diff --git a/.travis.yml b/.travis.yml index 713747be24a9..d6f92d816b15 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,12 +31,11 @@ branches: - master jdk: - oraclejdk7 -- openjdk6 - openjdk7 env: global: - secure: "JlFTItSTHxmevCoX1fXWkXtQOqP8ERT5ndeYMc378acqZIWEpmoSQelP8unRjtU6sU/4dxdUWpEFLrbcNQsFuPsgzMLGSwuEcjbuSBGMgdAHXSl6+FfBWrCcde2WIfk+eYMm7mrhcySWMvtWss1kDOu+s8+HtRvnRCAsfz+77hs=" -script: mvn clean package -Dlog4j.configuration=/none.xml +script: mvn clean package -Dlog4j.configuration=file:../travis/log4j.xml before_install: - chmod -R 777 ./travis/init-travis-build.sh - ./travis/init-travis-build.sh @@ -45,4 +44,4 @@ after_success: - ./travis/push-javadoc-to-gh-pages.sh - mvn clean test cobertura:cobertura coveralls:cobertura #- chmod -R 777 ./travis/test-commit-message.sh -#- ./travis/test-commit-message.sh +#- ./travis/test-commit-message.sh \ No newline at end of file diff --git a/cas-management-webapp/src/main/java/org/jasig/cas/services/web/support/RegisteredServiceValidator.java b/cas-management-webapp/src/main/java/org/jasig/cas/services/web/support/RegisteredServiceValidator.java index 15a911455814..f96ed7469b3c 100644 --- a/cas-management-webapp/src/main/java/org/jasig/cas/services/web/support/RegisteredServiceValidator.java +++ b/cas-management-webapp/src/main/java/org/jasig/cas/services/web/support/RegisteredServiceValidator.java @@ -23,7 +23,7 @@ import javax.validation.constraints.Min; import javax.validation.constraints.NotNull; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.services.RegisteredService; import org.jasig.cas.services.ServicesManager; import org.jasig.services.persondir.IPersonAttributeDao; diff --git a/cas-server-core/pom.xml b/cas-server-core/pom.xml index 25737f14f766..1f7feb15fb92 100644 --- a/cas-server-core/pom.xml +++ b/cas-server-core/pom.xml @@ -54,8 +54,8 @@ - commons-lang - commons-lang + org.apache.commons + commons-lang3 compile @@ -170,6 +170,12 @@ joda-time compile + + + org.reflections + reflections + compile + org.quartz-scheduler diff --git a/cas-server-core/src/main/java/org/jasig/cas/CentralAuthenticationServiceImpl.java b/cas-server-core/src/main/java/org/jasig/cas/CentralAuthenticationServiceImpl.java index 23761648ee2a..baff2c089934 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/CentralAuthenticationServiceImpl.java +++ b/cas-server-core/src/main/java/org/jasig/cas/CentralAuthenticationServiceImpl.java @@ -19,7 +19,7 @@ package org.jasig.cas; import com.github.inspektr.audit.annotation.Audit; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.authentication.AcceptAnyAuthenticationPolicyFactory; import org.jasig.cas.authentication.Authentication; import org.jasig.cas.authentication.AuthenticationBuilder; diff --git a/cas-server-core/src/main/java/org/jasig/cas/Message.java b/cas-server-core/src/main/java/org/jasig/cas/Message.java index a328dc2fd33b..2b0d52aeb7dc 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/Message.java +++ b/cas-server-core/src/main/java/org/jasig/cas/Message.java @@ -21,7 +21,7 @@ import java.io.Serializable; import java.util.Arrays; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import org.springframework.util.Assert; /** diff --git a/cas-server-core/src/main/java/org/jasig/cas/authentication/AbstractCredential.java b/cas-server-core/src/main/java/org/jasig/cas/authentication/AbstractCredential.java index fd05cde94a32..0ee14ea8ea83 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/authentication/AbstractCredential.java +++ b/cas-server-core/src/main/java/org/jasig/cas/authentication/AbstractCredential.java @@ -18,9 +18,9 @@ */ package org.jasig.cas.authentication; -import java.io.Serializable; +import org.apache.commons.lang3.builder.HashCodeBuilder; -import org.apache.commons.lang.builder.HashCodeBuilder; +import java.io.Serializable; /** * Base class for CAS credentials that are safe for long-term storage. diff --git a/cas-server-core/src/main/java/org/jasig/cas/authentication/BasicCredentialMetaData.java b/cas-server-core/src/main/java/org/jasig/cas/authentication/BasicCredentialMetaData.java index c931afe25210..c9a46f4720a3 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/authentication/BasicCredentialMetaData.java +++ b/cas-server-core/src/main/java/org/jasig/cas/authentication/BasicCredentialMetaData.java @@ -20,8 +20,8 @@ import java.io.Serializable; -import org.apache.commons.lang.builder.EqualsBuilder; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.EqualsBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; /** * Basic credential metadata implementation that stores the original credential ID and the original credential type. diff --git a/cas-server-core/src/main/java/org/jasig/cas/authentication/HandlerResult.java b/cas-server-core/src/main/java/org/jasig/cas/authentication/HandlerResult.java index 2d9fca7464af..013540cce4a3 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/authentication/HandlerResult.java +++ b/cas-server-core/src/main/java/org/jasig/cas/authentication/HandlerResult.java @@ -22,8 +22,8 @@ import java.util.Collections; import java.util.List; -import org.apache.commons.lang.builder.EqualsBuilder; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.EqualsBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import org.jasig.cas.Message; import org.jasig.cas.authentication.principal.Principal; import org.springframework.util.Assert; diff --git a/cas-server-core/src/main/java/org/jasig/cas/authentication/HttpBasedServiceCredential.java b/cas-server-core/src/main/java/org/jasig/cas/authentication/HttpBasedServiceCredential.java index 6cff4338b805..7b05a229b37d 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/authentication/HttpBasedServiceCredential.java +++ b/cas-server-core/src/main/java/org/jasig/cas/authentication/HttpBasedServiceCredential.java @@ -18,7 +18,7 @@ */ package org.jasig.cas.authentication; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import org.jasig.cas.services.RegisteredService; import javax.validation.constraints.NotNull; diff --git a/cas-server-core/src/main/java/org/jasig/cas/authentication/ImmutableAuthentication.java b/cas-server-core/src/main/java/org/jasig/cas/authentication/ImmutableAuthentication.java index 2cdb5bf38598..9db4a32650d1 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/authentication/ImmutableAuthentication.java +++ b/cas-server-core/src/main/java/org/jasig/cas/authentication/ImmutableAuthentication.java @@ -23,8 +23,8 @@ import java.util.List; import java.util.Map; -import org.apache.commons.lang.builder.EqualsBuilder; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.EqualsBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import org.jasig.cas.authentication.principal.Principal; import org.springframework.util.Assert; diff --git a/cas-server-core/src/main/java/org/jasig/cas/authentication/principal/SimplePrincipal.java b/cas-server-core/src/main/java/org/jasig/cas/authentication/principal/SimplePrincipal.java index 33b1d5c05f5f..63199d79f240 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/authentication/principal/SimplePrincipal.java +++ b/cas-server-core/src/main/java/org/jasig/cas/authentication/principal/SimplePrincipal.java @@ -21,7 +21,7 @@ import java.util.Collections; import java.util.Map; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import org.springframework.util.Assert; /** diff --git a/cas-server-core/src/main/java/org/jasig/cas/monitor/AbstractNamedMonitor.java b/cas-server-core/src/main/java/org/jasig/cas/monitor/AbstractNamedMonitor.java index 6b8976a9751e..dbe86880f1b5 