Cleanup unused imports.

core/src/main/java/org/acegisecurity/concurrent/SessionRegistryUtils.java

@@ -17,8 +17,6 @@ package org.acegisecurity.concurrent;
 
 import org.acegisecurity.Authentication;
 
-import org.acegisecurity.ui.WebAuthenticationDetails;
-
 import org.acegisecurity.userdetails.UserDetails;
 
 import org.springframework.util.Assert;

core/src/main/java/org/acegisecurity/context/rmi/ContextPropagatingRemoteInvocation.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,7 +17,6 @@ package org.acegisecurity.context.rmi;
 
 import org.acegisecurity.context.SecurityContext;
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
 
 import org.aopalliance.intercept.MethodInvocation;
 
@@ -118,11 +117,8 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation {
         }
 
         try {
-
             return super.invoke(targetObject);
-
         } finally {
-
             SecurityContextHolder.clearContext();
 
             if (logger.isDebugEnabled()) {

core/src/main/java/org/acegisecurity/vote/AbstractAclVoter.java

@@ -28,8 +28,6 @@ import org.aspectj.lang.reflect.CodeSignature;
 
 import org.springframework.util.Assert;
 
-import java.lang.reflect.Method;
-
 
 /**
  * <p>

core/src/test/java/org/acegisecurity/context/rmi/ContextPropagatingRemoteInvocationTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,11 +19,11 @@ import junit.framework.TestCase;
 
 import org.acegisecurity.Authentication;
 import org.acegisecurity.TargetObject;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
-import org.acegisecurity.context.rmi.ContextPropagatingRemoteInvocation;
-import org.acegisecurity.context.rmi.ContextPropagatingRemoteInvocationFactory;
+
 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
+
 import org.acegisecurity.util.SimpleMethodInvocation;
 
 import org.aopalliance.intercept.MethodInvocation;
@@ -51,15 +51,53 @@ public class ContextPropagatingRemoteInvocationTests extends TestCase {
 
     //~ Methods ================================================================
 
+    private ContextPropagatingRemoteInvocation getRemoteInvocation()
+        throws Exception {
+        Class clazz = TargetObject.class;
+        Method method = clazz.getMethod("makeLowerCase",
+                new Class[] {String.class});
+        MethodInvocation mi = new SimpleMethodInvocation(method,
+                new Object[] {"SOME_STRING"});
+
+        ContextPropagatingRemoteInvocationFactory factory = new ContextPropagatingRemoteInvocationFactory();
+
+        return (ContextPropagatingRemoteInvocation) factory
+        .createRemoteInvocation(mi);
+    }
+
     public static void main(String[] args) {
         junit.textui.TestRunner.run(ContextPropagatingRemoteInvocationTests.class);
     }
 
+    public void testContextIsResetEvenIfExceptionOccurs()
+        throws Exception {
+        // Setup client-side context
+        Authentication clientSideAuthentication = new UsernamePasswordAuthenticationToken("marissa",
+                "koala");
+        SecurityContextHolder.getContext()
+                             .setAuthentication(clientSideAuthentication);
+
+        ContextPropagatingRemoteInvocation remoteInvocation = getRemoteInvocation();
+
+        try {
+            // Set up the wrong arguments.
+            remoteInvocation.setArguments(new Object[] {});
+            remoteInvocation.invoke(TargetObject.class.newInstance());
+            fail("Expected IllegalArgumentException");
+        } catch (IllegalArgumentException e) {
+            // expected
+        }
+
+        assertNull("Authentication must be null ",
+            SecurityContextHolder.getContext().getAuthentication());
+    }
+
     public void testNormalOperation() throws Exception {
         // Setup client-side context
         Authentication clientSideAuthentication = new UsernamePasswordAuthenticationToken("marissa",
                 "koala");
-        SecurityContextHolder.getContext().setAuthentication(clientSideAuthentication);
+        SecurityContextHolder.getContext()
+                             .setAuthentication(clientSideAuthentication);
 
         ContextPropagatingRemoteInvocation remoteInvocation = getRemoteInvocation();
 
@@ -84,40 +122,4 @@ public class ContextPropagatingRemoteInvocationTests extends TestCase {
         assertEquals("some_string Authentication empty",
             remoteInvocation.invoke(new TargetObject()));
     }
-
-    public void testContextIsResetEvenIfExceptionOccurs() throws Exception {
-        // Setup client-side context
-        Authentication clientSideAuthentication = new UsernamePasswordAuthenticationToken("marissa",
-                "koala");
-        SecurityContextHolder.getContext().setAuthentication(clientSideAuthentication);
-
-        ContextPropagatingRemoteInvocation remoteInvocation = getRemoteInvocation();
-
-        try {
-            // Set up the wrong arguments.
-            remoteInvocation.setArguments(new Object[] {});
-            remoteInvocation.invoke(TargetObject.class.newInstance());
-            fail("Expected IllegalArgumentException");
-        } catch(IllegalArgumentException e) {
-            // expected
-        }
-
-        assertNull("Authentication must be null ", SecurityContextHolder.getContext().getAuthentication());
-
-    }
-
-
-    private ContextPropagatingRemoteInvocation getRemoteInvocation()
-        throws Exception {
-        Class clazz = TargetObject.class;
-        Method method = clazz.getMethod("makeLowerCase",
-                new Class[] {String.class});
-        MethodInvocation mi = new SimpleMethodInvocation(method,
-                new Object[] {"SOME_STRING"});
-
-        ContextPropagatingRemoteInvocationFactory factory = new ContextPropagatingRemoteInvocationFactory();
-
-        return (ContextPropagatingRemoteInvocation) factory
-        .createRemoteInvocation(mi);
-    }
 }

core/src/test/java/org/acegisecurity/intercept/web/FilterSecurityInterceptorTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,14 +15,6 @@
 
 package org.acegisecurity.intercept.web;
 
-import java.io.IOException;
-import java.util.Iterator;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-
 import junit.framework.TestCase;
 
 import org.acegisecurity.AccessDecisionManager;
@@ -38,12 +30,23 @@ import org.acegisecurity.MockAuthenticationManager;
 import org.acegisecurity.MockRunAsManager;
 import org.acegisecurity.RunAsManager;
 import org.acegisecurity.SecurityConfig;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
+
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 
+import java.io.IOException;
+
+import java.util.Iterator;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+
 
 /**
  * Tests {@link FilterSecurityInterceptor}.
@@ -64,14 +67,14 @@ public class FilterSecurityInterceptorTests extends TestCase {
 
     //~ Methods ================================================================
 
-    public final void setUp() throws Exception {
-        super.setUp();
-    }
-
     public static void main(String[] args) {
         junit.textui.TestRunner.run(FilterSecurityInterceptorTests.class);
     }
 
+    public final void setUp() throws Exception {
+        super.setUp();
+    }
+
     public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass()
         throws Exception {
         FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
@@ -145,7 +148,8 @@ public class FilterSecurityInterceptorTests extends TestCase {
         interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
         interceptor.setAuthenticationManager(new MockAuthenticationManager());
         interceptor.setRunAsManager(new MockRunAsManager());
-        interceptor.setApplicationEventPublisher(MockApplicationContext.getContext());
+        interceptor.setApplicationEventPublisher(MockApplicationContext
+            .getContext());
 
