před 3 týdny · eedcec9d5c
--- a/access/spring-security-access.gradle
+++ b/access/spring-security-access.gradle
@@ -0,0 +1,42 @@
 
				+apply plugin: 'io.spring.convention.spring-module'
			
 
				+
			
 
				+dependencies {
			
 
				+	management platform(project(":spring-security-dependencies"))
			
 
				+	api project(':spring-security-crypto')
			
 
				+	api project(':spring-security-core')
			
 
				+	api 'org.springframework:spring-aop'
			
 
				+	api 'org.springframework:spring-beans'
			
 
				+	api 'org.springframework:spring-context'
			
 
				+	api 'org.springframework:spring-core'
			
 
				+	api 'org.springframework:spring-expression'
			
 
				+	api 'io.micrometer:micrometer-observation'
			
 
				+
			
 
				+	optional 'com.fasterxml.jackson.core:jackson-databind'
			
 
				+	optional 'io.micrometer:context-propagation'
			
 
				+	optional 'io.projectreactor:reactor-core'
			
 
				+	optional 'jakarta.annotation:jakarta.annotation-api'
			
 
				+	optional 'org.aspectj:aspectjrt'
			
 
				+	optional 'org.springframework:spring-jdbc'
			
 
				+	optional 'org.springframework:spring-tx'
			
 
				+	optional 'org.jetbrains.kotlinx:kotlinx-coroutines-reactor'
			
 
				+
			
 
				+	testImplementation 'commons-collections:commons-collections'
			
 
				+	testImplementation 'io.projectreactor:reactor-test'
			
 
				+	testImplementation "org.assertj:assertj-core"
			
 
				+	testImplementation "org.junit.jupiter:junit-jupiter-api"
			
 
				+	testImplementation "org.junit.jupiter:junit-jupiter-params"
			
 
				+	testImplementation "org.junit.jupiter:junit-jupiter-engine"
			
 
				+	testImplementation "org.mockito:mockito-core"
			
 
				+	testImplementation "org.mockito:mockito-junit-jupiter"
			
 
				+	testImplementation "org.springframework:spring-core-test"
			
 
				+	testImplementation "org.springframework:spring-test"
			
 
				+	testImplementation 'org.skyscreamer:jsonassert'
			
 
				+	testImplementation 'org.springframework:spring-test'
			
 
				+	testImplementation 'org.jetbrains.kotlin:kotlin-reflect'
			
 
				+	testImplementation 'org.jetbrains.kotlin:kotlin-stdlib-jdk8'
			
 
				+	testImplementation 'io.mockk:mockk'
			
 
				+
			
 
				+	testRuntimeOnly 'org.hsqldb:hsqldb'
			
 
				+	testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
			
 
				+}
			
 
				+
			
--- a/access/src/main/java/org/springframework/security/access/AccessDecisionManager.java
+++ b/access/src/main/java/org/springframework/security/access/AccessDecisionManager.java
--- a/access/src/main/java/org/springframework/security/access/AccessDecisionVoter.java
+++ b/access/src/main/java/org/springframework/security/access/AccessDecisionVoter.java
--- a/access/src/main/java/org/springframework/security/access/AfterInvocationProvider.java
+++ b/access/src/main/java/org/springframework/security/access/AfterInvocationProvider.java
--- a/access/src/main/java/org/springframework/security/access/ConfigAttribute.java
+++ b/access/src/main/java/org/springframework/security/access/ConfigAttribute.java
--- a/access/src/main/java/org/springframework/security/access/SecurityConfig.java
+++ b/access/src/main/java/org/springframework/security/access/SecurityConfig.java
--- a/access/src/main/java/org/springframework/security/access/SecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/SecurityMetadataSource.java
--- a/access/src/main/java/org/springframework/security/access/annotation/AnnotationMetadataExtractor.java
+++ b/access/src/main/java/org/springframework/security/access/annotation/AnnotationMetadataExtractor.java
--- a/access/src/main/java/org/springframework/security/access/annotation/Jsr250MethodSecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/annotation/Jsr250MethodSecurityMetadataSource.java
--- a/access/src/main/java/org/springframework/security/access/annotation/Jsr250SecurityConfig.java
+++ b/access/src/main/java/org/springframework/security/access/annotation/Jsr250SecurityConfig.java
--- a/access/src/main/java/org/springframework/security/access/annotation/Jsr250Voter.java
+++ b/access/src/main/java/org/springframework/security/access/annotation/Jsr250Voter.java
--- a/access/src/main/java/org/springframework/security/access/annotation/SecuredAnnotationSecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/annotation/SecuredAnnotationSecurityMetadataSource.java
--- a/access/src/main/java/org/springframework/security/access/annotation/package-info.java
+++ b/access/src/main/java/org/springframework/security/access/annotation/package-info.java
@@ -0,0 +1,23 @@
 
				+/*
			
 
				+ * Copyright 2004-present the original author or authors.
			