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/monitor/AbstractNamedMonitor.java +++ b/cas-server-core/src/main/java/org/jasig/cas/monitor/AbstractNamedMonitor.java @@ -18,7 +18,7 @@ */ package org.jasig.cas.monitor; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.util.Assert; diff --git a/cas-server-core/src/main/java/org/jasig/cas/services/AbstractAttributeReleasePolicy.java b/cas-server-core/src/main/java/org/jasig/cas/services/AbstractAttributeReleasePolicy.java index 00067f600894..fcb995ab4c00 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/services/AbstractAttributeReleasePolicy.java +++ b/cas-server-core/src/main/java/org/jasig/cas/services/AbstractAttributeReleasePolicy.java @@ -20,8 +20,8 @@ import java.util.Map; -import org.apache.commons.lang.builder.EqualsBuilder; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.EqualsBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import org.jasig.cas.authentication.principal.Principal; import org.slf4j.Logger; import org.slf4j.LoggerFactory; diff --git a/cas-server-core/src/main/java/org/jasig/cas/services/AbstractRegisteredService.java b/cas-server-core/src/main/java/org/jasig/cas/services/AbstractRegisteredService.java index dd818498eef4..0ce5c1748166 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/services/AbstractRegisteredService.java +++ b/cas-server-core/src/main/java/org/jasig/cas/services/AbstractRegisteredService.java @@ -19,12 +19,12 @@ package org.jasig.cas.services; -import org.apache.commons.lang.StringUtils; -import org.apache.commons.lang.builder.CompareToBuilder; -import org.apache.commons.lang.builder.EqualsBuilder; -import org.apache.commons.lang.builder.HashCodeBuilder; -import org.apache.commons.lang.builder.ToStringBuilder; -import org.apache.commons.lang.builder.ToStringStyle; +import org.apache.commons.lang3.StringUtils; +import org.apache.commons.lang3.builder.CompareToBuilder; +import org.apache.commons.lang3.builder.EqualsBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.ToStringBuilder; +import org.apache.commons.lang3.builder.ToStringStyle; import java.util.HashSet; import java.util.Set; diff --git a/cas-server-core/src/main/java/org/jasig/cas/services/RefuseRegisteredServiceProxyPolicy.java b/cas-server-core/src/main/java/org/jasig/cas/services/RefuseRegisteredServiceProxyPolicy.java index 69fecb95a390..4d4d65f35df7 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/services/RefuseRegisteredServiceProxyPolicy.java +++ b/cas-server-core/src/main/java/org/jasig/cas/services/RefuseRegisteredServiceProxyPolicy.java @@ -18,7 +18,7 @@ */ package org.jasig.cas.services; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import java.net.URL; diff --git a/cas-server-core/src/main/java/org/jasig/cas/services/RegexMatchingRegisteredServiceProxyPolicy.java b/cas-server-core/src/main/java/org/jasig/cas/services/RegexMatchingRegisteredServiceProxyPolicy.java index 40adca6f2307..cf584d447912 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/services/RegexMatchingRegisteredServiceProxyPolicy.java +++ b/cas-server-core/src/main/java/org/jasig/cas/services/RegexMatchingRegisteredServiceProxyPolicy.java @@ -21,9 +21,9 @@ import java.net.URL; import java.util.regex.Pattern; -import org.apache.commons.lang.builder.EqualsBuilder; -import org.apache.commons.lang.builder.HashCodeBuilder; -import org.apache.commons.lang.builder.ToStringBuilder; +import org.apache.commons.lang3.builder.EqualsBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.ToStringBuilder; import com.sun.istack.NotNull; diff --git a/cas-server-core/src/main/java/org/jasig/cas/services/support/RegisteredServiceRegexAttributeFilter.java b/cas-server-core/src/main/java/org/jasig/cas/services/support/RegisteredServiceRegexAttributeFilter.java index 0dec046d73ff..a78d350a7c18 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/services/support/RegisteredServiceRegexAttributeFilter.java +++ b/cas-server-core/src/main/java/org/jasig/cas/services/support/RegisteredServiceRegexAttributeFilter.java @@ -27,8 +27,8 @@ import javax.validation.constraints.NotNull; -import org.apache.commons.lang.builder.EqualsBuilder; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.EqualsBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import org.jasig.cas.services.AttributeFilter; import org.slf4j.Logger; import org.slf4j.LoggerFactory; diff --git a/cas-server-core/src/main/java/org/jasig/cas/ticket/TicketGrantingTicketImpl.java b/cas-server-core/src/main/java/org/jasig/cas/ticket/TicketGrantingTicketImpl.java index e2beadd94625..f7f3de4caa76 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/ticket/TicketGrantingTicketImpl.java +++ b/cas-server-core/src/main/java/org/jasig/cas/ticket/TicketGrantingTicketImpl.java @@ -18,7 +18,7 @@ */ package org.jasig.cas.ticket; -import org.apache.commons.lang.builder.EqualsBuilder; +import org.apache.commons.lang3.builder.EqualsBuilder; import org.jasig.cas.authentication.Authentication; import org.jasig.cas.authentication.principal.Service; import org.slf4j.Logger; diff --git a/cas-server-core/src/main/java/org/jasig/cas/util/ISOStandardDateFormat.java b/cas-server-core/src/main/java/org/jasig/cas/util/ISOStandardDateFormat.java index 98efaf21d375..96038e7dc178 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/util/ISOStandardDateFormat.java +++ b/cas-server-core/src/main/java/org/jasig/cas/util/ISOStandardDateFormat.java @@ -18,9 +18,11 @@ */ package org.jasig.cas.util; -import java.util.Date; +import org.apache.commons.lang3.time.FastDateFormat; -import org.apache.commons.lang.time.FastDateFormat; +import java.util.Date; +import java.util.Locale; +import java.util.TimeZone; /** * A fast date format based on the ISO-8601 standard. @@ -39,8 +41,7 @@ public final class ISOStandardDateFormat extends FastDateFormat { * based on the format {@link #DATE_FORMAT}. */ public ISOStandardDateFormat() { - super(DATE_FORMAT, null, null); - super.init(); + super(DATE_FORMAT, TimeZone.getDefault(), Locale.getDefault()); } /** diff --git a/cas-server-core/src/main/java/org/jasig/cas/validation/ImmutableAssertion.java b/cas-server-core/src/main/java/org/jasig/cas/validation/ImmutableAssertion.java index aaa4bfc332cf..e2fbdf61d2d2 100644 --- a/cas-server-core/src/main/java/org/jasig/cas/validation/ImmutableAssertion.java +++ b/cas-server-core/src/main/java/org/jasig/cas/validation/ImmutableAssertion.java @@ -22,7 +22,7 @@ import java.util.Collections; import java.util.List; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import org.jasig.cas.authentication.Authentication; import org.jasig.cas.authentication.principal.Service; import org.springframework.util.Assert; diff --git a/cas-server-core/src/main/java/org/slf4j/impl/CasDelegatingLogger.java b/cas-server-core/src/main/java/org/slf4j/impl/CasDelegatingLogger.java new file mode 100644 index 000000000000..d5684cc5a728 --- /dev/null +++ b/cas-server-core/src/main/java/org/slf4j/impl/CasDelegatingLogger.java @@ -0,0 +1,429 @@ +/* + * Licensed to Jasig under one or more contributor license + * agreements. See the NOTICE file distributed with this work + * for additional information regarding copyright ownership. + * Jasig licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a + * copy of the License at the following location: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.slf4j.impl; + +import org.apache.commons.lang3.StringUtils; +import org.jasig.cas.ticket.TicketGrantingTicket; +import org.slf4j.Logger; +import org.slf4j.Marker; +import org.slf4j.helpers.MarkerIgnoringBase; + +import java.io.PrintWriter; +import