         // Setup a mock config attribute definition
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();
@@ -197,6 +201,7 @@ public class FilterSecurityInterceptorTests extends TestCase {
      * test  access denied events as the abstract parent enforces that logic,
      * which is extensively tested separately.
      *
+     * @throws Throwable DOCUMENT ME!
      */
     public void testSuccessfulInvocation() throws Throwable {
         // Setup the FilterSecurityInterceptor
@@ -204,7 +209,8 @@ public class FilterSecurityInterceptorTests extends TestCase {
         interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
         interceptor.setAuthenticationManager(new MockAuthenticationManager());
         interceptor.setRunAsManager(new MockRunAsManager());
-        interceptor.setApplicationEventPublisher(MockApplicationContext.getContext());
+        interceptor.setApplicationEventPublisher(MockApplicationContext
+            .getContext());
 
         // Setup a mock config attribute definition
         ConfigAttributeDefinition def = new ConfigAttributeDefinition();

core/src/test/java/org/acegisecurity/providers/TestingAuthenticationTokenTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,7 +19,6 @@ import junit.framework.TestCase;
 
 import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.GrantedAuthorityImpl;
-import org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken;
 
 
 /**
@@ -41,14 +40,14 @@ public class TestingAuthenticationTokenTests extends TestCase {
 
     //~ Methods ================================================================
 
-    public final void setUp() throws Exception {
-        super.setUp();
-    }
-
     public static void main(String[] args) {
         junit.textui.TestRunner.run(TestingAuthenticationTokenTests.class);
     }
 
+    public final void setUp() throws Exception {
+        super.setUp();
+    }
+
     public void testAuthenticated() {
         TestingAuthenticationToken token = new TestingAuthenticationToken("Test",
                 "Password", null);
@@ -72,7 +71,7 @@ public class TestingAuthenticationTokenTests extends TestCase {
         Class clazz = TestingAuthenticationToken.class;
 
         try {
-            clazz.getDeclaredConstructor((Class[])null);
+            clazz.getDeclaredConstructor((Class[]) null);
             fail("Should have thrown NoSuchMethodException");
         } catch (NoSuchMethodException expected) {
             assertTrue(true);

core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationTokenTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,8 +19,8 @@ import junit.framework.TestCase;
 
 import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.GrantedAuthorityImpl;
+
 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
-import org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken;
 
 import java.util.List;
 import java.util.Vector;
@@ -45,14 +45,14 @@ public class AnonymousAuthenticationTokenTests extends TestCase {
 
     //~ Methods ================================================================
 
-    public final void setUp() throws Exception {
-        super.setUp();
-    }
-
     public static void main(String[] args) {
         junit.textui.TestRunner.run(AnonymousAuthenticationTokenTests.class);
     }
 
+    public final void setUp() throws Exception {
+        super.setUp();
+    }
+
     public void testConstructorRejectsNulls() {
         try {
             new AnonymousAuthenticationToken(null, "Test",
@@ -131,7 +131,7 @@ public class AnonymousAuthenticationTokenTests extends TestCase {
         Class clazz = AnonymousAuthenticationToken.class;
 
         try {
-            clazz.getDeclaredConstructor((Class[])null);
+            clazz.getDeclaredConstructor((Class[]) null);
             fail("Should have thrown NoSuchMethodException");
         } catch (NoSuchMethodException expected) {
             assertTrue(true);

core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousProcessingFilterTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -12,6 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+
 package org.acegisecurity.providers.anonymous;
 
 import junit.framework.TestCase;
@@ -20,9 +21,11 @@ import org.acegisecurity.Authentication;
 import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.GrantedAuthorityImpl;
 import org.acegisecurity.MockFilterConfig;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.TestingAuthenticationToken;
+
 import org.acegisecurity.userdetails.memory.UserAttribute;
 
 import org.springframework.mock.web.MockHttpServletRequest;
@@ -45,6 +48,8 @@ import javax.servlet.ServletResponse;
  * @version $Id$
  */
 public class AnonymousProcessingFilterTests extends TestCase {
+    //~ Constructors ===========================================================
+
     public AnonymousProcessingFilterTests() {
         super();
     }
@@ -53,10 +58,30 @@ public class AnonymousProcessingFilterTests extends TestCase {
         super(arg0);
     }
 
+    //~ Methods ================================================================
+
+    private void executeFilterInContainerSimulator(FilterConfig filterConfig,
+        Filter filter, ServletRequest request, ServletResponse response,
+        FilterChain filterChain) throws ServletException, IOException {
+        filter.init(filterConfig);
+        filter.doFilter(request, response, filterChain);
+        filter.destroy();
+    }
+
     public static void main(String[] args) {
         junit.textui.TestRunner.run(AnonymousProcessingFilterTests.class);
     }
 
+    protected void setUp() throws Exception {
+        super.setUp();
+        SecurityContextHolder.clearContext();
+    }
+
+    protected void tearDown() throws Exception {
+        super.tearDown();
+        SecurityContextHolder.clearContext();
+    }
+
     public void testDetectsMissingKey() throws Exception {
         UserAttribute user = new UserAttribute();
         user.setPassword("anonymousUsername");
@@ -107,7 +132,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
         // Put an Authentication object into the SecurityContextHolder
         Authentication originalAuth = new TestingAuthenticationToken("user",
                 "password",
-                new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_A") });
+                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")});
         SecurityContextHolder.getContext().setAuthentication(originalAuth);
 
         // Setup our filter correctly
@@ -162,23 +187,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
         assertNull(SecurityContextHolder.getContext().getAuthentication());
     }
 
-    protected void setUp() throws Exception {
-        super.setUp();
-        SecurityContextHolder.clearContext();
-    }
-
-    protected void tearDown() throws Exception {
-        super.tearDown();
-        SecurityContextHolder.clearContext();
-    }
-
-    private void executeFilterInContainerSimulator(FilterConfig filterConfig,
-        Filter filter, ServletRequest request, ServletResponse response,
-        FilterChain filterChain) throws ServletException, IOException {
-        filter.init(filterConfig);
-        filter.doFilter(request, response, filterChain);
-        filter.destroy();
-    }
+    //~ Inner Classes ==========================================================
 
     private class MockFilterChain implements FilterChain {
         private boolean expectToProceed;

core/src/test/java/org/acegisecurity/providers/jaas/SecurityContextLoginModuleTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,12 +18,12 @@ package org.acegisecurity.providers.jaas;
 import junit.framework.TestCase;
 
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 
+import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
-import java.util.HashMap;
 
 import javax.security.auth.Subject;
 import javax.security.auth.login.LoginException;
@@ -45,6 +45,17 @@ public class SecurityContextLoginModuleTests extends TestCase {
 