 
				+ *
			
 
				+ * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				+ * you may not use this file except in compliance with the License.
			
 
				+ * You may obtain a copy of the License at
			
 
				+ *
			
 
				+ *      https://www.apache.org/licenses/LICENSE-2.0
			
 
				+ *
			
 
				+ * Unless required by applicable law or agreed to in writing, software
			
 
				+ * distributed under the License is distributed on an "AS IS" BASIS,
			
 
				+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				+ * See the License for the specific language governing permissions and
			
 
				+ * limitations under the License.
			
 
				+ */
			
 
				+
			
 
				+/**
			
 
				+ * Support for JSR-250 and Spring Security {@code @Secured} annotations.
			
 
				+ */
			
 
				+@NullMarked
			
 
				+package org.springframework.security.access.annotation;
			
 
				+
			
 
				+import org.jspecify.annotations.NullMarked;
			
--- a/access/src/main/java/org/springframework/security/access/event/AbstractAuthorizationEvent.java
+++ b/access/src/main/java/org/springframework/security/access/event/AbstractAuthorizationEvent.java
--- a/access/src/main/java/org/springframework/security/access/event/AuthenticationCredentialsNotFoundEvent.java
+++ b/access/src/main/java/org/springframework/security/access/event/AuthenticationCredentialsNotFoundEvent.java
--- a/access/src/main/java/org/springframework/security/access/event/AuthorizationFailureEvent.java
+++ b/access/src/main/java/org/springframework/security/access/event/AuthorizationFailureEvent.java
--- a/access/src/main/java/org/springframework/security/access/event/AuthorizedEvent.java
+++ b/access/src/main/java/org/springframework/security/access/event/AuthorizedEvent.java
--- a/access/src/main/java/org/springframework/security/access/event/LoggerListener.java
+++ b/access/src/main/java/org/springframework/security/access/event/LoggerListener.java
--- a/access/src/main/java/org/springframework/security/access/event/PublicInvocationEvent.java
+++ b/access/src/main/java/org/springframework/security/access/event/PublicInvocationEvent.java
--- a/access/src/main/java/org/springframework/security/access/event/package-info.java
+++ b/access/src/main/java/org/springframework/security/access/event/package-info.java
--- a/access/src/main/java/org/springframework/security/access/expression/method/AbstractExpressionBasedMethodConfigAttribute.java
+++ b/access/src/main/java/org/springframework/security/access/expression/method/AbstractExpressionBasedMethodConfigAttribute.java
--- a/access/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedAnnotationAttributeFactory.java
+++ b/access/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedAnnotationAttributeFactory.java
--- a/access/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedPostInvocationAdvice.java
+++ b/access/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedPostInvocationAdvice.java
--- a/access/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdvice.java
+++ b/access/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdvice.java
--- a/access/src/main/java/org/springframework/security/access/expression/method/PostInvocationExpressionAttribute.java
+++ b/access/src/main/java/org/springframework/security/access/expression/method/PostInvocationExpressionAttribute.java
--- a/access/src/main/java/org/springframework/security/access/expression/method/PreInvocationExpressionAttribute.java
+++ b/access/src/main/java/org/springframework/security/access/expression/method/PreInvocationExpressionAttribute.java
--- a/access/src/main/java/org/springframework/security/access/expression/method/package-info.java
+++ b/access/src/main/java/org/springframework/security/access/expression/method/package-info.java
@@ -0,0 +1,25 @@
 
				+/*
			
 
				+ * Copyright 2004-present the original author or authors.
			
 
				+ *
			
 
				+ * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				+ * you may not use this file except in compliance with the License.
			
 
				+ * You may obtain a copy of the License at
			
 
				+ *
			
 
				+ *      https://www.apache.org/licenses/LICENSE-2.0
			
 
				+ *
			
 
				+ * Unless required by applicable law or agreed to in writing, software
			
 
				+ * distributed under the License is distributed on an "AS IS" BASIS,
			
 
				+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				+ * See the License for the specific language governing permissions and
			
 
				+ * limitations under the License.
			