java.io.Serializable; +import java.io.StringWriter; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +/** + * The CAS logger wrapper, which uses a substitute logger to route the logs. + * This component only exists to intercept logging calls before they are + * sent to the logging engine (log4j, etc) and serves to manipulate + * logging messages if needed, such as removing sensitive ticket id from + * the log message. + * @author Misagh Moayyed + * @since 4.1 + */ +public final class CasDelegatingLogger extends MarkerIgnoringBase implements Serializable { + + private static final long serialVersionUID = 6182834493563598289L; + + private static final Pattern TICKET_ID_PATTERN = Pattern.compile("(" + TicketGrantingTicket.PREFIX + "|" + + TicketGrantingTicket.PROXY_GRANTING_TICKET_PREFIX + + ")(-)*(\\w)*(-)*(\\w)*"); + + /** + * Specifies the ending tail length of the ticket id that would still be visible in the output + * for troubleshooting purposes. + */ + private static final int VISIBLE_ID_TAIL_LENGTH = 10; + + private final Logger delegate; + + /** + * Instantiates a new Cas delegating logger. + * + * @param delegate the delegate + */ + public CasDelegatingLogger(final Logger delegate) { + this.delegate = delegate; + } + + /** + * Manipulate the log message. For now, removes ticket ids from the log. + * @param msg log message + * @return message to log + */ + private String manipulateLogMessage(final String msg) { + return removeTicketId(msg); + } + + /** + * Manipulate the log arguments. For now, removes ticket ids from the log. + * @param args log args + * @return sanitized arguments + */ + private Object[] manipulateLogArguments(final Object... args) { + for (int i = 0; i < args.length; i++) { + if (args[i] != null) { + args[i] = removeTicketId(args[i].toString()); + } + } + return args; + } + + /** + * Remove ticket id from the log message. + * + * @param msg the message + * @return the modified message with tgt id removed + */ + private String removeTicketId(final String msg) { + final StringBuilder builder = new StringBuilder(msg.length()); + + String modifiedMessage = msg; + + final Matcher matcher = TICKET_ID_PATTERN.matcher(msg); + while (matcher.find()) { + final String match = matcher.group(); + final String newId = matcher.group(1) + "-" + + StringUtils.repeat("*", match.length() - VISIBLE_ID_TAIL_LENGTH) + + StringUtils.right(match, VISIBLE_ID_TAIL_LENGTH); + + modifiedMessage = modifiedMessage.replaceAll(match, newId); + } + return modifiedMessage; + } + + /** + * Gets exception to log. + * + * @param msg the msg + * @param t the t + * @return the exception to log + */ + private String getExceptionToLog(final String msg, final Throwable t) { + final StringWriter sW = new StringWriter(); + final PrintWriter w = new PrintWriter(sW); + w.println(manipulateLogMessage(msg)); + t.printStackTrace(w); + + final String log = sW.getBuffer().toString(); + return manipulateLogMessage(log); + } + + /* + * TRACE level logging + */ + @Override + public void trace(final String format, final Object arg) { + delegate.trace(manipulateLogMessage(format), manipulateLogArguments(arg)); + } + + @Override + public void trace(final String format, final Object arg1, final Object arg2) { + delegate.trace(manipulateLogMessage(format), manipulateLogArguments(arg1, arg2)); + } + + @Override + public void trace(final String format, final Object... arguments) { + delegate.trace(manipulateLogMessage(format), manipulateLogArguments(arguments)); + } + + @Override + public void trace(final String msg, final Throwable t) { + delegate.trace(getExceptionToLog(msg, t)); + } + + @Override + public void trace(final Marker marker, final String msg) { + delegate.trace(marker, manipulateLogMessage(msg)); + } + + @Override + public void trace(final Marker marker, final String format, final Object arg) { + delegate.trace(marker, manipulateLogMessage(format), manipulateLogArguments(arg)); + } + + @Override + public void trace(final Marker marker, final String format, final Object arg1, final Object arg2) { + delegate.trace(marker, manipulateLogMessage(format), manipulateLogArguments(arg1, arg2)); + } + + @Override + public void trace(final Marker marker, final String format, final Object... arguments) { + delegate.trace(marker, manipulateLogMessage(format), manipulateLogArguments(arguments)); + } + + @Override + public void trace(final Marker marker, final String msg, final Throwable t) { + delegate.trace(marker, getExceptionToLog(msg, t)); + } + + @Override + public void trace(final String msg) { + delegate.trace(manipulateLogMessage(msg)); + } + + @Override + public boolean isTraceEnabled() { + return delegate.isTraceEnabled(); + } + + /* + * DEBUG level logging + */ + + @Override + public boolean isDebugEnabled() { + return delegate.isDebugEnabled(); + } + + @Override + public void debug(final String format, final Object arg) { + delegate.debug(manipulateLogMessage(format), manipulateLogArguments(arg)); + } + + @Override + public void debug(final String format, final Object arg1, final Object arg2) { + delegate.debug(manipulateLogMessage(format), manipulateLogArguments(arg1, arg2)); + } + + @Override + public void debug(final String format, final Object... arguments) { + delegate.debug(manipulateLogMessage(format), manipulateLogArguments(arguments)); + } + + @Override + public void debug(final String msg, final Throwable t) { + delegate.debug(getExceptionToLog(msg, t)); + } + + @Override + public void debug(final Marker marker, final String msg) { + delegate.debug(marker, manipulateLogMessage(msg)); + } + + @Override + public void debug(final Marker marker, final String format, final Object arg) { + delegate.debug(marker, manipulateLogMessage(format), manipulateLogArguments(arg)); + } + + @Override + public void debug(final Marker marker, final String format, final Object arg1, final Object arg2) { + delegate.debug(marker, manipulateLogMessage(format), manipulateLogArguments(arg1, arg2)); + } + + @Override + public void debug(final Marker marker, final String format, final Object... arguments) { + delegate.debug(marker, manipulateLogMessage(format), manipulateLogArguments(arguments)); + } + + @Override + public void debug(final Marker marker, final String msg, final Throwable t) { + delegate.debug(marker, getExceptionToLog(msg, t)); + } + + @Override + public void debug(final String msg) { + delegate.debug(manipulateLogMessage(msg)); + } + + /* + * INFO level logging + */ + + @Override + public boolean isInfoEnabled() { + return delegate.isInfoEnabled(); + } + + @Override + public void info(final String format, final Object arg) { + delegate.info(manipulateLogMessage(format), manipulateLogArguments(arg)); + } + + @Override + public void info(final String format, final Object arg1, final Object arg2) { + delegate.info(manipulateLogMessage(format), manipulateLogArguments(arg1, arg2)); + } + + @Override + public void info(final String format, final Object... arguments) { + delegate.info(manipulateLogMessage(format), manipulateLogArguments(arguments)); + } + + @Override + public void info(final String msg, final Throwable t) { + delegate.info(getExceptionToLog(msg, t)); + } + + @Override + public void info(final Marker marker, final String msg) { + delegate.info(marker, manipulateLogMessage(msg)); + } + + @Override + public void info(final Marker marker, final String format, final Object arg) { + delegate.info(marker, manipulateLogMessage(format), manipulateLogArguments(arg)); + } + + @Override + public void info(final Marker marker, final String format, final