     //~ Methods ================================================================
 
+    protected void setUp() throws Exception {
+        module = new SecurityContextLoginModule();
+        module.initialize(subject, null, null, null);
+        SecurityContextHolder.clearContext();
+    }
+
+    protected void tearDown() throws Exception {
+        SecurityContextHolder.clearContext();
+        module = null;
+    }
+
     public void testAbort() throws Exception {
         assertFalse("Should return false, no auth is set", module.abort());
         SecurityContextHolder.getContext().setAuthentication(auth);
@@ -87,9 +98,9 @@ public class SecurityContextLoginModuleTests extends TestCase {
         try {
             SecurityContextHolder.getContext().setAuthentication(null);
             module.login();
-            fail("LoginException expected, the authentication is null in the SecurityContext");
-        } catch (Exception e) {
-        }
+            fail(
+                "LoginException expected, the authentication is null in the SecurityContext");
+        } catch (Exception e) {}
     }
 
     public void testNullAuthenticationInSecurityContextIgnored()
@@ -107,15 +118,4 @@ public class SecurityContextLoginModuleTests extends TestCase {
     public void testNullLogout() throws Exception {
         assertFalse(module.logout());
     }
-
-    protected void setUp() throws Exception {
-        module = new SecurityContextLoginModule();
-        module.initialize(subject, null, null, null);
-        SecurityContextHolder.clearContext();
-    }
-
-    protected void tearDown() throws Exception {
-        SecurityContextHolder.clearContext();
-        module = null;
-    }
 }

core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagAttributeTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,8 +19,9 @@ import junit.framework.TestCase;
 
 import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.GrantedAuthorityImpl;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.TestingAuthenticationToken;
 
 import javax.servlet.jsp.JspException;
@@ -41,6 +42,21 @@ public class AuthorizeTagAttributeTests extends TestCase {
 
     //~ Methods ================================================================
 
+    protected void setUp() throws Exception {
+        super.setUp();
+
+        currentUser = new TestingAuthenticationToken("abc", "123",
+                new GrantedAuthority[] {new GrantedAuthorityImpl(
+                        "ROLE_SUPERVISOR"), new GrantedAuthorityImpl(
+                        "ROLE_RESTRICTED"),});
+
+        SecurityContextHolder.getContext().setAuthentication(currentUser);
+    }
+
+    protected void tearDown() throws Exception {
+        SecurityContextHolder.clearContext();
+    }
+
     public void testAssertsIfAllGrantedSecond() throws JspException {
         authorizeTag.setIfAllGranted("ROLE_SUPERVISOR,ROLE_SUPERTELLER");
         authorizeTag.setIfAnyGranted("ROLE_RESTRICTED");
@@ -85,19 +101,4 @@ public class AuthorizeTagAttributeTests extends TestCase {
         assertEquals("allows request - principal does not have ROLE_TELLER",
             Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
     }
-
-    protected void setUp() throws Exception {
-        super.setUp();
-
-        currentUser = new TestingAuthenticationToken("abc", "123",
-                new GrantedAuthority[] {new GrantedAuthorityImpl(
-                        "ROLE_SUPERVISOR"), new GrantedAuthorityImpl(
-                        "ROLE_RESTRICTED"),});
-
-        SecurityContextHolder.getContext().setAuthentication(currentUser);
-    }
-
-    protected void tearDown() throws Exception {
-        SecurityContextHolder.clearContext();
-    }
 }

core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagCustomGrantedAuthorityTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,8 +18,9 @@ package org.acegisecurity.taglibs.authz;
 import junit.framework.TestCase;
 
 import org.acegisecurity.GrantedAuthority;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.TestingAuthenticationToken;
 
 import javax.servlet.jsp.JspException;
@@ -40,6 +41,20 @@ public class AuthorizeTagCustomGrantedAuthorityTests extends TestCase {
 
     //~ Methods ================================================================
 
+    protected void setUp() throws Exception {
+        super.setUp();
+
+        currentUser = new TestingAuthenticationToken("abc", "123",
+                new GrantedAuthority[] {new CustomGrantedAuthority(
+                        "ROLE_TELLER")});
+
+        SecurityContextHolder.getContext().setAuthentication(currentUser);
+    }
+
+    protected void tearDown() throws Exception {
+        SecurityContextHolder.clearContext();
+    }
+
     public void testAllowsRequestWhenCustomAuthorityPresentsCorrectRole()
         throws JspException {
         authorizeTag.setIfAnyGranted("ROLE_TELLER");
@@ -50,7 +65,8 @@ public class AuthorizeTagCustomGrantedAuthorityTests extends TestCase {
     public void testRejectsRequestWhenCustomAuthorityReturnsNull()
         throws JspException {
         authorizeTag.setIfAnyGranted("ROLE_TELLER");
-        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(
+        SecurityContextHolder.getContext()
+                             .setAuthentication(new TestingAuthenticationToken(
                 "abc", "123",
                 new GrantedAuthority[] {new CustomGrantedAuthority(null)}));
 
@@ -62,20 +78,6 @@ public class AuthorizeTagCustomGrantedAuthorityTests extends TestCase {
         }
     }
 
-    protected void setUp() throws Exception {
-        super.setUp();
-
-        currentUser = new TestingAuthenticationToken("abc", "123",
-                new GrantedAuthority[] {new CustomGrantedAuthority(
-                        "ROLE_TELLER")});
-
-        SecurityContextHolder.getContext().setAuthentication(currentUser);
-    }
-
-    protected void tearDown() throws Exception {
-        SecurityContextHolder.clearContext();
-    }
-
     //~ Inner Classes ==========================================================
 
     private static class CustomGrantedAuthority implements GrantedAuthority {

core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagExpressionLanguageTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,8 +19,9 @@ import junit.framework.TestCase;
 
 import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.GrantedAuthorityImpl;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.TestingAuthenticationToken;
 
 import org.springframework.mock.web.MockPageContext;
@@ -41,6 +42,22 @@ public class AuthorizeTagExpressionLanguageTests extends TestCase {
 
     //~ Methods ================================================================
 
+    protected void setUp() throws Exception {
+        super.setUp();
+
+        pageContext = new MockPageContext();
+        authorizeTag.setPageContext(pageContext);
+
+        currentUser = new TestingAuthenticationToken("abc", "123",
+                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_TELLER"),});
+
+        SecurityContextHolder.getContext().setAuthentication(currentUser);
+    }
+
+    protected void tearDown() throws Exception {
+        SecurityContextHolder.clearContext();
+    }
+
     public void testAllGrantedUsesExpressionLanguageWhenExpressionIsEL()
         throws JspException {
         pageContext.setAttribute("authority", "ROLE_TELLER");
@@ -67,20 +84,4 @@ public class AuthorizeTagExpressionLanguageTests extends TestCase {
         assertEquals("allows body - authority var contains ROLE_TELLER",
             Tag.SKIP_BODY, authorizeTag.doStartTag());
     }
-
-    protected void setUp() throws Exception {
-        super.setUp();
-
-        pageContext = new MockPageContext();
-        authorizeTag.setPageContext(pageContext);
-
-        currentUser = new TestingAuthenticationToken("abc", "123",
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_TELLER"),});
-
-        SecurityContextHolder.getContext().setAuthentication(currentUser);
-    }
-
-    protected void tearDown() throws Exception {
-        SecurityContextHolder.clearContext();
-    }
 }

core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,8 +19,9 @@ import junit.framework.TestCase;
 
 import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.GrantedAuthorityImpl;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.TestingAuthenticationToken;
 
 import javax.servlet.jsp.JspException;
@@ -41,6 +42,21 @@ public class AuthorizeTagTests extends TestCase {
 