 
				+ */
			
 
				+
			
 
				+/**
			
 
				+ * Implementation of expression-based method security.
			
 
				+ *
			
 
				+ * @since 3.0
			
 
				+ */
			
 
				+@NullMarked
			
 
				+package org.springframework.security.access.expression.method;
			
 
				+
			
 
				+import org.jspecify.annotations.NullMarked;
			
--- a/access/src/main/java/org/springframework/security/access/intercept/AbstractSecurityInterceptor.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/AbstractSecurityInterceptor.java
--- a/access/src/main/java/org/springframework/security/access/intercept/AfterInvocationManager.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/AfterInvocationManager.java
--- a/access/src/main/java/org/springframework/security/access/intercept/AfterInvocationProviderManager.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/AfterInvocationProviderManager.java
--- a/access/src/main/java/org/springframework/security/access/intercept/InterceptorStatusToken.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/InterceptorStatusToken.java
--- a/access/src/main/java/org/springframework/security/access/intercept/MethodInvocationPrivilegeEvaluator.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/MethodInvocationPrivilegeEvaluator.java
--- a/access/src/main/java/org/springframework/security/access/intercept/NullRunAsManager.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/NullRunAsManager.java
--- a/access/src/main/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProvider.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProvider.java
--- a/access/src/main/java/org/springframework/security/access/intercept/RunAsManager.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/RunAsManager.java
--- a/access/src/main/java/org/springframework/security/access/intercept/RunAsManagerImpl.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/RunAsManagerImpl.java
--- a/access/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java
--- a/access/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptor.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptor.java
--- a/access/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityMetadataSourceAdvisor.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityMetadataSourceAdvisor.java
--- a/access/src/main/java/org/springframework/security/access/intercept/aopalliance/package-info.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/aopalliance/package-info.java
--- a/access/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJCallback.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJCallback.java
--- a/access/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJMethodSecurityInterceptor.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/aspectj/AspectJMethodSecurityInterceptor.java
--- a/access/src/main/java/org/springframework/security/access/intercept/aspectj/MethodInvocationAdapter.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/aspectj/MethodInvocationAdapter.java
--- a/access/src/main/java/org/springframework/security/access/intercept/aspectj/package-info.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/aspectj/package-info.java
--- a/access/src/main/java/org/springframework/security/access/intercept/package-info.java
+++ b/access/src/main/java/org/springframework/security/access/intercept/package-info.java
--- a/access/src/main/java/org/springframework/security/access/method/AbstractFallbackMethodSecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/method/AbstractFallbackMethodSecurityMetadataSource.java
--- a/access/src/main/java/org/springframework/security/access/method/AbstractMethodSecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/method/AbstractMethodSecurityMetadataSource.java
--- a/access/src/main/java/org/springframework/security/access/method/DelegatingMethodSecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/method/DelegatingMethodSecurityMetadataSource.java
--- a/access/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java
--- a/access/src/main/java/org/springframework/security/access/method/MethodSecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/method/MethodSecurityMetadataSource.java
--- a/access/src/main/java/org/springframework/security/access/method/P.java
+++ b/access/src/main/java/org/springframework/security/access/method/P.java
--- a/access/src/main/java/org/springframework/security/access/method/package-info.java
+++ b/access/src/main/java/org/springframework/security/access/method/package-info.java
--- a/access/src/main/java/org/springframework/security/access/package-info.java
+++ b/access/src/main/java/org/springframework/security/access/package-info.java
@@ -0,0 +1,27 @@
 
				+/*
			
 
				+ * Copyright 2004-present the original author or authors.
			
 
				+ *
			
 
				+ * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				+ * you may not use this file except in compliance with the License.
			
 
				+ * You may obtain a copy of the License at
			
 
				+ *
			
 
				+ *      https://www.apache.org/licenses/LICENSE-2.0
			
 
				+ *
			
 
				+ * Unless required by applicable law or agreed to in writing, software
			
 
				+ * distributed under the License is distributed on an "AS IS" BASIS,
			
 
				+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				+ * See the License for the specific language governing permissions and
			
 
				+ * limitations under the License.
			
 
				+ */
			
 
				+
			
 
				+/**
			
 
				+ * Core access-control related code, including security metadata related classes,
			
 
				+ * interception code, access control annotations, EL support and voter-based
			
 
				+ * implementations of the central
			
 
				+ * {@link org.springframework.security.access.AccessDecisionManager AccessDecisionManager}
			
 
				+ * interface.
			