Object arg1, final Object arg2) { + delegate.info(marker, manipulateLogMessage(format), manipulateLogArguments(arg1, arg2)); + } + + @Override + public void info(final Marker marker, final String format, final Object... arguments) { + delegate.info(marker, manipulateLogMessage(format), manipulateLogArguments(arguments)); + } + + @Override + public void info(final Marker marker, final String msg, final Throwable t) { + delegate.info(marker, getExceptionToLog(msg, t)); + } + + @Override + public void info(final String msg) { + delegate.info(manipulateLogMessage(msg)); + } + + /* + * WARN level logging + */ + + @Override + public boolean isWarnEnabled() { + return delegate.isWarnEnabled(); + } + + @Override + public void warn(final String format, final Object arg) { + delegate.warn(manipulateLogMessage(format), manipulateLogArguments(arg)); + } + + @Override + public void warn(final String format, final Object arg1, final Object arg2) { + delegate.warn(manipulateLogMessage(format), manipulateLogArguments(arg1, arg2)); + } + + @Override + public void warn(final String format, final Object... arguments) { + delegate.warn(manipulateLogMessage(format), manipulateLogArguments(arguments)); + } + + @Override + public void warn(final String msg, final Throwable t) { + delegate.warn(getExceptionToLog(msg, t)); + } + + @Override + public void warn(final Marker marker, final String msg) { + delegate.warn(marker, manipulateLogMessage(msg)); + } + + @Override + public void warn(final Marker marker, final String format, final Object arg) { + delegate.warn(marker, manipulateLogMessage(format), manipulateLogArguments(arg)); + } + + @Override + public void warn(final Marker marker, final String format, final Object arg1, final Object arg2) { + delegate.warn(marker, manipulateLogMessage(format), manipulateLogArguments(arg1, arg2)); + } + + @Override + public void warn(final Marker marker, final String format, final Object... arguments) { + delegate.warn(marker, manipulateLogMessage(format), manipulateLogArguments(arguments)); + } + + @Override + public void warn(final Marker marker, final String msg, final Throwable t) { + delegate.warn(marker, getExceptionToLog(msg, t)); + } + + @Override + public void warn(final String msg) { + delegate.warn(manipulateLogMessage(msg)); + } + + /* + * ERROR level logging + */ + + @Override + public boolean isErrorEnabled() { + return delegate.isErrorEnabled(); + } + + @Override + public void error(final String format, final Object arg) { + delegate.error(manipulateLogMessage(format), manipulateLogArguments(arg)); + } + + @Override + public void error(final String format, final Object arg1, final Object arg2) { + delegate.error(manipulateLogMessage(format), manipulateLogArguments(arg1, arg2)); + } + + @Override + public void error(final String format, final Object... arguments) { + delegate.error(manipulateLogMessage(format), manipulateLogArguments(arguments)); + } + + @Override + public void error(final String msg, final Throwable t) { + delegate.error(getExceptionToLog(msg, t)); + } + + @Override + public void error(final Marker marker, final String msg) { + delegate.error(marker, manipulateLogMessage(msg)); + } + + @Override + public void error(final Marker marker, final String format, final Object arg) { + delegate.error(marker, manipulateLogMessage(format), manipulateLogArguments(arg)); + } + + @Override + public void error(final Marker marker, final String format, final Object arg1, final Object arg2) { + delegate.error(marker, manipulateLogMessage(format), manipulateLogArguments(arg1, arg2)); + } + + @Override + public void error(final Marker marker, final String format, final Object... arguments) { + delegate.error(marker, manipulateLogMessage(format), manipulateLogArguments(arguments)); + } + + @Override + public void error(final Marker marker, final String msg, final Throwable t) { + delegate.error(marker, getExceptionToLog(msg, t)); + } + + @Override + public void error(final String msg) { + delegate.error(manipulateLogMessage(msg)); + } + + @Override + public String getName() { + return "CAS Delegating Logger"; + } +} diff --git a/cas-server-core/src/main/java/org/slf4j/impl/CasLoggerFactory.java b/cas-server-core/src/main/java/org/slf4j/impl/CasLoggerFactory.java new file mode 100644 index 000000000000..072e887fda5d --- /dev/null +++ b/cas-server-core/src/main/java/org/slf4j/impl/CasLoggerFactory.java @@ -0,0 +1,122 @@ +/* + * Licensed to Jasig under one or more contributor license + * agreements. See the NOTICE file distributed with this work + * for additional information regarding copyright ownership. + * Jasig licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a + * copy of the License at the following location: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.slf4j.impl; + +import org.apache.commons.lang3.StringUtils; +import org.reflections.Reflections; +import org.reflections.scanners.SubTypesScanner; +import org.reflections.util.ClasspathHelper; +import org.reflections.util.ConfigurationBuilder; +import org.slf4j.ILoggerFactory; +import org.slf4j.Logger; +import org.slf4j.helpers.NOPLogger; +import org.slf4j.helpers.Util; + +import java.net.URL; +import java.util.Map; +import java.util.Set; +import java.util.concurrent.ConcurrentHashMap; + +/** + * An implementation of {@link org.slf4j.ILoggerFactory} that is looked up via the + * {@link org.slf4j.impl.StaticLoggerBinder} of CAS itself. It is responsible for + * creating {@link org.slf4j.Logger} instances and passing them back to the slf4j engine. + * @author Misagh Moayyed + * @since 4.1 + */ +public final class CasLoggerFactory implements ILoggerFactory { + + private static final String PACKAGE_TO_SCAN = "org.slf4j.impl"; + + private final Map loggerMap; + + private final Class realLoggerFactoryClass; + /** + * Instantiates a new Cas logger factory. + * Configures the reflection scanning engine to be prepared to scan org.slf4j.impl + * in order to find other avaliable factories. + */ + public CasLoggerFactory() { + this.loggerMap = new ConcurrentHashMap(); + final Set set = ClasspathHelper.forPackage(PACKAGE_TO_SCAN); + final Reflections reflections = new Reflections(new ConfigurationBuilder().addUrls(set).setScanners(new SubTypesScanner())); + + final Set> subTypesOf = reflections.getSubTypesOf(ILoggerFactory.class); + subTypesOf.remove(this.getClass()); + + if (subTypesOf.size() > 1) { + Util.report("Multiple ILoggerFactory bindings are found on the classpath:"); + for (final Class c : subTypesOf) { + Util.report("* " + c.getCanonicalName()); + } + } + + if (subTypesOf.isEmpty()) { + final RuntimeException e = new RuntimeException("No ILoggerFactory could be found on the classpath." + + " CAS cannot determine the logging framework." + + " Examine the project dependencies and ensure there is one and only one logging framework is available."); + + Util.report(e.getMessage(), e); + throw e; + } + this.realLoggerFactoryClass = subTypesOf.iterator().next(); + Util.report("ILoggerFactory to be used for logging is: " + this.realLoggerFactoryClass.getName()); + } + + /** + * {@inheritDoc} + *

Attempts to find the real Logger instance that + * is doing the heavy lifting and routes the request to an instance of + * {@link CasDelegatingLogger}. The instance is cached by the logger name.