     //~ Methods ================================================================
 
+    protected void setUp() throws Exception {
+        super.setUp();
+
+        currentUser = new TestingAuthenticationToken("abc", "123",
+                new GrantedAuthority[] {new GrantedAuthorityImpl(
+                        "ROLE_SUPERVISOR"), new GrantedAuthorityImpl(
+                        "ROLE_TELLER"),});
+
+        SecurityContextHolder.getContext().setAuthentication(currentUser);
+    }
+
+    protected void tearDown() throws Exception {
+        SecurityContextHolder.clearContext();
+    }
+
     public void testAlwaysReturnsUnauthorizedIfNoUserFound()
         throws JspException {
         SecurityContextHolder.getContext().setAuthentication(null);
@@ -107,19 +123,4 @@ public class AuthorizeTagTests extends TestCase {
         assertEquals("prevents request - principal has ROLE_TELLER",
             Tag.SKIP_BODY, authorizeTag.doStartTag());
     }
-
-    protected void setUp() throws Exception {
-        super.setUp();
-
-        currentUser = new TestingAuthenticationToken("abc", "123",
-                new GrantedAuthority[] {new GrantedAuthorityImpl(
-                        "ROLE_SUPERVISOR"), new GrantedAuthorityImpl(
-                        "ROLE_TELLER"),});
-
-        SecurityContextHolder.getContext().setAuthentication(currentUser);
-    }
-
-    protected void tearDown() throws Exception {
-        SecurityContextHolder.clearContext();
-    }
 }

core/src/test/java/org/acegisecurity/taglibs/velocity/AuthzImplAttributeTest.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,7 +21,6 @@ import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.GrantedAuthorityImpl;
 
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
 
 import org.acegisecurity.providers.TestingAuthenticationToken;
 

core/src/test/java/org/acegisecurity/taglibs/velocity/AuthzImplAuthorizeTagTest.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,7 +21,6 @@ import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.GrantedAuthorityImpl;
 
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
 
 import org.acegisecurity.providers.TestingAuthenticationToken;
 

core/src/test/java/org/acegisecurity/ui/AbstractProcessingFilterTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,9 +24,11 @@ import org.acegisecurity.BadCredentialsException;
 import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.GrantedAuthorityImpl;
 import org.acegisecurity.MockAuthenticationManager;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
+
 import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
 
 import org.springframework.mock.web.MockFilterConfig;
@@ -66,10 +68,39 @@ public class AbstractProcessingFilterTests extends TestCase {
 
     //~ Methods ================================================================
 
+    private MockHttpServletRequest createMockRequest() {
+        MockHttpServletRequest request = new MockHttpServletRequest();
+
+        request.setServletPath("/j_mock_post");
+        request.setScheme("http");
+        request.setServerName("www.example.com");
+        request.setRequestURI("/mycontext/j_mock_post");
+
+        return request;
+    }
+
+    private void executeFilterInContainerSimulator(FilterConfig filterConfig,
+        Filter filter, ServletRequest request, ServletResponse response,
+        FilterChain filterChain) throws ServletException, IOException {
+        filter.init(filterConfig);
+        filter.doFilter(request, response, filterChain);
+        filter.destroy();
+    }
+
     public static void main(String[] args) {
         junit.textui.TestRunner.run(AbstractProcessingFilterTests.class);
     }
 
+    protected void setUp() throws Exception {
+        super.setUp();
+        SecurityContextHolder.clearContext();
+    }
+
+    protected void tearDown() throws Exception {
+        super.tearDown();
+        SecurityContextHolder.clearContext();
+    }
+
     public void testDefaultProcessesFilterUrlWithPathParameter() {
         MockHttpServletRequest request = createMockRequest();
         MockHttpServletResponse response = new MockHttpServletResponse();
@@ -367,7 +398,8 @@ public class AbstractProcessingFilterTests extends TestCase {
         throws Exception {
         // Setup our HTTP request
         MockHttpServletRequest request = createMockRequest();
-        request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY,
+        request.getSession()
+               .setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY,
             "/my-destination");
 
         // Setup our filter configuration
@@ -396,7 +428,8 @@ public class AbstractProcessingFilterTests extends TestCase {
         throws Exception {
         // Setup our HTTP request
         MockHttpServletRequest request = createMockRequest();
-        request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY,
+        request.getSession()
+               .setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY,
             "/my-destination");
 
         // Setup our filter configuration
@@ -417,35 +450,6 @@ public class AbstractProcessingFilterTests extends TestCase {
         assertNotNull(SecurityContextHolder.getContext().getAuthentication());
     }
 
-    protected void setUp() throws Exception {
-        super.setUp();
-        SecurityContextHolder.clearContext();
-    }
-
-    protected void tearDown() throws Exception {
-        super.tearDown();
-        SecurityContextHolder.clearContext();
-    }
-
-    private MockHttpServletRequest createMockRequest() {
-        MockHttpServletRequest request = new MockHttpServletRequest();
-
-        request.setServletPath("/j_mock_post");
-        request.setScheme("http");
-        request.setServerName("www.example.com");
-        request.setRequestURI("/mycontext/j_mock_post");
-
-        return request;
-    }
-
-    private void executeFilterInContainerSimulator(FilterConfig filterConfig,
-        Filter filter, ServletRequest request, ServletResponse response,
-        FilterChain filterChain) throws ServletException, IOException {
-        filter.init(filterConfig);
-        filter.doFilter(request, response, filterChain);
-        filter.destroy();
-    }
-
     //~ Inner Classes ==========================================================
 
     private class MockAbstractProcessingFilter extends AbstractProcessingFilter {
@@ -468,10 +472,6 @@ public class AbstractProcessingFilterTests extends TestCase {
             super();
         }
 
-        public String getDefaultFilterProcessesUrl() {
-            return "/j_mock_post";
-        }
-
         public Authentication attemptAuthentication(HttpServletRequest request)
             throws AuthenticationException {
             if (grantAccess) {
@@ -482,6 +482,10 @@ public class AbstractProcessingFilterTests extends TestCase {
             }
         }
 
+        public String getDefaultFilterProcessesUrl() {
+            return "/j_mock_post";
+        }
+
         public void init(FilterConfig arg0) throws ServletException {}
 
         public boolean requiresAuthentication(HttpServletRequest request,

core/src/test/java/org/acegisecurity/ui/ExceptionTranslationFilterTests.java

@@ -15,13 +15,6 @@
 
 package org.acegisecurity.ui;
 
-import java.io.IOException;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-
 import junit.framework.TestCase;
 
 import org.acegisecurity.AccessDeniedException;
@@ -30,13 +23,23 @@ import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.GrantedAuthorityImpl;
 import org.acegisecurity.MockAuthenticationEntryPoint;
 import org.acegisecurity.MockPortResolver;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken;
+
 import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
+
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+
 
 /**
  * Tests {@link ExceptionTranslationFilter}.

