@Override public final void setApplicationContext(ApplicationContext applicationContext) throws BeansException { String[] grantedAuthorityDefaultsBeanNames = applicationContext.getBeanNamesForType(GrantedAuthorityDefaults.class); if (grantedAuthorityDefaultsBeanNames.length == 1) { GrantedAuthorityDefaults grantedAuthorityDefaults = applicationContext.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class); this.rolePrefix = grantedAuthorityDefaults.getRolePrefix(); } }
@Test(expected = AccessDeniedException.class) public void messageDenied() { setup("DENIED"); messageService.getMessage(); }
@Test(expected = AccessDeniedException.class) public void jsrMessageDenied() { setup("DENIED"); messageService.getJsrMessage(); }
@Bean public static GrantedAuthorityDefaults grantedAuthorityDefaults() { return new GrantedAuthorityDefaults(""); } }
@Test(expected = AccessDeniedException.class) public void jsrMessageDenied() { setup("DENIED"); messageService.getJsrMessage(); }
@Test(expected = AccessDeniedException.class) public void messageDenied() { setup("DENIED"); messageService.getMessage(); }
@Test public void message() { messageService.getMessage(); }
@Test public void jsrMessage() { messageService.getJsrMessage(); }
@Test public void doFilterDenied() throws Exception { setup("DENIED"); SecurityContext context = SecurityContextHolder.getContext(); request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, context); springSecurityFilterChain.doFilter(request, response, chain); assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_FORBIDDEN); }
@Test public void doFilterDenied() throws Exception { setup("DENIED"); SecurityContext context = SecurityContextHolder.getContext(); request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, context); springSecurityFilterChain.doFilter(request, response, chain); assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_FORBIDDEN); }
@Bean public MessageService messageService() { return new HelloWorldMessageService(); }
@Override public final void setApplicationContext(ApplicationContext applicationContext) throws BeansException { String[] grantedAuthorityDefaultsBeanNames = applicationContext.getBeanNamesForType(GrantedAuthorityDefaults.class); if (grantedAuthorityDefaultsBeanNames.length == 1) { GrantedAuthorityDefaults grantedAuthorityDefaults = applicationContext.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class); this.rolePrefix = grantedAuthorityDefaults.getRolePrefix(); } } }
@Bean public GrantedAuthorityDefaults ga() { return new GrantedAuthorityDefaults("ROLE:"); }
@Test public void message() { messageService.getMessage(); }
@Test public void jsrMessage() { messageService.getJsrMessage(); }
@Before public void setup() { setup("USER"); request = new MockHttpServletRequest("GET", ""); request.setMethod("GET"); response = new MockHttpServletResponse(); chain = new MockFilterChain(); }
@Before public void setup() { setup("USER"); request = new MockHttpServletRequest("GET", ""); request.setMethod("GET"); response = new MockHttpServletResponse(); chain = new MockFilterChain(); }
private SecurityExpressionHandler<FilterInvocation> getExpressionHandler(H http) { if (expressionHandler == null) { DefaultWebSecurityExpressionHandler defaultHandler = new DefaultWebSecurityExpressionHandler(); AuthenticationTrustResolver trustResolver = http .getSharedObject(AuthenticationTrustResolver.class); if (trustResolver != null) { defaultHandler.setTrustResolver(trustResolver); } ApplicationContext context = http.getSharedObject(ApplicationContext.class); if (context != null) { String[] roleHiearchyBeanNames = context.getBeanNamesForType(RoleHierarchy.class); if (roleHiearchyBeanNames.length == 1) { defaultHandler.setRoleHierarchy(context.getBean(roleHiearchyBeanNames[0], RoleHierarchy.class)); } String[] grantedAuthorityDefaultsBeanNames = context.getBeanNamesForType(GrantedAuthorityDefaults.class); if (grantedAuthorityDefaultsBeanNames.length == 1) { GrantedAuthorityDefaults grantedAuthorityDefaults = context.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class); defaultHandler.setDefaultRolePrefix(grantedAuthorityDefaults.getRolePrefix()); } String[] permissionEvaluatorBeanNames = context.getBeanNamesForType(PermissionEvaluator.class); if (permissionEvaluatorBeanNames.length == 1) { PermissionEvaluator permissionEvaluator = context.getBean(permissionEvaluatorBeanNames[0], PermissionEvaluator.class); defaultHandler.setPermissionEvaluator(permissionEvaluator); } } expressionHandler = postProcess(defaultHandler); } return expressionHandler; }
@Bean public GrantedAuthorityDefaults ga() { return new GrantedAuthorityDefaults(""); }
@Override public void afterSingletonsInstantiated() { try { initializeMethodSecurityInterceptor(); } catch (Exception e) { throw new RuntimeException(e); } PermissionEvaluator permissionEvaluator = getSingleBeanOrNull( PermissionEvaluator.class); if (permissionEvaluator != null) { this.defaultMethodExpressionHandler .setPermissionEvaluator(permissionEvaluator); } RoleHierarchy roleHierarchy = getSingleBeanOrNull(RoleHierarchy.class); if (roleHierarchy != null) { this.defaultMethodExpressionHandler.setRoleHierarchy(roleHierarchy); } AuthenticationTrustResolver trustResolver = getSingleBeanOrNull( AuthenticationTrustResolver.class); if (trustResolver != null) { this.defaultMethodExpressionHandler.setTrustResolver(trustResolver); } GrantedAuthorityDefaults grantedAuthorityDefaults = getSingleBeanOrNull( GrantedAuthorityDefaults.class); if (grantedAuthorityDefaults != null) { this.defaultMethodExpressionHandler.setDefaultRolePrefix( grantedAuthorityDefaults.getRolePrefix()); } }