+ */ + @Override + public Logger getLogger(final String name) { + if (StringUtils.isBlank(name)) { + return NOPLogger.NOP_LOGGER; + } + synchronized (loggerMap) { + if (!loggerMap.containsKey(name)) { + final Logger logger = getRealLoggerInstance(name); + loggerMap.put(name, new CasDelegatingLogger(logger)); + } + return loggerMap.get(name); + } + } + + /** + * Find the actual Logger instance that is available on the classpath. + * This is usually the logger adapter that is provided by the real logging framework, + * such as log4j, etc. The method will scan the runtime to find logger factories that + * are of type {@link org.slf4j.ILoggerFactory}. It will remove itself from this list + * first and then attempts to locate the next best factory from which real logger instances + * can be created. + * @param name requested logger name + * @return the logger instance created by the logger factory available on the classpath during runtime, or null. + */ + private Logger getRealLoggerInstance(final String name) { + try { + final ILoggerFactory factInstance = this.realLoggerFactoryClass.newInstance(); + return factInstance.getLogger(name); + } catch (final Exception e) { + throw new RuntimeException(e.getMessage(), e); + } + } + +} diff --git a/cas-server-core/src/main/java/org/slf4j/impl/StaticLoggerBinder.java b/cas-server-core/src/main/java/org/slf4j/impl/StaticLoggerBinder.java new file mode 100644 index 000000000000..24bdc6c01155 --- /dev/null +++ b/cas-server-core/src/main/java/org/slf4j/impl/StaticLoggerBinder.java @@ -0,0 +1,70 @@ +/* + * Licensed to Jasig under one or more contributor license + * agreements. See the NOTICE file distributed with this work + * for additional information regarding copyright ownership. + * Jasig licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a + * copy of the License at the following location: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.slf4j.impl; + +import org.slf4j.ILoggerFactory; +import org.slf4j.spi.LoggerFactoryBinder; + +/** + * The static binder for slf4j logging, which allows CAS + * to select its own {@Link ILoggerFactory} instance at runtime. + * Note that this class MUST reside in the org.slf4j.impl + * package so it can be loaded by the runtime dynamic lookup. + * @author Misagh Moayyed + * @since 4.1 + */ +public final class StaticLoggerBinder implements LoggerFactoryBinder { + + /** + * The unique instance of this class. + */ + private static final StaticLoggerBinder SINGLETON = new StaticLoggerBinder(); + + /** + * Return the singleton of this class. + * + * @return the StaticLoggerBinder singleton + */ + public static StaticLoggerBinder getSingleton() { + return SINGLETON; + } + + /** + * The {@link ILoggerFactory} instance returned by the + * {@link #getLoggerFactory} method should always be the same + * object. + */ + private final ILoggerFactory loggerFactory; + + /** + * Instantiates a new Static logger binder. + */ + private StaticLoggerBinder() { + this.loggerFactory = new CasLoggerFactory(); + } + + public ILoggerFactory getLoggerFactory() { + return this.loggerFactory; + } + + public String getLoggerFactoryClassStr() { + return CasLoggerFactory.class.getName(); + } +} diff --git a/cas-server-core/src/test/java/org/jasig/cas/authentication/handler/support/HttpBasedServiceCredentialsAuthenticationHandlerTests.java b/cas-server-core/src/test/java/org/jasig/cas/authentication/handler/support/HttpBasedServiceCredentialsAuthenticationHandlerTests.java index fea3b3fe3d6b..6d0ee10c932f 100644 --- a/cas-server-core/src/test/java/org/jasig/cas/authentication/handler/support/HttpBasedServiceCredentialsAuthenticationHandlerTests.java +++ b/cas-server-core/src/test/java/org/jasig/cas/authentication/handler/support/HttpBasedServiceCredentialsAuthenticationHandlerTests.java @@ -66,7 +66,7 @@ public void testRejectsInProperCertificateCredentials() throws Exception { public void testAcceptsNonHttpsCredentials() throws Exception { this.authenticationHandler.setHttpClient(new SimpleHttpClient()); assertNotNull(this.authenticationHandler.authenticate( - TestUtils.getHttpBasedServiceCredentials("http://www.jasig.org"))); + TestUtils.getHttpBasedServiceCredentials("http://www.google.com"))); } @Test(expected = FailedLoginException.class) diff --git a/cas-server-core/src/test/java/org/jasig/cas/services/AttributeReleasePolicyTests.java b/cas-server-core/src/test/java/org/jasig/cas/services/AttributeReleasePolicyTests.java index 9b846cf3562f..a1d3fa954ab8 100644 --- a/cas-server-core/src/test/java/org/jasig/cas/services/AttributeReleasePolicyTests.java +++ b/cas-server-core/src/test/java/org/jasig/cas/services/AttributeReleasePolicyTests.java @@ -26,7 +26,7 @@ import java.util.HashMap; import java.util.Map; -import org.apache.commons.lang.SerializationUtils; +import org.apache.commons.lang3.SerializationUtils; import org.jasig.cas.authentication.principal.Principal; import org.jasig.cas.services.support.RegisteredServiceRegexAttributeFilter; import org.junit.Test; diff --git a/cas-server-core/src/test/java/org/jasig/cas/services/support/RegisteredServiceRegexAttributeFilterTests.java b/cas-server-core/src/test/java/org/jasig/cas/services/support/RegisteredServiceRegexAttributeFilterTests.java index 49816b17bdc2..26038473048b 100644 --- a/cas-server-core/src/test/java/org/jasig/cas/services/support/RegisteredServiceRegexAttributeFilterTests.java +++ b/cas-server-core/src/test/java/org/jasig/cas/services/support/RegisteredServiceRegexAttributeFilterTests.java @@ -29,7 +29,7 @@ import java.util.List; import java.util.Map; -import org.apache.commons.lang.SerializationUtils; +import org.apache.commons.lang3.SerializationUtils; import org.jasig.cas.services.AttributeFilter; import org.jasig.cas.services.RegisteredService; import org.junit.Before; diff --git a/cas-server-core/src/test/java/org/jasig/cas/util/SimpleHttpClientTests.java b/cas-server-core/src/test/java/org/jasig/cas/util/SimpleHttpClientTests.java index 27cd5f600c0b..a03384109295 100644 --- a/cas-server-core/src/test/java/org/jasig/cas/util/SimpleHttpClientTests.java +++ b/cas-server-core/src/test/java/org/jasig/cas/util/SimpleHttpClientTests.java @@ -43,7 +43,7 @@ private SimpleHttpClient getHttpClient() { @Test public void testOkayUrl() { - assertTrue(this.getHttpClient().isValidEndPoint("http://www.apereo.org")); + assertTrue(this.getHttpClient().isValidEndPoint("http://www.google.com")); } @Test diff --git a/cas-server-core/src/test/java/org/slf4j/impl/CasLoggerFactoryTests.java b/cas-server-core/src/test/java/org/slf4j/impl/CasLoggerFactoryTests.java new file mode 100644 index 000000000000..4640f6936629 --- /dev/null +++ b/cas-server-core/src/test/java/org/slf4j/impl/CasLoggerFactoryTests.java @@ -0,0 +1,353 @@ +/* + * Licensed to Jasig under one or more contributor license + * agreements. See the NOTICE file distributed with this work + * for additional information regarding copyright ownership. + * Jasig licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a + * copy of the License at the following location: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.slf4j.impl; + +import org.apache.commons.io.FileUtils; +import org.apache.commons.lang3.StringUtils; +import org.jasig.cas.ticket.InvalidTicketException; +import org.jasig.cas.ticket.TicketGrantingTicket; +import org.junit.After; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.slf4j.Marker; +import org.slf4j.helpers.Util; + +import java.io.File; +import java.io.IOException; + +import static org.junit.Assert.*; +import static org.mockito.Mockito.