core/src/test/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,29 +17,33 @@ package org.acegisecurity.ui.basicauth;
 
 import org.acegisecurity.MockAuthenticationEntryPoint;
 import org.acegisecurity.MockAuthenticationManager;
-import org.acegisecurity.MockFilterConfig;
 import org.acegisecurity.MockFilterChain;
-import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
-import org.acegisecurity.providers.ProviderManager;
+import org.acegisecurity.MockFilterConfig;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
+import org.acegisecurity.providers.ProviderManager;
+import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
+
 import org.acegisecurity.userdetails.UserDetails;
 import org.acegisecurity.userdetails.memory.InMemoryDaoImpl;
-import org.acegisecurity.userdetails.memory.UserMapEditor;
 import org.acegisecurity.userdetails.memory.UserMap;
+import org.acegisecurity.userdetails.memory.UserMapEditor;
 
 import org.apache.commons.codec.binary.Base64;
 
-import org.springframework.context.ApplicationEventPublisher;
+import org.jmock.Mock;
+import org.jmock.MockObjectTestCase;
+
 import org.springframework.context.ApplicationEvent;
+import org.springframework.context.ApplicationEventPublisher;
+
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.mock.web.MockHttpSession;
 
-import org.jmock.MockObjectTestCase;
-import org.jmock.Mock;
-
 import java.io.IOException;
+
 import java.util.Arrays;
 
 import javax.servlet.Filter;
@@ -55,7 +59,10 @@ import javax.servlet.ServletRequest;
  * @version $Id$
  */
 public class BasicProcessingFilterTests extends MockObjectTestCase {
+    //~ Instance fields ========================================================
+
     private BasicProcessingFilter filter;
+
     //~ Constructors ===========================================================
 
     public BasicProcessingFilterTests() {
@@ -68,6 +75,24 @@ public class BasicProcessingFilterTests extends MockObjectTestCase {
 
     //~ Methods ================================================================
 
+    private MockHttpServletResponse executeFilterInContainerSimulator(
+        Filter filter, ServletRequest request, boolean expectChainToProceed)
+        throws ServletException, IOException {
+        filter.init(new MockFilterConfig());
+
+        MockHttpServletResponse response = new MockHttpServletResponse();
+        Mock mockChain = mock(FilterChain.class);
+        FilterChain chain = (FilterChain) mockChain.proxy();
+
+        mockChain.expects(expectChainToProceed ? once() : never())
+                 .method("doFilter");
+
+        filter.doFilter(request, response, chain);
+        filter.destroy();
+
+        return response;
+    }
+
     public static void main(String[] args) {
         junit.textui.TestRunner.run(BasicProcessingFilterTests.class);
     }
@@ -80,7 +105,7 @@ public class BasicProcessingFilterTests extends MockObjectTestCase {
         InMemoryDaoImpl dao = new InMemoryDaoImpl();
         UserMapEditor editor = new UserMapEditor();
         editor.setAsText("marissa=koala,ROLE_ONE,ROLE_TWO,enabled\r\n");
-        dao.setUserMap((UserMap)editor.getValue());
+        dao.setUserMap((UserMap) editor.getValue());
 
         DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
         provider.setUserDetailsService(dao);
@@ -215,8 +240,8 @@ public class BasicProcessingFilterTests extends MockObjectTestCase {
         throws Exception {
         try {
             BasicProcessingFilter filter = new BasicProcessingFilter();
-            filter.setAuthenticationEntryPoint(
-                    new MockAuthenticationEntryPoint("x"));
+            filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint(
+                    "x"));
             filter.afterPropertiesSet();
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
@@ -253,8 +278,8 @@ public class BasicProcessingFilterTests extends MockObjectTestCase {
         request.setSession(new MockHttpSession());
 
         // Test - the filter chain will not be invoked, as we get a 403 forbidden response
-        MockHttpServletResponse response =
-            executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
@@ -270,35 +295,19 @@ public class BasicProcessingFilterTests extends MockObjectTestCase {
         request.setSession(new MockHttpSession());
 
         // Test - the filter chain will not be invoked, as we get a 403 forbidden response
-        MockHttpServletResponse response =
-            executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
     }
 
-    private MockHttpServletResponse executeFilterInContainerSimulator(Filter filter,
-            ServletRequest request, boolean expectChainToProceed)
-            throws ServletException, IOException {
-        filter.init(new MockFilterConfig());
-        MockHttpServletResponse response = new MockHttpServletResponse();
-        Mock mockChain = mock(FilterChain.class);
-        FilterChain chain = (FilterChain)mockChain.proxy();
-
-        mockChain.expects( expectChainToProceed ? once() : never() ).method("doFilter");
-
-        filter.doFilter(request, response, chain);
-        filter.destroy();
-
-        return response;
-    }
-
-    private class MockApplicationEventPublisher implements ApplicationEventPublisher {
+    //~ Inner Classes ==========================================================
 
-		public MockApplicationEventPublisher() {
-		}
+    private class MockApplicationEventPublisher
+        implements ApplicationEventPublisher {
+        public MockApplicationEventPublisher() {}
 
-    	public void publishEvent(ApplicationEvent event) {
-		}
+        public void publishEvent(ApplicationEvent event) {}
     }
 }

core/src/test/java/org/acegisecurity/ui/digestauth/DigestProcessingFilterTests.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,28 +15,33 @@
 
 package org.acegisecurity.ui.digestauth;
 
-import org.acegisecurity.MockFilterConfig;
 import org.acegisecurity.MockFilterChain;
+import org.acegisecurity.MockFilterConfig;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.dao.cache.NullUserCache;
+
 import org.acegisecurity.userdetails.UserDetails;
 import org.acegisecurity.userdetails.memory.InMemoryDaoImpl;
-import org.acegisecurity.userdetails.memory.UserMapEditor;
 import org.acegisecurity.userdetails.memory.UserMap;
+import org.acegisecurity.userdetails.memory.UserMapEditor;
+
 import org.acegisecurity.util.StringSplitUtils;
 
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.codec.digest.DigestUtils;
 
+import org.jmock.Mock;
+import org.jmock.MockObjectTestCase;
+
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.util.StringUtils;
 
-import org.jmock.MockObjectTestCase;
-import org.jmock.Mock;
+import org.springframework.util.StringUtils;
 
 import java.io.IOException;
+
 import java.util.Map;
 
 import javax.servlet.Filter;
@@ -44,6 +49,7 @@ import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 
+
 /**
  * Tests {@link DigestProcessingFilter}.
  *
@@ -52,6 +58,8 @@ import javax.servlet.ServletRequest;
  * @version $Id$
  */
 public class DigestProcessingFilterTests extends MockObjectTestCase {
+    //~ Static fields/initializers =============================================
+
     private static final String NC = "00000002";
     private static final String CNONCE = "c822c727a648aba7";
     private static final String REALM = "The Correct Realm Name";
@@ -60,19 +68,19 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
     private static final String USERNAME = "marissa";
     private static final String PASSWORD = "koala";
     private static final String REQUEST_URI = "/some_file.html";
+
     /** A standard valid nonce with a validity period of 60 seconds */
     private static final String NONCE = generateNonce(60);
 
