Author: ay Date: Fri Feb 15 10:10:49 2013 New Revision: 1446491 URL: http://svn.apache.org/r1446491 Log: Merged revisions 1446488 via svn merge from https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes
........ r1446488 | ay | 2013-02-15 11:04:35 +0100 (Fri, 15 Feb 2013) | 9 lines Merged revisions 1446180 via svn merge from https://svn.apache.org/repos/asf/cxf/trunk ........ r1446180 | ay | 2013-02-14 14:59:47 +0100 (Thu, 14 Feb 2013) | 1 line [CXF-4829] Add OperationInfo based authorizing interceptor ........ ........ Added: cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/OperationInfoAuthorizingInterceptor.java - copied unchanged from r1446488, cxf/branches/2.7.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/OperationInfoAuthorizingInterceptor.java cxf/branches/2.6.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/OperationInfoAuthorizingInterceptorTest.java - copied unchanged from r1446488, cxf/branches/2.7.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/OperationInfoAuthorizingInterceptorTest.java Modified: cxf/branches/2.6.x-fixes/ (props changed) cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java cxf/branches/2.6.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptorTest.java Propchange: cxf/branches/2.6.x-fixes/ ------------------------------------------------------------------------------ Binary property 'svnmerge-integrated' - no diff available. Modified: cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java?rev=1446491&r1=1446490&r2=1446491&view=diff ============================================================================== --- cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java (original) +++ cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java Fri Feb 15 10:10:49 2013 @@ -48,7 +48,6 @@ public abstract class AbstractAuthorizin SecurityContext sc = message.get(SecurityContext.class); if (sc != null && sc.getUserPrincipal() != null) { Method method = getTargetMethod(message); - if (authorize(sc, method)) { return; } Modified: cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java?rev=1446491&r1=1446490&r2=1446491&view=diff ============================================================================== --- cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java (original) +++ cxf/branches/2.6.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java Fri Feb 15 10:10:49 2013 @@ -31,9 +31,9 @@ import org.apache.cxf.security.SecurityC public class SimpleAuthorizingInterceptor extends AbstractAuthorizingInInterceptor { - private Map<String, List<String>> methodRolesMap = new HashMap<String, List<String>>(); - private Map<String, List<String>> userRolesMap = Collections.emptyMap(); - private List<String> globalRoles = Collections.emptyList(); + protected Map<String, List<String>> methodRolesMap = new HashMap<String, List<String>>(); + protected Map<String, List<String>> userRolesMap = Collections.emptyMap(); + protected List<String> globalRoles = Collections.emptyList(); private boolean checkConfiguredRolesOnly; @Override Modified: cxf/branches/2.6.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptorTest.java URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptorTest.java?rev=1446491&r1=1446490&r2=1446491&view=diff ============================================================================== --- cxf/branches/2.6.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptorTest.java (original) +++ cxf/branches/2.6.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptorTest.java Fri Feb 15 10:10:49 2013 @@ -39,16 +39,14 @@ import org.junit.Test; public class SimpleAuthorizingInterceptorTest extends Assert { + protected Message message = new MessageImpl(); private Method method; - private Message message = new MessageImpl(); + @Before public void setUp() throws Exception { method = TestService.class.getMethod("echo", new Class[]{}); - message.put(SecurityContext.class, new TestSecurityContext()); - Exchange ex = new ExchangeImpl(); - message.setExchange(ex); - + Exchange ex = setUpExchange(); Service service = EasyMock.createMock(Service.class); ex.put(Service.class, service); MethodDispatcher md = EasyMock.createMock(MethodDispatcher.class); @@ -62,33 +60,54 @@ public class SimpleAuthorizingIntercepto EasyMock.replay(service, md); } + protected Exchange setUpExchange() { + message.put(SecurityContext.class, new TestSecurityContext()); + Exchange ex = new ExchangeImpl(); + message.setExchange(ex); + return ex; + } + + protected SimpleAuthorizingInterceptor createSimpleAuthorizingInterceptor() { + return new SimpleAuthorizingInterceptor(); + } + + protected SimpleAuthorizingInterceptor