*; + +/** + * @author Misagh Moayyed + */ +public class CasLoggerFactoryTests { + + private static final File LOG_FILE = new File("target", "slf4j.log"); + + private static final String ID1 = "TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas"; + private static final String ID2 = "PGT-1-B0tjWgMIhUU4kgCZd32xnWccTFYpTbRbArjaoutXnlNMbIShEu-cas"; + + private Logger logger; + + @BeforeClass + public static void beforeClass() throws IOException { + if (LOG_FILE.exists()) { + Util.report("Initializing log file " + LOG_FILE.getCanonicalPath()); + FileUtils.write(LOG_FILE, "", false); + } + } + + @After + public void after() throws IOException { + FileUtils.write(LOG_FILE, "", false); + } + + @Before + public void beforeTest() { + logger = LoggerFactory.getLogger(CasLoggerFactoryTests.class); + } + + @Test + public void testLoggerSelectedCorrectly() { + assertTrue(logger instanceof CasDelegatingLogger); + } + + @Test + public void testLogging1() { + logger.trace(mock(Marker.class), getMessageToLogWithParams(), null, null); + validateLogData(); + } + + @Test + public void testLogging2() { + logger.trace(mock(Marker.class), getMessageToLog()); + validateLogData(); + } + + @Test + public void testLogging3() { + logger.trace(mock(Marker.class), getMessageToLogWithParams(), ID2, ID1); + validateLogData(); + } + + @Test + public void testLogging4() { + logger.trace(mock(Marker.class), getMessageToLogWithParams(), ID2, ID1, ID2); + validateLogData(); + } + + @Test + public void testLogging5() { + logger.trace(mock(Marker.class), getMessageToLog(), new RuntimeException(ID1, new InvalidTicketException(ID2))); + validateLogData(); + } + + @Test + public void testLogging6() { + logger.trace(getMessageToLog()); + validateLogData(); + } + + @Test + public void testLogging7() { + logger.trace(getMessageToLogWithParams(), ID2, ID1); + validateLogData(); + } + + @Test + public void testLogging8() { + logger.trace(getMessageToLogWithParams(), ID2, ID1, ID2); + validateLogData(); + } + + @Test + public void testLogging9() { + logger.trace(getMessageToLog(), new RuntimeException(ID1, new InvalidTicketException(ID2))); + validateLogData(); + } + + @Test + public void testLogging21() { + logger.debug(mock(Marker.class), getMessageToLog()); + validateLogData(); + } + + @Test + public void testLogging31() { + logger.debug(mock(Marker.class), getMessageToLogWithParams(), ID2, ID1); + validateLogData(); + } + + @Test + public void testLogging41() { + logger.debug(mock(Marker.class), getMessageToLogWithParams(), ID2, ID1, ID2); + validateLogData(); + } + + @Test + public void testLogging51() { + logger.debug(mock(Marker.class), getMessageToLog(), new RuntimeException(ID1, new InvalidTicketException(ID2))); + validateLogData(); + } + + @Test + public void testLogging61() { + logger.debug(getMessageToLog()); + validateLogData(); + } + + @Test + public void testLogging771() { + final TicketGrantingTicket t = mock(TicketGrantingTicket.class); + when(t.getId()).thenReturn(ID1); + when(t.toString()).thenReturn(ID1); + + logger.debug(getMessageToLogWithParams(), ID2, t); + validateLogData(); + } + + @Test + public void testLogging71() { + logger.debug(getMessageToLogWithParams(), ID2, ID1); + validateLogData(); + } + + @Test + public void testLogging81() { + logger.debug(getMessageToLogWithParams(), ID2, ID1, ID2); + validateLogData(); + } + + @Test + public void testLogging91() { + logger.debug(getMessageToLog(), new RuntimeException(ID1, new InvalidTicketException(ID2))); + validateLogData(); + } + + @Test + public void testLogging211() { + logger.info(mock(Marker.class), getMessageToLog()); + validateLogData(); + } + + @Test + public void testLogging311() { + logger.info(mock(Marker.class), getMessageToLogWithParams(), ID2, ID1); + validateLogData(); + } + + @Test + public void testLogging411() { + logger.info(mock(Marker.class), getMessageToLogWithParams(), ID2, ID1, ID2); + validateLogData(); + } + + @Test + public void testLogging511() { + logger.info(mock(Marker.class), getMessageToLog(), new RuntimeException(ID1, new InvalidTicketException(ID2))); + validateLogData(); + } + + @Test + public void testLogging611() { + logger.info(getMessageToLog()); + validateLogData(); + } + + @Test + public void testLogging711() { + logger.info(getMessageToLogWithParams(), ID2, ID1); + validateLogData(); + } + + @Test + public void testLogging811() { + logger.info(getMessageToLogWithParams(), ID2, ID1, ID2); + validateLogData(); + } + + @Test + public void testLogging911() { + logger.info(getMessageToLog(), new RuntimeException(ID1, new InvalidTicketException(ID2))); + validateLogData(); + } + + @Test + public void testLogging2111() { + logger.warn(mock(Marker.class), getMessageToLog()); + validateLogData(); + } + + @Test + public void testLogging3111() { + logger.warn(mock(Marker.class), getMessageToLogWithParams(), ID2, ID1); + validateLogData(); + } + + @Test + public void testLogging4111() { + logger.warn(mock(Marker.class), getMessageToLogWithParams(), ID2, ID1, ID2); + validateLogData(); + } + + @Test + public void testLogging5111() { + logger.warn(mock(Marker.class), getMessageToLog(), new RuntimeException(ID1, new InvalidTicketException(ID2))); + validateLogData(); + } + + @Test + public void testLogging6111() { + logger.warn(getMessageToLog()); + validateLogData(); + } + + @Test + public void testLogging7111() { + logger.warn(getMessageToLogWithParams(), ID2, ID1); + validateLogData(); + } + + @Test + public void testLogging8111() { + logger.warn(getMessageToLogWithParams(), ID2, ID1, ID2); + validateLogData(); + } + + @Test + public void testLogging9111() { + logger.warn(getMessageToLog(), new RuntimeException(ID1, new InvalidTicketException(ID2))); + validateLogData(); + } + + @Test + public void testLogging21110() { + logger.error(mock(Marker.class), getMessageToLog()); + validateLogData(); + } + + @Test + public void testLogging31110() { + logger.error(mock(Marker.class), getMessageToLogWithParams(), ID2, ID1); + validateLogData(); + } + + @Test + public void testLogging41110() { + logger.error(mock(Marker.class), getMessageToLogWithParams(), ID2, ID1, ID2); + validateLogData(); + } + + @Test + public void testLogging51110() { + logger.error(mock(Marker.class), getMessageToLog(), new RuntimeException(ID1, new InvalidTicketException(ID2))); + validateLogData(); + } + + @Test + public void testLogging61110() { + logger.error(getMessageToLog()); + validateLogData(); + } + + @Test + public void testLogging71110() { + logger.error(getMessageToLogWithParams(), ID2, ID1); + validateLogData(); + } + + @Test + public void testLogging81110() { + logger.error(getMessageToLogWithParams(), ID2, ID1, ID2); + validateLogData(); + } + + @Test + public void testLogging91110() { + logger.error(getMessageToLog(), new RuntimeException(ID1, new InvalidTicketException(ID2))); + validateLogData(); + } + + private String getMessageToLog() { + return String.format("Here is one %s and here is another %s", ID1, ID2); + } + + private String getMessageToLogWithParams() { + return "Here is one {} and here is another {}"; + } + + private void validateLogData() { + try { + assertTrue("Log file " + LOG_FILE.getCanonicalPath() + " does not exist", LOG_FILE.exists()); + + final String data = FileUtils.readFileToString(LOG_FILE); + assertTrue("Logged buffer data is blank in " + LOG_FILE.getCanonicalPath(), StringUtils.isNotBlank(data)); + assertFalse("Logged buffer data should not contain " + ID1, data.contains(ID1)); + assertFalse("Logged buffer data should not contain " + ID2, data.contains(ID2)); + } catch (final IOException e) { + fail(e.getMessage()); + } + } +} + diff --git a/cas-server-core/src/test/resources/log4j.properties b/cas-server-core/src/test/resources/log4j.properties index b081a01aac2c..ee1fe02ff39d 100644 --- a/cas-server-core/src/test/resources/log4j.properties +++ b/cas-server-core/src/test/resources/log4j.properties @@ -21,9 +21,17 @@ # under the License. # -log4j.rootCategory=INFO, stdout +log4j.appender.file=org.apache.log4j.RollingFileAppender +log4j.appender.file.File=target/slf4j.log +log4j.appender.file.MaxFileSize=10MB +log4j.appender.file.MaxBackupIndex=1 +log4j.appender.file.layout=org.apache.log4j.PatternLayout +log4j.appender.file.