+    //~ Instance fields ========================================================
 
-    //~ Instance Fields ========================================================
 //    private ApplicationContext ctx;
     private DigestProcessingFilter filter;
     private MockHttpServletRequest request;
 
     //~ Constructors ===========================================================
 
-    public DigestProcessingFilterTests() {
-    }
+    public DigestProcessingFilterTests() {}
 
     public DigestProcessingFilterTests(String arg0) {
         super(arg0);
@@ -80,6 +88,42 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     //~ Methods ================================================================
 
+    private String createAuthorizationHeader(String username, String realm,
+        String nonce, String uri, String responseDigest, String qop, String nc,
+        String cnonce) {
+        return "Digest username=\"" + username + "\", realm=\"" + realm
+        + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+        + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+        + cnonce + "\"";
+    }
+
+    private MockHttpServletResponse executeFilterInContainerSimulator(
+        Filter filter, ServletRequest request, boolean expectChainToProceed)
+        throws ServletException, IOException {
+        filter.init(new MockFilterConfig());
+
+        MockHttpServletResponse response = new MockHttpServletResponse();
+        Mock mockChain = mock(FilterChain.class);
+        FilterChain chain = (FilterChain) mockChain.proxy();
+
+        mockChain.expects(expectChainToProceed ? once() : never())
+                 .method("doFilter");
+
+        filter.doFilter(request, response, chain);
+        filter.destroy();
+
+        return response;
+    }
+
+    private static String generateNonce(int validitySeconds) {
+        long expiryTime = System.currentTimeMillis() + (validitySeconds * 1000);
+        String signatureValue = new String(DigestUtils.md5Hex(expiryTime + ":"
+                    + KEY));
+        String nonceValue = expiryTime + ":" + signatureValue;
+
+        return new String(Base64.encodeBase64(nonceValue.getBytes()));
+    }
+
     public static void main(String[] args) {
         junit.textui.TestRunner.run(DigestProcessingFilterTests.class);
     }
@@ -87,11 +131,12 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
     protected void setUp() throws Exception {
         super.setUp();
         SecurityContextHolder.clearContext();
+
         // Create User Details Service
         InMemoryDaoImpl dao = new InMemoryDaoImpl();
         UserMapEditor editor = new UserMapEditor();
         editor.setAsText("marissa=koala,ROLE_ONE,ROLE_TWO,enabled\r\n");
-        dao.setUserMap((UserMap)editor.getValue());
+        dao.setUserMap((UserMap) editor.getValue());
 
         DigestProcessingFilterEntryPoint ep = new DigestProcessingFilterEntryPoint();
         ep.setRealmName(REALM);
@@ -140,18 +185,19 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     public void testExpiredNonceReturnsForbiddenWithStaleHeader()
         throws Exception {
-
         String nonce = generateNonce(0);
         String responseDigest = DigestProcessingFilter.generateDigest(false,
-                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC, CNONCE);
+                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC,
+                CNONCE);
 
         request.addHeader("Authorization",
             createAuthorizationHeader(USERNAME, REALM, nonce, REQUEST_URI,
                 responseDigest, QOP, NC, CNONCE));
 
         Thread.sleep(1000); // ensures token expired
-        MockHttpServletResponse response =
-            executeFilterInContainerSimulator(filter, request, false);
+
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
@@ -166,7 +212,6 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     public void testFilterIgnoresRequestsContainingNoAuthorizationHeader()
         throws Exception {
-
         executeFilterInContainerSimulator(filter, request, true);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
@@ -193,8 +238,8 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
         request.addHeader("Authorization",
             "Digest " + new String(Base64.encodeBase64(token.getBytes())));
 
-        MockHttpServletResponse response =
-            executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertEquals(401, response.getStatus());
         assertNull(SecurityContextHolder.getContext().getAuthentication());
@@ -203,8 +248,8 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
     public void testMalformedHeaderReturnsForbidden() throws Exception {
         request.addHeader("Authorization", "Digest scsdcsdc");
 
-        MockHttpServletResponse response =
-            executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
@@ -215,14 +260,15 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
         String nonce = "NOT_BASE_64_ENCODED";
 
         String responseDigest = DigestProcessingFilter.generateDigest(false,
-                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC, CNONCE);
+                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC,
+                CNONCE);
 
         request.addHeader("Authorization",
             createAuthorizationHeader(USERNAME, REALM, nonce, REQUEST_URI,
                 responseDigest, QOP, NC, CNONCE));
 
-        MockHttpServletResponse response =
-            executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
@@ -230,18 +276,18 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     public void testNonceWithIncorrectSignatureForNumericFieldReturnsForbidden()
         throws Exception {
-
         String nonce = new String(Base64.encodeBase64(
                     "123456:incorrectStringPassword".getBytes()));
         String responseDigest = DigestProcessingFilter.generateDigest(false,
-                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC, CNONCE);
+                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC,
+                CNONCE);
 
         request.addHeader("Authorization",
             createAuthorizationHeader(USERNAME, REALM, nonce, REQUEST_URI,
                 responseDigest, QOP, NC, CNONCE));
 
-        MockHttpServletResponse response =
-            executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
@@ -249,18 +295,18 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     public void testNonceWithNonNumericFirstElementReturnsForbidden()
         throws Exception {
-
         String nonce = new String(Base64.encodeBase64(
                     "hello:ignoredSecondElement".getBytes()));
         String responseDigest = DigestProcessingFilter.generateDigest(false,
-                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC, CNONCE);
+                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC,
+                CNONCE);
 
         request.addHeader("Authorization",
             createAuthorizationHeader(USERNAME, REALM, nonce, REQUEST_URI,
                 responseDigest, QOP, NC, CNONCE));
 
-        MockHttpServletResponse response =
-            executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
@@ -268,18 +314,18 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     public void testNonceWithoutTwoColonSeparatedElementsReturnsForbidden()
         throws Exception {
-
         String nonce = new String(Base64.encodeBase64(
                     "a base 64 string without a colon".getBytes()));
         String responseDigest = DigestProcessingFilter.generateDigest(false,
-                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC, CNONCE);
+                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC,
+                CNONCE);
 
         request.addHeader("Authorization",
             createAuthorizationHeader(USERNAME, REALM, nonce, REQUEST_URI,
                 responseDigest, QOP, NC, CNONCE));
 
-        MockHttpServletResponse response =
-            executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
@@ -287,11 +333,11 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     public void testNormalOperationWhenPasswordIsAlreadyEncoded()
         throws Exception {
-
         String encodedPassword = DigestProcessingFilter.encodePasswordInA1Format(USERNAME,
                 REALM, PASSWORD);
         String responseDigest = DigestProcessingFilter.generateDigest(true,
-                USERNAME, REALM, encodedPassword, "GET", REQUEST_URI, QOP, NONCE, NC, CNONCE);
+                USERNAME, REALM, encodedPassword, "GET", REQUEST_URI, QOP,
+                NONCE, NC, CNONCE);
 
         request.addHeader("Authorization",
             createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
@@ -307,9 +353,9 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     public void testNormalOperationWhenPasswordNotAlreadyEncoded()
         throws Exception {
-
         String responseDigest = DigestProcessingFilter.generateDigest(false,
-                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC, CNONCE);
+                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC,
+                CNONCE);
 
         request.addHeader("Authorization",
             createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
@@ -325,7 +371,6 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     public void testOtherAuthorizationSchemeIsIgnored()
         throws Exception {
-
         request.addHeader("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
 
         executeFilterInContainerSimulator(filter, request, true);
@@ -333,37 +378,37 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
         assertNull(SecurityContextHolder.getContext().getAuthentication());
     }
 
