissa", wrapper.getRemoteUser());
			
 
				         assertTrue(wrapper.isUserInRole("ROLE_FOO"));
			
@@ -87,7 +87,7 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
 
				         MockHttpServletRequest request = new MockHttpServletRequest();
			
 
				         request.setRequestURI("/");
			
 
				 
			
 
				-        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
			
 
				+        SecurityContextHolderAwareRequestWrapper wrapper = new SecurityContextHolderAwareRequestWrapper(request);
			
 
				 
			
 
				         assertEquals("marissaAsUserDetails", wrapper.getRemoteUser());
			
 
				         assertFalse(wrapper.isUserInRole("ROLE_FOO"));
			
@@ -105,7 +105,7 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
 
				         MockHttpServletRequest request = new MockHttpServletRequest();
			
 
				         request.setRequestURI("/");
			
 
				 
			
 
				-        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
			
 
				+        SecurityContextHolderAwareRequestWrapper wrapper = new SecurityContextHolderAwareRequestWrapper(request);
			
 
				         assertNull(wrapper.getRemoteUser());
			
 
				         assertFalse(wrapper.isUserInRole("ROLE_ANY"));
			
 
				         assertNull(wrapper.getUserPrincipal());
			
@@ -122,7 +122,7 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
 
				         MockHttpServletRequest request = new MockHttpServletRequest();
			
 
				         request.setRequestURI("/");
			
 
				 
			
 
				-        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
			
 
				+        SecurityContextHolderAwareRequestWrapper wrapper = new SecurityContextHolderAwareRequestWrapper(request);
			
 
				 
			
 
				         assertNull(wrapper.getRemoteUser());
			
 
				         assertFalse(wrapper.isUserInRole("ROLE_HELLO")); // principal is null, so reject