 
				+ */
			
 
				+@NullMarked
			
 
				+package org.springframework.security.access;
			
 
				+
			
 
				+import org.jspecify.annotations.NullMarked;
			
--- a/access/src/main/java/org/springframework/security/access/prepost/PostInvocationAdviceProvider.java
+++ b/access/src/main/java/org/springframework/security/access/prepost/PostInvocationAdviceProvider.java
--- a/access/src/main/java/org/springframework/security/access/prepost/PostInvocationAttribute.java
+++ b/access/src/main/java/org/springframework/security/access/prepost/PostInvocationAttribute.java
--- a/access/src/main/java/org/springframework/security/access/prepost/PostInvocationAuthorizationAdvice.java
+++ b/access/src/main/java/org/springframework/security/access/prepost/PostInvocationAuthorizationAdvice.java
--- a/access/src/main/java/org/springframework/security/access/prepost/PreInvocationAttribute.java
+++ b/access/src/main/java/org/springframework/security/access/prepost/PreInvocationAttribute.java
--- a/access/src/main/java/org/springframework/security/access/prepost/PreInvocationAuthorizationAdvice.java
+++ b/access/src/main/java/org/springframework/security/access/prepost/PreInvocationAuthorizationAdvice.java
--- a/access/src/main/java/org/springframework/security/access/prepost/PreInvocationAuthorizationAdviceVoter.java
+++ b/access/src/main/java/org/springframework/security/access/prepost/PreInvocationAuthorizationAdviceVoter.java
--- a/access/src/main/java/org/springframework/security/access/prepost/PrePostAdviceReactiveMethodInterceptor.java
+++ b/access/src/main/java/org/springframework/security/access/prepost/PrePostAdviceReactiveMethodInterceptor.java
--- a/access/src/main/java/org/springframework/security/access/prepost/PrePostAnnotationSecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/prepost/PrePostAnnotationSecurityMetadataSource.java
--- a/access/src/main/java/org/springframework/security/access/prepost/PrePostInvocationAttributeFactory.java
+++ b/access/src/main/java/org/springframework/security/access/prepost/PrePostInvocationAttributeFactory.java
--- a/access/src/main/java/org/springframework/security/access/prepost/package-info.java
+++ b/access/src/main/java/org/springframework/security/access/prepost/package-info.java
@@ -0,0 +1,27 @@
 
				+/*
			
 
				+ * Copyright 2004-present the original author or authors.
			
 
				+ *
			
 
				+ * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				+ * you may not use this file except in compliance with the License.
			
 
				+ * You may obtain a copy of the License at
			
 
				+ *
			
 
				+ *      https://www.apache.org/licenses/LICENSE-2.0
			
 
				+ *
			
 
				+ * Unless required by applicable law or agreed to in writing, software
			
 
				+ * distributed under the License is distributed on an "AS IS" BASIS,
			
 
				+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				+ * See the License for the specific language governing permissions and
			
 
				+ * limitations under the License.
			
 
				+ */
			
 
				+
			
 
				+/**
			
 
				+ * Contains the infrastructure classes for handling the {@code @PreAuthorize},
			
 
				+ * {@code @PreFilter}, {@code @PostAuthorize} and {@code @PostFilter} annotations.
			
 
				+ * <p>
			
 
				+ * Other than the annotations themselves, the classes should be regarded as for internal
			
 
				+ * framework use and are liable to change without notice.
			
 
				+ */
			
 
				+@NullMarked
			
 
				+package org.springframework.security.access.prepost;
			
 
				+
			
 
				+import org.jspecify.annotations.NullMarked;
			