-    public void testStartupDetectsMissingUserDetailsService()
+    public void testStartupDetectsMissingAuthenticationEntryPoint()
         throws Exception {
         try {
             DigestProcessingFilter filter = new DigestProcessingFilter();
-            filter.setAuthenticationEntryPoint(new DigestProcessingFilterEntryPoint());
+            filter.setUserDetailsService(new InMemoryDaoImpl());
             filter.afterPropertiesSet();
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
-            assertEquals("A UserDetailsService is required",
+            assertEquals("A DigestProcessingFilterEntryPoint is required",
                 expected.getMessage());
         }
     }
 
-    public void testStartupDetectsMissingAuthenticationEntryPoint()
+    public void testStartupDetectsMissingUserDetailsService()
         throws Exception {
         try {
             DigestProcessingFilter filter = new DigestProcessingFilter();
-            filter.setUserDetailsService(new InMemoryDaoImpl());
+            filter.setAuthenticationEntryPoint(new DigestProcessingFilterEntryPoint());
             filter.afterPropertiesSet();
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
-            assertEquals("A DigestProcessingFilterEntryPoint is required",
+            assertEquals("A UserDetailsService is required",
                 expected.getMessage());
         }
     }
 
     public void testSuccessLoginThenFailureLoginResultsInSessionLosingToken()
         throws Exception {
-
         String responseDigest = DigestProcessingFilter.generateDigest(false,
-                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC, CNONCE);
+                USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC,
+                CNONCE);
 
         request.addHeader("Authorization",
             createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
@@ -375,14 +420,16 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
         // Now retry, giving an invalid nonce
         responseDigest = DigestProcessingFilter.generateDigest(false, USERNAME,
-                REALM, "WRONG_PASSWORD", "GET", REQUEST_URI, QOP, NONCE, NC, CNONCE);
+                REALM, "WRONG_PASSWORD", "GET", REQUEST_URI, QOP, NONCE, NC,
+                CNONCE);
 
         request = new MockHttpServletRequest();
         request.addHeader("Authorization",
             createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
                 responseDigest, QOP, NC, CNONCE));
-        MockHttpServletResponse response =
-                executeFilterInContainerSimulator(filter, request, false);
+
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         // Check we lost our previous authentication
         assertNull(SecurityContextHolder.getContext().getAuthentication());
@@ -391,7 +438,6 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     public void testWrongCnonceBasedOnDigestReturnsForbidden()
         throws Exception {
-
         String cnonce = "NOT_SAME_AS_USED_FOR_DIGEST_COMPUTATION";
 
         String responseDigest = DigestProcessingFilter.generateDigest(false,
@@ -402,15 +448,14 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
             createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
                 responseDigest, QOP, NC, cnonce));
 
-        MockHttpServletResponse response =
-                executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
     }
 
     public void testWrongDigestReturnsForbidden() throws Exception {
-
         String password = "WRONG_PASSWORD";
         String responseDigest = DigestProcessingFilter.generateDigest(false,
                 USERNAME, REALM, password, "GET", REQUEST_URI, QOP, NONCE, NC,
@@ -420,8 +465,8 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
             createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
                 responseDigest, QOP, NC, CNONCE));
 
-        MockHttpServletResponse response =
-                executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
@@ -437,8 +482,8 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
             createAuthorizationHeader(USERNAME, realm, NONCE, REQUEST_URI,
                 responseDigest, QOP, NC, CNONCE));
 
-        MockHttpServletResponse response =
-             executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
@@ -446,49 +491,17 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
 
     public void testWrongUsernameReturnsForbidden() throws Exception {
         String responseDigest = DigestProcessingFilter.generateDigest(false,
-                "NOT_A_KNOWN_USER", REALM, PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC,
-                CNONCE);
+                "NOT_A_KNOWN_USER", REALM, PASSWORD, "GET", REQUEST_URI, QOP,
+                NONCE, NC, CNONCE);
 
         request.addHeader("Authorization",
             createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
                 responseDigest, QOP, NC, CNONCE));
 
-        MockHttpServletResponse response =
-                executeFilterInContainerSimulator(filter, request, false);
+        MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
+                request, false);
 
         assertNull(SecurityContextHolder.getContext().getAuthentication());
         assertEquals(401, response.getStatus());
     }
-
-    private String createAuthorizationHeader(String username, String realm,
-                                             String nonce, String uri, String responseDigest, String qop, String nc,
-                                             String cnonce) {
-        return "Digest username=\"" + username + "\", realm=\"" + realm
-        + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-        + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-        + cnonce + "\"";
-    }
-
-    private MockHttpServletResponse executeFilterInContainerSimulator(Filter filter,
-            ServletRequest request, boolean expectChainToProceed)
-            throws ServletException, IOException {
-        filter.init(new MockFilterConfig());
-        MockHttpServletResponse response = new MockHttpServletResponse();
-        Mock mockChain = mock(FilterChain.class);
-        FilterChain chain = (FilterChain)mockChain.proxy();
-
-        mockChain.expects( expectChainToProceed ? once() : never() ).method("doFilter");
-
-        filter.doFilter(request, response, chain);
-        filter.destroy();
-
-        return response;
-    }
-
-    private static String generateNonce(int validitySeconds) {
-        long expiryTime = System.currentTimeMillis() + (validitySeconds * 1000);
-        String signatureValue = new String(DigestUtils.md5Hex(expiryTime + ":" + KEY));
-        String nonceValue = expiryTime + ":" + signatureValue;
-        return new String(Base64.encodeBase64( nonceValue.getBytes() ));
-    }
 }

core/src/test/java/org/acegisecurity/ui/rememberme/RememberMeProcessingFilterTests.java

@@ -24,7 +24,6 @@ import org.acegisecurity.MockAuthenticationManager;
 import org.acegisecurity.MockFilterConfig;
 
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
 
 import org.acegisecurity.providers.TestingAuthenticationToken;
 

samples/contacts/src/main/java/sample/contact/ClientApplication.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,8 +16,9 @@
 package sample.contact;
 
 import org.acegisecurity.Authentication;
+
 import org.acegisecurity.context.SecurityContextHolder;
-import org.acegisecurity.context.SecurityContextImpl;
+
 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 
 import org.springframework.beans.factory.ListableBeanFactory;
@@ -75,7 +76,8 @@ public class ClientApplication {
                     "Trying to find setUsername(String) method on: "
                     + object.getClass().getName());
 