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n + log4j.appender.stdout=org.apache.log4j.ConsoleAppender log4j.appender.stdout.layout=org.apache.log4j.PatternLayout log4j.appender.stdout.layout.ConversionPattern=%-5p %d{ISO8601} %t::%c{1} - %m%n -log4j.logger.org.jasig.cas=DEBUG +log4j.rootCategory=WARN, stdout +log4j.logger.org.jasig.cas=WARN, stdout +log4j.logger.org.slf4j.impl=TRACE, file diff --git a/cas-server-extension-clearpass/src/main/java/org/jasig/cas/extension/clearpass/ClearPassController.java b/cas-server-extension-clearpass/src/main/java/org/jasig/cas/extension/clearpass/ClearPassController.java index 9ab6103090c7..1d87ea562d59 100644 --- a/cas-server-extension-clearpass/src/main/java/org/jasig/cas/extension/clearpass/ClearPassController.java +++ b/cas-server-extension-clearpass/src/main/java/org/jasig/cas/extension/clearpass/ClearPassController.java @@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletResponse; import javax.validation.constraints.NotNull; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.web.servlet.ModelAndView; diff --git a/cas-server-integration-ehcache/src/main/java/org/jasig/cas/ticket/registry/EhCacheTicketRegistry.java b/cas-server-integration-ehcache/src/main/java/org/jasig/cas/ticket/registry/EhCacheTicketRegistry.java index 1851f1256486..045050dd0ffc 100644 --- a/cas-server-integration-ehcache/src/main/java/org/jasig/cas/ticket/registry/EhCacheTicketRegistry.java +++ b/cas-server-integration-ehcache/src/main/java/org/jasig/cas/ticket/registry/EhCacheTicketRegistry.java @@ -24,8 +24,8 @@ import net.sf.ehcache.Element; import net.sf.ehcache.config.CacheConfiguration; -import org.apache.commons.lang.BooleanUtils; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.BooleanUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.ticket.ServiceTicket; import org.jasig.cas.ticket.Ticket; import org.jasig.cas.ticket.TicketGrantingTicket; diff --git a/cas-server-integration-memcached/src/test/java/org/jasig/cas/ticket/registry/support/kryo/KryoTranscoderTests.java b/cas-server-integration-memcached/src/test/java/org/jasig/cas/ticket/registry/support/kryo/KryoTranscoderTests.java index c39ca514d5d4..ab0f7f2c2941 100644 --- a/cas-server-integration-memcached/src/test/java/org/jasig/cas/ticket/registry/support/kryo/KryoTranscoderTests.java +++ b/cas-server-integration-memcached/src/test/java/org/jasig/cas/ticket/registry/support/kryo/KryoTranscoderTests.java @@ -20,7 +20,7 @@ import com.esotericsoftware.kryo.Serializer; import com.esotericsoftware.kryo.serialize.FieldSerializer; -import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import org.jasig.cas.authentication.Authentication; import org.jasig.cas.authentication.AuthenticationBuilder; import org.jasig.cas.authentication.AuthenticationHandler; diff --git a/cas-server-integration-restlet/src/main/java/org/jasig/cas/integration/restlet/TicketResource.java b/cas-server-integration-restlet/src/main/java/org/jasig/cas/integration/restlet/TicketResource.java index be6677a737a8..36fc1777d7e1 100644 --- a/cas-server-integration-restlet/src/main/java/org/jasig/cas/integration/restlet/TicketResource.java +++ b/cas-server-integration-restlet/src/main/java/org/jasig/cas/integration/restlet/TicketResource.java @@ -28,7 +28,7 @@ import java.util.Set; import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.CentralAuthenticationService; import org.jasig.cas.authentication.Credential; import org.jasig.cas.authentication.UsernamePasswordCredential; diff --git a/cas-server-support-jdbc/pom.xml b/cas-server-support-jdbc/pom.xml index 66fd1d80593d..76e3d772cb47 100644 --- a/cas-server-support-jdbc/pom.xml +++ b/cas-server-support-jdbc/pom.xml @@ -37,8 +37,9 @@ - commons-lang - commons-lang + org.apache.commons + commons-lang3 + compile diff --git a/cas-server-support-ldap/src/main/java/org/jasig/cas/adaptors/ldap/services/DefaultLdapServiceMapper.java b/cas-server-support-ldap/src/main/java/org/jasig/cas/adaptors/ldap/services/DefaultLdapServiceMapper.java index 9e8a5d0537f2..2847e9dd0712 100644 --- a/cas-server-support-ldap/src/main/java/org/jasig/cas/adaptors/ldap/services/DefaultLdapServiceMapper.java +++ b/cas-server-support-ldap/src/main/java/org/jasig/cas/adaptors/ldap/services/DefaultLdapServiceMapper.java @@ -18,7 +18,7 @@ */ package org.jasig.cas.adaptors.ldap.services; -import org.apache.commons.lang.SerializationUtils; +import org.apache.commons.lang3.SerializationUtils; import org.jasig.cas.services.AbstractRegisteredService; import org.jasig.cas.services.AttributeReleasePolicy; diff --git a/cas-server-support-ldap/src/main/java/org/jasig/cas/util/LdapUtils.java b/cas-server-support-ldap/src/main/java/org/jasig/cas/util/LdapUtils.java index e7271aabaa11..78fd53f4ff01 100644 --- a/cas-server-support-ldap/src/main/java/org/jasig/cas/util/LdapUtils.java +++ b/cas-server-support-ldap/src/main/java/org/jasig/cas/util/LdapUtils.java @@ -18,7 +18,7 @@ */ package org.jasig.cas.util; -import org.apache.commons.lang.math.NumberUtils; +import org.apache.commons.lang3.math.NumberUtils; import org.ldaptive.Connection; import org.ldaptive.LdapAttribute; import org.ldaptive.LdapEntry; diff --git a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/OAuthUtils.java b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/OAuthUtils.java index 87114f36b134..60238036f904 100644 --- a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/OAuthUtils.java +++ b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/OAuthUtils.java @@ -27,7 +27,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.services.RegisteredService; import org.jasig.cas.services.ServicesManager; import org.jasig.cas.support.oauth.services.OAuthRegisteredService; diff --git a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/services/OAuthRegisteredService.java b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/services/OAuthRegisteredService.java index bcb1b3c7662a..60a1901ba3ca 100644 --- a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/services/OAuthRegisteredService.java +++ b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/services/OAuthRegisteredService.java @@ -18,7 +18,7 @@ */ package org.jasig.cas.support.oauth.services; -import org.apache.commons.lang.builder.ToStringBuilder; +import org.apache.commons.lang3.builder.ToStringBuilder; import org.jasig.cas.services.RegexRegisteredService; /** diff --git a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/BaseOAuthWrapperController.java b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/BaseOAuthWrapperController.java index dbbc82465b4a..b5457314f2c1 100644 --- a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/BaseOAuthWrapperController.java +++ b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/BaseOAuthWrapperController.java @@ -22,7 +22,7 @@ import javax.servlet.http.HttpServletResponse; import javax.validation.constraints.NotNull; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.services.ServicesManager; import org.jasig.cas.ticket.registry.TicketRegistry; import org.slf4j.Logger; diff --git a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20AccessTokenController.java