You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ay...@apache.org on 2013/02/15 11:04:36 UTC
svn commit: r1446488 - in /cxf/branches/2.7.x-fixes: ./
rt/core/src/main/java/org/apache/cxf/interceptor/security/
rt/core/src/test/java/org/apache/cxf/interceptor/security/
Author: ay
Date: Fri Feb 15 10:04:35 2013
New Revision: 1446488
URL: http://svn.apache.org/r1446488
Log:
Merged revisions 1446180 via svn merge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1446180 | ay | 2013-02-14 14:59:47 +0100 (Thu, 14 Feb 2013) | 1 line
[CXF-4829] Add OperationInfo based authorizing interceptor
........
Added:
cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/OperationInfoAuthorizingInterceptor.java
- copied unchanged from r1446180, cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/OperationInfoAuthorizingInterceptor.java
cxf/branches/2.7.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/OperationInfoAuthorizingInterceptorTest.java
- copied unchanged from r1446180, cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/OperationInfoAuthorizingInterceptorTest.java
Modified:
cxf/branches/2.7.x-fixes/ (props changed)
cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java
cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java
cxf/branches/2.7.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptorTest.java
Propchange: cxf/branches/2.7.x-fixes/
('svn:mergeinfo' removed)
Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java?rev=1446488&r1=1446487&r2=1446488&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java (original)
+++ cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java Fri Feb 15 10:04:35 2013
@@ -48,7 +48,6 @@ public abstract class AbstractAuthorizin
SecurityContext sc = message.get(SecurityContext.class);
if (sc != null && sc.getUserPrincipal() != null) {
Method method = getTargetMethod(message);
-
if (authorize(sc, method)) {
return;
}
Modified: cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java?rev=1446488&r1=1446487&r2=1446488&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java (original)
+++ cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java Fri Feb 15 10:04:35 2013
@@ -31,9 +31,9 @@ import org.apache.cxf.security.SecurityC
public class SimpleAuthorizingInterceptor extends AbstractAuthorizingInInterceptor {
- private Map<String, List<String>> methodRolesMap = new HashMap<String, List<String>>();
- private Map<String, List<String>> userRolesMap = Collections.emptyMap();
- private List<String> globalRoles = Collections.emptyList();
+ protected Map<String, List<String>> methodRolesMap = new HashMap<String, List<String>>();
+ protected Map<String, List<String>> userRolesMap = Collections.emptyMap();
+ protected List<String> globalRoles = Collections.emptyList();
private boolean checkConfiguredRolesOnly;
@Override
Modified: cxf/branches/2.7.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptorTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptorTest.java?rev=1446488&r1=1446487&r2=1446488&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptorTest.java (original)
+++ cxf/branches/2.7.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptorTest.java Fri Feb 15 10:04:35 2013
@@ -39,16 +39,14 @@ import org.junit.Test;
public class SimpleAuthorizingInterceptorTest extends Assert {
+ protected Message message = new MessageImpl();
private Method method;
- private Message message = new MessageImpl();
+
@Before
public void setUp() throws Exception {
method = TestService.class.getMethod("echo", new Class[]{});
- message.put(SecurityContext.class, new TestSecurityContext());
- Exchange ex = new ExchangeImpl();
- message.setExchange(ex);
-
+ Exchange ex = setUpExchange();
Service service = EasyMock.createMock(Service.class);
ex.put(Service.class, service);
MethodDispatcher md = EasyMock.createMock(MethodDispatcher.class);
@@ -62,33 +60,54 @@ public class SimpleAuthorizingIntercepto
EasyMock.replay(service, md);
}
+ protected Exchange setUpExchange() {
+ message.put(SecurityContext.class, new TestSecurityContext());
+ Exchange ex = new ExchangeImpl();
+ message.setExchange(ex);
+ return ex;
+ }
+
+ protected SimpleAuthorizingInterceptor createSimpleAuthorizingInterceptor() {
+ return new SimpleAuthorizingInterceptor();
+ }
+
+ protected SimpleAuthorizingInterceptor createSimpleAuthorizingInterceptorWithDenyRoles(final String role) {
+ SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor() {
+ @Override