-                Method method = object.getClass().getMethod("setUsername",
+                Method method = object.getClass()
+                                      .getMethod("setUsername",
                         new Class[] {String.class});
                 System.out.println("Found; Trying to setUsername(String) to "
                     + authentication.getPrincipal());
@@ -95,7 +97,8 @@ public class ClientApplication {
                     "Trying to find setPassword(String) method on: "
                     + object.getClass().getName());
 
-                Method method = object.getClass().getMethod("setPassword",
+                Method method = object.getClass()
+                                      .getMethod("setPassword",
                         new Class[] {String.class});
                 method.invoke(object,
                     new Object[] {authentication.getCredentials()});

sandbox/src/main/java/org/acegisecurity/providers/ldap/authenticator/controls/PasswordPolicyControlFactory.java

@@ -1,35 +1,50 @@
-package org.acegisecurity.providers.ldap.authenticator.controls;
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
+package org.acegisecurity.providers.ldap.authenticator.controls;
 
 import javax.naming.ldap.Control;
 import javax.naming.ldap.ControlFactory;
 
+
 /**
  * Transforms a control object to a PasswordPolicyResponseControl object, if
- * appropriate. 
+ * appropriate.
  *
  * @author Stefan Zoerner
  * @author Luke Taylor
  * @version $Id$
  */
 public class PasswordPolicyControlFactory extends ControlFactory {
+    //~ Methods ================================================================
 
     /**
      * Creates an instance of PasswordPolicyResponseControl if the passed
-     * control is a response control of this type. Attributes of the result are
-     * filled with the correct values (e.g. error code).
-     * 
+     * control is a response control of this type. Attributes of the result
+     * are filled with the correct values (e.g. error code).
+     *
      * @param ctl the control the check
-     * @return a response control of type PasswordPolicyResponseControl, or null
+     *
+     * @return a response control of type PasswordPolicyResponseControl, or
+     *         null
      */
     public Control getControlInstance(Control ctl) {
-
         if (ctl.getID().equals(PasswordPolicyControl.OID)) {
             return new PasswordPolicyResponseControl(ctl.getEncodedValue());
         }
 
         return null;
     }
-}
+}

sandbox/src/main/java/org/acegisecurity/providers/ldap/authenticator/controls/PasswordPolicyResponseControlTests.java

@@ -1,14 +1,22 @@
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.acegisecurity.providers.ldap.authenticator.controls;
 
 import junit.framework.TestCase;
 
-import javax.naming.Context;
-import javax.naming.NamingException;
-import javax.naming.ldap.Control;
-import javax.naming.ldap.InitialLdapContext;
-import javax.naming.ldap.LdapContext;
-import java.util.Hashtable;
-
 
 /**
  * Tests for <tt>PasswordPolicyResponse</tt>.
@@ -17,8 +25,12 @@ import java.util.Hashtable;
  * @version $Id$
  */
 public class PasswordPolicyResponseControlTests extends TestCase {
+    //~ Methods ================================================================
+
+    /**
+     * Useful method for obtaining data from a server for use in tests
+     */
 
-    /** Useful method for obtaining data from a server for use in tests */
 //    public void testAgainstServer() throws Exception {
 //        Hashtable env = new Hashtable();
 //        env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
@@ -60,54 +72,48 @@ public class PasswordPolicyResponseControlTests extends TestCase {
 //
 //        return null;
 //    }
-
-
     public void testOpenLDAP33SecondsTillPasswordExpiryCtrlIsParsedCorrectly() {
-        byte[] ctrlBytes = {0x30, 0x05, (byte)0xA0, 0x03, (byte)0xA0, 0x1, 0x21};
+        byte[] ctrlBytes = {0x30, 0x05, (byte) 0xA0, 0x03, (byte) 0xA0, 0x1, 0x21};
 
         PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
 
         assertTrue(ctrl.hasWarning());
         assertEquals(33, ctrl.getTimeBeforeExpiration());
-
     }
 
-    public void testOpenLDAPPasswordExpiredCtrlIsParsedCorrectly() {
-        byte[] ctrlBytes = {0x30, 0x03, (byte)0xA1, 0x01, 0x00};
+    public void testOpenLDAP496GraceLoginsRemainingCtrlIsParsedCorrectly() {
+        byte[] ctrlBytes = {0x30, 0x06, (byte) 0xA0, 0x04, (byte) 0xA1, 0x02, 0x01, (byte) 0xF0};
 
         PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
 
-        assertTrue(ctrl.hasError() && ctrl.isExpired());
-        assertFalse(ctrl.hasWarning());
-
+        assertTrue(ctrl.hasWarning());
+        assertEquals(496, ctrl.getGraceLoginsRemaining());
     }
 
-    public void testOpenLDAPAccountLockedCtrlIsParsedCorrectly() {
-        byte[] ctrlBytes = {0x30, 0x03, (byte)0xA1, 0x01, 0x01};
+    public void testOpenLDAP5GraceLoginsRemainingCtrlIsParsedCorrectly() {
+        byte[] ctrlBytes = {0x30, 0x05, (byte) 0xA0, 0x03, (byte) 0xA1, 0x01, 0x05};
 
         PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
 
-        assertTrue(ctrl.hasError() && ctrl.isLocked());
-        assertFalse(ctrl.hasWarning());
-
+        assertTrue(ctrl.hasWarning());
+        assertEquals(5, ctrl.getGraceLoginsRemaining());
     }
 
-    public void testOpenLDAP5GraceLoginsRemainingCtrlIsParsedCorrectly() {
-        byte[] ctrlBytes = {0x30, 0x05, (byte)0xA0, 0x03, (byte)0xA1, 0x01, 0x05};
+    public void testOpenLDAPAccountLockedCtrlIsParsedCorrectly() {
+        byte[] ctrlBytes = {0x30, 0x03, (byte) 0xA1, 0x01, 0x01};
 
         PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
 
-        assertTrue(ctrl.hasWarning());
-        assertEquals(5, ctrl.getGraceLoginsRemaining());
+        assertTrue(ctrl.hasError() && ctrl.isLocked());
+        assertFalse(ctrl.hasWarning());
     }
 
-    public void testOpenLDAP496GraceLoginsRemainingCtrlIsParsedCorrectly() {
-        byte[] ctrlBytes = {0x30, 0x06, (byte)0xA0, 0x04, (byte)0xA1, 0x02, 0x01, (byte)0xF0};
+    public void testOpenLDAPPasswordExpiredCtrlIsParsedCorrectly() {
+        byte[] ctrlBytes = {0x30, 0x03, (byte) 0xA1, 0x01, 0x00};
 
         PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
 
-        assertTrue(ctrl.hasWarning());
-        assertEquals(496, ctrl.getGraceLoginsRemaining());
+        assertTrue(ctrl.hasError() && ctrl.isExpired());
+        assertFalse(ctrl.hasWarning());
     }
-
-}
+}

sandbox/src/main/java/org/acegisecurity/providers/smb/NtlmAuthenticationToken.java

@@ -20,7 +20,6 @@ import jcifs.UniAddress;
 import jcifs.smb.NtlmPasswordAuthentication;
 
 import org.acegisecurity.Authentication;
-import org.acegisecurity.GrantedAuthority;
 
 import org.acegisecurity.providers.AbstractAuthenticationToken;