createSimpleAuthorizingInterceptorWithDenyRoles(final String role) { + SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor() { + @Override + public List<String> getDenyRoles(Method m) { + return Collections.singletonList(role); + } + }; + return in; + } + @Test(expected = AccessDeniedException.class) public void testNoSecurityContext() { message.put(SecurityContext.class, null); - new SimpleAuthorizingInterceptor().handleMessage(message); + createSimpleAuthorizingInterceptor().handleMessage(message); } @Test(expected = AccessDeniedException.class) public void testIncompleteSecurityContext() { message.put(SecurityContext.class, new IncompleteSecurityContext()); - new SimpleAuthorizingInterceptor().handleMessage(message); + createSimpleAuthorizingInterceptor().handleMessage(message); } @Test public void testPermitWithNoRoles() { - new SimpleAuthorizingInterceptor().handleMessage(message); + createSimpleAuthorizingInterceptor().handleMessage(message); } @Test public void testPermitWithMethodRoles() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor(); + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor(); in.setMethodRolesMap(Collections.singletonMap("echo", "role1 testRole")); in.handleMessage(message); } @Test public void testPermitWithMethodRolesConfigurationOnly() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor(); + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor(); in.setCheckConfiguredRolesOnly(true); in.setUserRolesMap(Collections.singletonMap("testUser", "role1")); in.setMethodRolesMap(Collections.singletonMap("echo", "role1 role2")); @@ -97,7 +116,7 @@ public class SimpleAuthorizingIntercepto @Test(expected = AccessDeniedException.class) public void testDenyWithMethodRolesConfigurationOnly() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor(); + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor(); in.setCheckConfiguredRolesOnly(true); in.setUserRolesMap(Collections.singletonMap("testUser", "role1")); in.setMethodRolesMap(Collections.singletonMap("echo", "role2 role3")); @@ -106,7 +125,7 @@ public class SimpleAuthorizingIntercepto @Test(expected = AccessDeniedException.class) public void testEmptyRolesConfigurationOnly() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor(); + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor(); in.setCheckConfiguredRolesOnly(true); in.setMethodRolesMap(Collections.singletonMap("echo", "role1 role2")); in.handleMessage(message); @@ -114,65 +133,47 @@ public class SimpleAuthorizingIntercepto @Test public void testPermitAll() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor(); + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor(); in.setMethodRolesMap(Collections.singletonMap("echo", "*")); in.handleMessage(message); } @Test public void testPermitWithClassRoles() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor(); + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor(); in.setGlobalRoles("role1 testRole"); in.handleMessage(message); } @Test(expected = AccessDeniedException.class) public void testDenyWithMethodRoles() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor(); + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor(); in.setMethodRolesMap(Collections.singletonMap("echo", "role1 role2")); in.handleMessage(message); } @Test(expected = AccessDeniedException.class) public void testDenyWithClassRoles() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor(); + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptor(); in.setGlobalRoles("role1 role2"); in.handleMessage(message); } @Test public void testPermitWithDenyRoles() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor() { - @Override - public List<String> getDenyRoles(Method m) { - return Collections.singletonList("frogs"); - } - - }; + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptorWithDenyRoles("frogs"); in.handleMessage(message); } @Test(expected = AccessDeniedException.class) public void testDenyWithDenyRoles() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor() { - @Override - public List<String> getDenyRoles(Method m) { - return Collections.singletonList("testRole"); - } - - }; + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptorWithDenyRoles("testRole"); in.handleMessage(message); } @Test(expected = AccessDeniedException.class) public void testDenyAll() { - SimpleAuthorizingInterceptor in = new SimpleAuthorizingInterceptor() { - @Override - public List<String> getDenyRoles(Method m) { - return Collections.singletonList("*"); - } - - }; + SimpleAuthorizingInterceptor in = createSimpleAuthorizingInterceptorWithDenyRoles("*"); in.handleMessage(message); }