--- a/access/src/main/java/org/springframework/security/access/vote/AbstractAccessDecisionManager.java
+++ b/access/src/main/java/org/springframework/security/access/vote/AbstractAccessDecisionManager.java
--- a/access/src/main/java/org/springframework/security/access/vote/AbstractAclVoter.java
+++ b/access/src/main/java/org/springframework/security/access/vote/AbstractAclVoter.java
--- a/access/src/main/java/org/springframework/security/access/vote/AffirmativeBased.java
+++ b/access/src/main/java/org/springframework/security/access/vote/AffirmativeBased.java
--- a/access/src/main/java/org/springframework/security/access/vote/AuthenticatedVoter.java
+++ b/access/src/main/java/org/springframework/security/access/vote/AuthenticatedVoter.java
--- a/access/src/main/java/org/springframework/security/access/vote/ConsensusBased.java
+++ b/access/src/main/java/org/springframework/security/access/vote/ConsensusBased.java
--- a/access/src/main/java/org/springframework/security/access/vote/RoleHierarchyVoter.java
+++ b/access/src/main/java/org/springframework/security/access/vote/RoleHierarchyVoter.java
--- a/access/src/main/java/org/springframework/security/access/vote/RoleVoter.java
+++ b/access/src/main/java/org/springframework/security/access/vote/RoleVoter.java
--- a/access/src/main/java/org/springframework/security/access/vote/UnanimousBased.java
+++ b/access/src/main/java/org/springframework/security/access/vote/UnanimousBased.java
--- a/access/src/main/java/org/springframework/security/access/vote/package-info.java
+++ b/access/src/main/java/org/springframework/security/access/vote/package-info.java
--- a/access/src/test/java/org/springframework/security/access/AuthenticationCredentialsNotFoundEventTests.java
+++ b/access/src/test/java/org/springframework/security/access/AuthenticationCredentialsNotFoundEventTests.java
--- a/access/src/test/java/org/springframework/security/access/AuthorizationFailureEventTests.java
+++ b/access/src/test/java/org/springframework/security/access/AuthorizationFailureEventTests.java
--- a/access/src/test/java/org/springframework/security/access/AuthorizedEventTests.java
+++ b/access/src/test/java/org/springframework/security/access/AuthorizedEventTests.java
--- a/access/src/test/java/org/springframework/security/access/ITargetObject.java
+++ b/access/src/test/java/org/springframework/security/access/ITargetObject.java
@@ -0,0 +1,36 @@
 
				+/*
			
 
				+ * Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
			
 
				+ *
			
 
				+ * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				+ * you may not use this file except in compliance with the License.
			
 
				+ * You may obtain a copy of the License at
			
 
				+ *
			
 
				+ *      https://www.apache.org/licenses/LICENSE-2.0
			
 
				+ *
			
 
				+ * Unless required by applicable law or agreed to in writing, software
			
 
				+ * distributed under the License is distributed on an "AS IS" BASIS,
			
 
				+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				+ * See the License for the specific language governing permissions and
			
 
				+ * limitations under the License.
			
 
				+ */
			
 
				+
			
 
				+package org.springframework.security.access;
			
 
				+
			
 
				+/**
			
 
				+ * Represents the interface of a secured object.
			
 
				+ *
			
 
				+ * @author Ben Alex
			
 
				+ */
			
 
				+public interface ITargetObject {
			
 
				+
			
 
				+	Integer computeHashCode(String input);
			
 
				+
			
 
				+	int countLength(String input);
			
 
				+
			
 
				+	String makeLowerCase(String input);
			
 
				+
			
 
				+	String makeUpperCase(String input);
			
 
				+
			
 
				+	String publicMakeLowerCase(String input);
			
 
				+
			
 
				+}
			
--- a/access/src/test/java/org/springframework/security/access/OtherTargetObject.java
+++ b/access/src/test/java/org/springframework/security/access/OtherTargetObject.java
@@ -0,0 +1,53 @@
 
				+/*
			
 
				+ * Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
			
 
				+ *
			
 
				+ * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				+ * you may not use this file except in compliance with the License.
			
 
				+ * You may obtain a copy of the License at
			
 
				+ *
			
 
				+ *      https://www.apache.org/licenses/LICENSE-2.0
			
 
				+ *
			
 
				+ * Unless required by applicable law or agreed to in writing, software
			
 
				+ * distributed under the License is distributed on an "AS IS" BASIS,
			
 
				+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				+ * See the License for the specific language governing permissions and
			
 
				+ * limitations under the License.
			
 
				+ */
			
 
				+
			
 
				+package org.springframework.security.access;
			
 
				+
			
 
				+/**
			
 
				+ * Simply extends {@link TargetObject} so we have a different object to put configuration
			
 
				+ * attributes against.
			
 
				+ * <P>
			
 
				+ * There is no different behaviour. We have to define each method so that
			
 
				+ * <code>Class.getMethod(methodName, args)</code> returns a <code>Method</code>
			
 
				+ * referencing this class rather than the parent class.
			
 
				+ * </p>
			
 
				+ * <P>
			
 
				+ * We need to implement <code>ITargetObject</code> again because the
			
 
				+ * <code>MethodDefinitionAttributes</code> only locates attributes on interfaces
			
 
				+ * explicitly defined by the intercepted class (not the interfaces defined by its parent
			
 
				+ * class or classes).
			
