12 gadi atpakaļ · f9fd448d88
--- a/config/src/main/resources/org/springframework/security/config/spring-security-3.1.rnc
+++ b/config/src/main/resources/org/springframework/security/config/spring-security-3.1.rnc
@@ -739,4 +739,4 @@ position =
 
				     ## The explicit position at which the custom-filter should be placed in the chain. Use if you are replacing a standard filter.
			
 
				     attribute position {named-security-filter}
			
 
				 
			
 
				-named-security-filter = "FIRST" | "CHANNEL_FILTER" | "CONCURRENT_SESSION_FILTER" | "SECURITY_CONTEXT_FILTER" | "LOGOUT_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_FILTER" | "FORM_LOGIN_FILTER" | "OPENID_FILTER" |"BASIC_AUTH_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "SESSION_MANAGEMENT_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER" | "LAST"
			
 
				+named-security-filter = "FIRST" | "CHANNEL_FILTER" | "SECURITY_CONTEXT_FILTER" | "CONCURRENT_SESSION_FILTER" | "LOGOUT_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_FILTER" | "FORM_LOGIN_FILTER" | "OPENID_FILTER" | "LOGIN_PAGE_FILTER" | "DIGEST_AUTH_FILTER" |"BASIC_AUTH_FILTER" | "REQUEST_CACHE_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "JAAS_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "SESSION_MANAGEMENT_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER" | "LAST"
			
--- a/config/src/main/resources/org/springframework/security/config/spring-security-3.1.xsd
+++ b/config/src/main/resources/org/springframework/security/config/spring-security-3.1.xsd
@@ -1632,20 +1632,24 @@
 
				     <xs:restriction base="xs:token">
			
 
				       <xs:enumeration value="FIRST"/>
			
 
				       <xs:enumeration value="CHANNEL_FILTER"/>
			
 
				-      <xs:enumeration value="CONCURRENT_SESSION_FILTER"/>
			
 
				       <xs:enumeration value="SECURITY_CONTEXT_FILTER"/>
			
 
				+      <xs:enumeration value="CONCURRENT_SESSION_FILTER"/>
			
 
				       <xs:enumeration value="LOGOUT_FILTER"/>
			
 
				       <xs:enumeration value="X509_FILTER"/>
			
 
				       <xs:enumeration value="PRE_AUTH_FILTER"/>
			
 
				       <xs:enumeration value="CAS_FILTER"/>
			
 
				       <xs:enumeration value="FORM_LOGIN_FILTER"/>
			
 
				       <xs:enumeration value="OPENID_FILTER"/>
			
 
				+      <xs:enumeration value="LOGIN_PAGE_FILTER"/>
			
 
				+      <xs:enumeration value="DIGEST_AUTH_FILTER"/>
			
 
				       <xs:enumeration value="BASIC_AUTH_FILTER"/>
			
 
				+      <xs:enumeration value="REQUEST_CACHE_FILTER"/>
			
 
				       <xs:enumeration value="SERVLET_API_SUPPORT_FILTER"/>
			
 
				+      <xs:enumeration value="JAAS_API_SUPPORT_FILTER"/>
			
 
				       <xs:enumeration value="REMEMBER_ME_FILTER"/>
			
 
				       <xs:enumeration value="ANONYMOUS_FILTER"/>
			
 
				-      <xs:enumeration value="EXCEPTION_TRANSLATION_FILTER"/>
			
 
				       <xs:enumeration value="SESSION_MANAGEMENT_FILTER"/>
			
 
				+      <xs:enumeration value="EXCEPTION_TRANSLATION_FILTER"/>
			
 
				       <xs:enumeration value="FILTER_SECURITY_INTERCEPTOR"/>
			
 
				       <xs:enumeration value="SWITCH_USER_FILTER"/>
			
 
				       <xs:enumeration value="LAST"/>
			
--- a/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy
@@ -15,7 +15,10 @@
 
				  */
			
 
				 package org.springframework.security.config.doc
			
 
				 
			
 
				-import groovy.util.slurpersupport.NodeChild;
			
 
				+import groovy.util.slurpersupport.NodeChild
			
 
				+
			
 
				+import org.springframework.security.config.http.SecurityFilters
			
 
				+
			
 
				 import spock.lang.*
			
 
				 
			
 
				 /**
			
@@ -31,10 +34,11 @@ class XsdDocumentedTests extends Specification {
 
				 
			
 
				     @Shared File schemaDocument = new File('src/main/resources/org/springframework/security/config/spring-security-3.1.xsd')
			
 
				     @Shared Map<String,Element> elementNameToElement
			
 
				+    @Shared schemaRootElement
			
 
				 
			
 
				     def setupSpec() {
			
 
				-        def rootElement = new XmlSlurper().parse(schemaDocument)
			
 
				-        elementNameToElement = new SpringSecurityXsdParser(rootElement: rootElement).parse()
			
 
				+        schemaRootElement = new XmlSlurper().parse(schemaDocument)
			
 
				+        elementNameToElement = new SpringSecurityXsdParser(rootElement: schemaRootElement).parse()
			
 
				         appendixRoot.getMetaClass().sections = {
			
 
				             delegate.breadthFirst().inject([]) {result, c->
			
 
				                 if(c.name() == 'section' && c.@id) {
			
@@ -55,6 +59,18 @@ class XsdDocumentedTests extends Specification {
 
				         }
			
 
				     }
			
 
				 
			
 
				+    def 'SEC-2139: named-security-filter are all defined and ordered properly'() {
			
 
				+        setup:
			
 
				+            def expectedFilters = (EnumSet.allOf(SecurityFilters) as List).sort { it.order }
			
 
				+        when:
			
 
				+            def nsf = schemaRootElement.simpleType.find { it.@name == 'named-security-filter' }
			
 
				+            def nsfValues = nsf.children().children().collect { c ->
			
 
				+                Enum.valueOf(SecurityFilters, c.@value.toString())
			
 
				+            }
			
 
				+        then:
			
 
				+            expectedFilters == nsfValues
			
 
				+    }
			
 
				+
			
 
				     /**
			
 
				      * This will check to ensure that the expected number of xsd documents are found to ensure that we are validating
			
 
				      * against the current xsd document. If this test fails, all that is needed is to update the schemaDocument