+ public List<String> getDenyRoles(Method m) {
+ return Collections.singletonList(role);
+ }
+ };
+ return in;
+ }
+
@Test(expected = AccessDeniedException.class)
public void testNoSecurityContext() {
message.put(SecurityContext.class, null);
- new SimpleAuthorizingInterceptor().handleMessage(message);
+ createSimpleAuthorizingInterceptor().handleMessage(message);
}
@Test(expected = AccessDeniedException.class)
public void testIncompleteSecurityContext() {
message.put(SecurityContext.class, new IncompleteSecurityContext());
- new SimpleAuthorizingInterceptor().handleMessage(message);
+ createSimpleAuthorizingInterceptor().handleMessage(message);
}
@Test
public void testPermitWithNoRoles() {
- new SimpleAuthorizingInterceptor().handleMessage(message);
+ createSimpleAuthorizingInterceptor().handleMessage(message);
}
@Test
public void testPermitWithMethodRoles() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor();
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor();
in.setMethodRolesMap(Collections.singletonMap("echo", "role1 testRole"));
in.handleMessage(message);
}
@Test
public void testPermitWithMethodRolesConfigurationOnly() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor();
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor();
in.setCheckConfiguredRolesOnly(true);
in.setUserRolesMap(Collections.singletonMap("testUser", "role1"));
in.setMethodRolesMap(Collections.singletonMap("echo", "role1 role2"));
@@ -97,7 +116,7 @@ public class SimpleAuthorizingIntercepto
@Test(expected = AccessDeniedException.class)
public void testDenyWithMethodRolesConfigurationOnly() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor();
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor();
in.setCheckConfiguredRolesOnly(true);
in.setUserRolesMap(Collections.singletonMap("testUser", "role1"));
in.setMethodRolesMap(Collections.singletonMap("echo", "role2 role3"));
@@ -106,7 +125,7 @@ public class SimpleAuthorizingIntercepto
@Test(expected = AccessDeniedException.class)
public void testEmptyRolesConfigurationOnly() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor();
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor();
in.setCheckConfiguredRolesOnly(true);
in.setMethodRolesMap(Collections.singletonMap("echo", "role1 role2"));
in.handleMessage(message);
@@ -114,65 +133,47 @@ public class SimpleAuthorizingIntercepto
@Test
public void testPermitAll() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor();
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor();
in.setMethodRolesMap(Collections.singletonMap("echo", "*"));
in.handleMessage(message);
}
@Test
public void testPermitWithClassRoles() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor();
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor();
in.setGlobalRoles("role1 testRole");
in.handleMessage(message);
}
@Test(expected = AccessDeniedException.class)
public void testDenyWithMethodRoles() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor();
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor();
in.setMethodRolesMap(Collections.singletonMap("echo", "role1 role2"));
in.handleMessage(message);
}
@Test(expected = AccessDeniedException.class)
public void testDenyWithClassRoles() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor();
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor();
in.setGlobalRoles("role1 role2");
in.handleMessage(message);
}
@Test
public void testPermitWithDenyRoles() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor() {
- @Override
- public List<String> getDenyRoles(Method m) {
- return Collections.singletonList("frogs");
- }
-
- };
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptorWithDenyRoles("frogs");
in.handleMessage(message);
}
@Test(expected = AccessDeniedException.class)
public void testDenyWithDenyRoles() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor() {
- @Override
- public List<String> getDenyRoles(Method m) {
- return Collections.singletonList("testRole");
- }
-
- };
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptorWithDenyRoles("testRole");
in.handleMessage(message);
}
@Test(expected = AccessDeniedException.class)
public void testDenyAll() {
- SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor() {
- @Override
- public List<String> getDenyRoles(Method m) {
- return Collections.singletonList("*");
- }
-
- };
+ SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptorWithDenyRoles("*");
in.handleMessage(message);
}