 
				+ * </p>
			
 
				+ *
			
 
				+ * @author Ben Alex
			
 
				+ */
			
 
				+public class OtherTargetObject extends TargetObject implements ITargetObject {
			
 
				+
			
 
				+	@Override
			
 
				+	public String makeLowerCase(String input) {
			
 
				+		return super.makeLowerCase(input);
			
 
				+	}
			
 
				+
			
 
				+	@Override
			
 
				+	public String makeUpperCase(String input) {
			
 
				+		return super.makeUpperCase(input);
			
 
				+	}
			
 
				+
			
 
				+	@Override
			
 
				+	public String publicMakeLowerCase(String input) {
			
 
				+		return super.publicMakeLowerCase(input);
			
 
				+	}
			
 
				+
			
 
				+}
			
--- a/access/src/test/java/org/springframework/security/access/SecurityConfigTests.java
+++ b/access/src/test/java/org/springframework/security/access/SecurityConfigTests.java
--- a/access/src/test/java/org/springframework/security/access/TargetObject.java
+++ b/access/src/test/java/org/springframework/security/access/TargetObject.java
@@ -0,0 +1,81 @@
 
				+/*
			
 
				+ * Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
			
 
				+ *
			
 
				+ * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				+ * you may not use this file except in compliance with the License.
			
 
				+ * You may obtain a copy of the License at
			
 
				+ *
			
 
				+ *      https://www.apache.org/licenses/LICENSE-2.0
			
 
				+ *
			
 
				+ * Unless required by applicable law or agreed to in writing, software
			
 
				+ * distributed under the License is distributed on an "AS IS" BASIS,
			
 
				+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				+ * See the License for the specific language governing permissions and
			
 
				+ * limitations under the License.
			
 
				+ */
			
 
				+
			
 
				+package org.springframework.security.access;
			
 
				+
			
 
				+import org.springframework.security.core.Authentication;
			
 
				+import org.springframework.security.core.context.SecurityContextHolder;
			
 
				+
			
 
				+/**
			
 
				+ * Represents a secured object.
			
 
				+ *
			
 
				+ * @author Ben Alex
			
 
				+ */
			
 
				+public class TargetObject implements ITargetObject {
			
 
				+
			
 
				+	@Override
			
 
				+	public Integer computeHashCode(String input) {
			
 
				+		return input.hashCode();
			
 
				+	}
			
 
				+
			
 
				+	@Override
			
 
				+	public int countLength(String input) {
			
 
				+		return input.length();
			
 
				+	}
			
 
				+
			
 
				+	/**
			
 
				+	 * Returns the lowercase string, followed by security environment information.
			
 
				+	 * @param input the message to make lowercase
			
 
				+	 * @return the lowercase message, a space, the <code>Authentication</code> class that
			
 
				+	 * was on the <code>SecurityContext</code> at the time of method invocation, and a
			
 
				+	 * boolean indicating if the <code>Authentication</code> object is authenticated or
			
 
				+	 * not
			
 
				+	 */
			
 
				+	@Override
			
 
				+	public String makeLowerCase(String input) {
			
 
				+		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
			
 
				+		if (auth == null) {
			
 
				+			return input.toLowerCase() + " Authentication empty";
			
 
				+		}
			
 
				+		else {
			
 
				+			return input.toLowerCase() + " " + auth.getClass().getName() + " " + auth.isAuthenticated();
			
 
				+		}
			
 
				+	}
			
 
				+
			
 
				+	/**
			
 
				+	 * Returns the uppercase string, followed by security environment information.
			
 
				+	 * @param input the message to make uppercase
			
 
				+	 * @return the uppercase message, a space, the <code>Authentication</code> class that
			
 
				+	 * was on the <code>SecurityContext</code> at the time of method invocation, and a
			
 
				+	 * boolean indicating if the <code>Authentication</code> object is authenticated or
			
 
				+	 * not
			
 
				+	 */
			
 
				+	@Override
			
 
				+	public String makeUpperCase(String input) {
			
 
				+		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
			
 
				+		return input.toUpperCase() + " " + auth.getClass().getName() + " " + auth.isAuthenticated();
			
 
				+	}
			
 
				+
			
 
				+	/**
			
 
				+	 * Delegates through to the {@link #makeLowerCase(String)} method.
			
 
				+	 * @param input the message to be made lower-case
			
 
				+	 */
			
 
				+	@Override
			
 
				+	public String publicMakeLowerCase(String input) {
			
 
				+		return this.makeLowerCase(input);
			
 
				+	}
			
 
				+
			
 
				+}
			
--- a/access/src/test/java/org/springframework/security/access/annotation/BusinessService.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/BusinessService.java
--- a/access/src/test/java/org/springframework/security/access/annotation/BusinessServiceImpl.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/BusinessServiceImpl.java
--- a/access/src/test/java/org/springframework/security/access/annotation/Entity.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/Entity.java
--- a/access/src/test/java/org/springframework/security/access/annotation/ExpressionProtectedBusinessServiceImpl.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/ExpressionProtectedBusinessServiceImpl.java
--- a/access/src/test/java/org/springframework/security/access/annotation/Jsr250BusinessServiceImpl.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/Jsr250BusinessServiceImpl.java
--- a/access/src/test/java/org/springframework/security/access/annotation/Jsr250MethodSecurityMetadataSourceTests.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/Jsr250MethodSecurityMetadataSourceTests.java
--- a/access/src/test/java/org/springframework/security/access/annotation/Jsr250VoterTests.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/Jsr250VoterTests.java
--- a/access/src/test/java/org/springframework/security/access/annotation/RequireAdminRole.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/RequireAdminRole.java
--- a/access/src/test/java/org/springframework/security/access/annotation/RequireUserRole.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/RequireUserRole.java
--- a/access/src/test/java/org/springframework/security/access/annotation/SecuredAnnotationSecurityMetadataSourceTests.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/SecuredAnnotationSecurityMetadataSourceTests.java
@@ -39,8 +39,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 
				 import static org.assertj.core.api.Assertions.fail;
			
 
				 
			
 
				 /**
			
 
				- * Tests for
			
 
				- * {@link org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource}
			
 
				+ * Tests for {@link SecuredAnnotationSecurityMetadataSource}
			
 
				  *
			
 
				  * @author Mark St.Godard
			
 
				  * @author Joe Scalise
			
--- a/access/src/test/java/org/springframework/security/access/annotation/sec2150/CrudRepository.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/sec2150/CrudRepository.java
--- a/access/src/test/java/org/springframework/security/access/annotation/sec2150/MethodInvocationFactory.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/sec2150/MethodInvocationFactory.java
--- a/access/src/test/java/org/springframework/security/access/annotation/sec2150/PersonRepository.java
+++ b/access/src/test/java/org/springframework/security/access/annotation/sec2150/PersonRepository.java
--- a/access/src/test/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandlerTests.java
+++ b/access/src/test/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandlerTests.java
--- a/access/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java
+++ b/access/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java
--- a/access/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java
+++ b/access/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java
--- a/access/src/test/java/org/springframework/security/access/expression/method/MethodSecurityEvaluationContextTests.java
+++ b/access/src/test/java/org/springframework/security/access/expression/method/MethodSecurityEvaluationContextTests.java
--- a/access/src/test/java/org/springframework/security/access/expression/method/MethodSecurityExpressionRootTests.java
+++ b/access/src/test/java/org/springframework/security/access/expression/method/MethodSecurityExpressionRootTests.java
@@ -17,6 +17,7 @@
 
				 package org.springframework.security.access.expression.method;
			
 
				 
			
 
				 import org.aopalliance.intercept.MethodInvocation;
			
 
				+import org.assertj.core.api.Assertions;
			
 
				 import org.junit.jupiter.api.BeforeEach;
			
 
				 import org.junit.jupiter.api.Test;
			
 
				 
			
@@ -28,7 +29,6 @@ import org.springframework.security.access.expression.ExpressionUtils;
 
				 import org.springframework.security.authentication.AuthenticationTrustResolver;
			
 
				 import org.springframework.security.core.Authentication;
			
 
				 
			
 
				-import static org.assertj.core.api.Assertions.assertThat;
			
 
				 import static org.mockito.ArgumentMatchers.any;
			
 
				 import static org.mockito.ArgumentMatchers.eq;
			
 
				 import static org.mockito.BDDMockito.given;
			
@@ -65,19 +65,19 @@ public class MethodSecurityExpressionRootTests {
 
				 	public void canCallMethodsOnVariables() {
			
 
				 		this.ctx.setVariable("var", "somestring");
			
 
				 		Expression e = this.parser.parseExpression("#var.length() == 10");
			
 
				-		assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
			
 
				+		Assertions.assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
			
 
				 	}
			
 
				 
			
 
				 	@Test
			
 
				 	public void isAnonymousReturnsTrueIfTrustResolverReportsAnonymous() {
			
 
				 		given(this.trustResolver.isAnonymous(this.user)).willReturn(true);
			
 
				-		assertThat(this.root.isAnonymous()).isTrue();
			
 
				+		Assertions.assertThat(this.root.isAnonymous()).isTrue();
			
 
				 	}
			
 
				 
			
 
				 	@Test
			
 
				 	public void isAnonymousReturnsFalseIfTrustResolverReportsNonAnonymous() {
			
 
				 		given(this.trustResolver.isAnonymous(this.user)).willReturn(false);
			
 
				-		assertThat(this.root.isAnonymous()).isFalse();
			
 
				+		Assertions.assertThat(this.root.isAnonymous()).isFalse();
			
 
				 	}
			
 
				 
			
 
				 	@Test
			
@@ -87,7 +87,7 @@ public class MethodSecurityExpressionRootTests {
 
				 		this.ctx.setVariable("domainObject", dummyDomainObject);
			
 
				 		this.root.setPermissionEvaluator(pe);
			
 
				 		given(pe.hasPermission(this.user, dummyDomainObject, "ignored")).willReturn(false);
			
 
				-		assertThat(this.root.hasPermission(dummyDomainObject, "ignored")).isFalse();
			
 
				+		Assertions.assertThat(this.root.hasPermission(dummyDomainObject, "ignored")).isFalse();
			
 
				 	}
			
 
				 
			
 
				 	@Test
			
@@ -97,7 +97,7 @@ public class MethodSecurityExpressionRootTests {
 
				 		this.ctx.setVariable("domainObject", dummyDomainObject);
			
 
				 		this.root.setPermissionEvaluator(pe);
			
 
				 		given(pe.hasPermission(this.user, dummyDomainObject, "ignored")).willReturn(true);
			
 
				-		assertThat(this.root.hasPermission(dummyDomainObject, "ignored")).isTrue();
			
 
				+		Assertions.assertThat(this.root.hasPermission(dummyDomainObject, "ignored")).isTrue();
			
 
				 	}
			
 
				 
			
 
				 	@Test
			
@@ -109,13 +109,13 @@ public class MethodSecurityExpressionRootTests {
 
				 		given(pe.hasPermission(eq(this.user), eq(dummyDomainObject), any(Integer.class))).willReturn(true, true, false);
			
 
				 		Expression e = this.parser.parseExpression("hasPermission(#domainObject, 0xA)");
			
 
				 		// evaluator returns true
			
 
				-		assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
			
 
				+		Assertions.assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
			
 
				 		e = this.parser.parseExpression("hasPermission(#domainObject, 10)");
			
 
				 		// evaluator returns true
			
 
				-		assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
			
 
				+		Assertions.assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
			
 
				 		e = this.parser.parseExpression("hasPermission(#domainObject, 0xFF)");
			
 
				 		// evaluator returns false, make sure return value matches
			
 
				-		assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isFalse();
			
 
				+		Assertions.assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isFalse();
			
 
				 	}
			
 
				 
			
 
				 	@Test
			
@@ -132,11 +132,11 @@ public class MethodSecurityExpressionRootTests {
 
				 		given(pe.hasPermission(this.user, targetObject, i)).willReturn(true, false);
			
 
				 		given(pe.hasPermission(this.user, "x", i)).willReturn(true);
			
 
				 		Expression e = this.parser.parseExpression("hasPermission(this, 2)");
			
 
				-		assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
			
 
				+		Assertions.assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
			
 
				 		e = this.parser.parseExpression("hasPermission(this, 2)");
			
 
				-		assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isFalse();
			
 
				+		Assertions.assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isFalse();
			
 
				 		e = this.parser.parseExpression("hasPermission(this.x, 2)");
			
 
				-		assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
			
 
				+		Assertions.assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
			
 
				 	}
			
 
				 
			
 
				 }
			
--- a/access/src/test/java/org/springframework/security/access/expression/method/PrePostAnnotationSecurityMetadataSourceTests.java
+++ b/access/src/test/java/org/springframework/security/access/expression/method/PrePostAnnotationSecurityMetadataSourceTests.java
--- a/access/src/test/java/org/springframework/security/access/expression/method/SecurityRules.java
+++ b/access/src/test/java/org/springframework/security/access/expression/method/SecurityRules.java
--- a/access/src/test/java/org/springframework/security/access/intercept/AbstractSecurityInterceptorTests.java
+++ b/access/src/test/java/org/springframework/security/access/intercept/AbstractSecurityInterceptorTests.java