b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20AccessTokenController.java index 455d63b28e0f..9092095efed9 100644 --- a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20AccessTokenController.java +++ b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20AccessTokenController.java @@ -21,7 +21,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.services.ServicesManager; import org.jasig.cas.support.oauth.OAuthConstants; import org.jasig.cas.support.oauth.OAuthUtils; diff --git a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20AuthorizeController.java b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20AuthorizeController.java index 2d1e6535f401..2a7bd7d3554e 100644 --- a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20AuthorizeController.java +++ b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20AuthorizeController.java @@ -22,7 +22,7 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.services.ServicesManager; import org.jasig.cas.support.oauth.OAuthConstants; import org.jasig.cas.support.oauth.OAuthUtils; diff --git a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20CallbackAuthorizeController.java b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20CallbackAuthorizeController.java index 741d2b13d41c..6a94ba00f7cd 100644 --- a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20CallbackAuthorizeController.java +++ b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20CallbackAuthorizeController.java @@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.support.oauth.OAuthConstants; import org.jasig.cas.support.oauth.OAuthUtils; import org.slf4j.Logger; diff --git a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20ProfileController.java b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20ProfileController.java index d35c9022679f..794452c897eb 100644 --- a/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20ProfileController.java +++ b/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20ProfileController.java @@ -24,7 +24,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.authentication.principal.Principal; import org.jasig.cas.support.oauth.OAuthConstants; import org.jasig.cas.ticket.TicketGrantingTicket; diff --git a/cas-server-support-oauth/src/test/java/org/jasig/cas/support/oauth/web/OAuth20AccessTokenControllerTests.java b/cas-server-support-oauth/src/test/java/org/jasig/cas/support/oauth/web/OAuth20AccessTokenControllerTests.java index 191a6a45e277..c5a15c884902 100644 --- a/cas-server-support-oauth/src/test/java/org/jasig/cas/support/oauth/web/OAuth20AccessTokenControllerTests.java +++ b/cas-server-support-oauth/src/test/java/org/jasig/cas/support/oauth/web/OAuth20AccessTokenControllerTests.java @@ -27,7 +27,7 @@ import java.util.ArrayList; import java.util.List; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.services.RegisteredService; import org.jasig.cas.services.ServicesManager; import org.jasig.cas.support.oauth.OAuthConstants; diff --git a/cas-server-support-pac4j/src/main/java/org/jasig/cas/support/pac4j/authentication/handler/support/ClientAuthenticationHandler.java b/cas-server-support-pac4j/src/main/java/org/jasig/cas/support/pac4j/authentication/handler/support/ClientAuthenticationHandler.java index 42c98109c2eb..4945ee6eb0b0 100644 --- a/cas-server-support-pac4j/src/main/java/org/jasig/cas/support/pac4j/authentication/handler/support/ClientAuthenticationHandler.java +++ b/cas-server-support-pac4j/src/main/java/org/jasig/cas/support/pac4j/authentication/handler/support/ClientAuthenticationHandler.java @@ -19,23 +19,25 @@ package org.jasig.cas.support.pac4j.authentication.handler.support; import java.security.GeneralSecurityException; + import javax.security.auth.login.FailedLoginException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.validation.constraints.NotNull; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.authentication.BasicCredentialMetaData; +import org.jasig.cas.authentication.Credential; import org.jasig.cas.authentication.HandlerResult; import org.jasig.cas.authentication.PreventedException; import org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler; -import org.jasig.cas.authentication.Credential; import org.jasig.cas.authentication.principal.SimplePrincipal; import org.jasig.cas.support.pac4j.authentication.principal.ClientCredential; import org.pac4j.core.client.Client; import org.pac4j.core.client.Clients; import org.pac4j.core.context.J2EContext; import org.pac4j.core.context.WebContext; +import org.pac4j.core.credentials.Credentials; import org.pac4j.core.profile.UserProfile; import org.springframework.webflow.context.ExternalContextHolder; import org.springframework.webflow.context.servlet.ServletExternalContext; @@ -79,7 +81,7 @@ protected HandlerResult doAuthentication(final Credential credential) throws Gen logger.debug("clientName : {}", clientName); // get client - final Client client = this.clients.findClient(clientName); + final Client client = this.clients.findClient(clientName); logger.debug("client : {}", client); // web context @@ -92,12 +94,15 @@ protected HandlerResult doAuthentication(final Credential credential) throws Gen final UserProfile userProfile = client.getUserProfile(clientCredentials.getCredentials(), webContext); logger.debug("userProfile : {}", userProfile); - if (userProfile != null && StringUtils.isNotBlank(userProfile.getId())) { - clientCredentials.setUserProfile(userProfile); - return new HandlerResult( - this, - new BasicCredentialMetaData(credential), - new SimplePrincipal(userProfile.getId(), userProfile.getAttributes())); + if (userProfile != null) { + final String id = userProfile.getTypedId(); + if (StringUtils.isNotBlank(id)) { + clientCredentials.setUserProfile(userProfile); + return new HandlerResult( + this, + new BasicCredentialMetaData(credential), + new SimplePrincipal(id, userProfile.getAttributes())); + } } throw new FailedLoginException("Provider did not produce profile for " + clientCredentials); diff --git a/cas-server-support-pac4j/src/main/java/org/jasig/cas/support/pac4j/web/flow/ClientAction.java b/cas-server-support-pac4j/src/main/java/org/jasig/cas/support/pac4j/web/flow/ClientAction.java index 8b0c9b72470a..6615f16d572d 100644 --- a/cas-server-support-pac4j/src/main/java/org/jasig/cas/support/pac4j/web/flow/ClientAction.java +++ b/cas-server-support-pac4j/src/main/java/org/jasig/cas/support/pac4j/web/flow/ClientAction.java @@ -23,7 +23,7 @@ import javax.servlet.http.HttpSession; import javax.validation.constraints.NotNull; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.CentralAuthenticationService; import org.jasig.cas.authentication.principal.Service; import org.jasig.cas.support.pac4j.authentication.principal.ClientCredential; diff --git a/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/authentication/handler/support/ClientAuthenticationHandlerTests.java b/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/authentication/handler/support/ClientAuthenticationHandlerTests.java new file mode 100644 index 000000000000..5d36e644f24a --- /dev/null +++ b/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/authentication/handler/support/ClientAuthenticationHandlerTests.java @@ -0,0 +1,84 @@ +/* + * Licensed to Jasig under one or more contributor license + * agreements. See the NOTICE file distributed with this work + * for additional information regarding copyright ownership. + * Jasig licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a + * copy of the License at the following location: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.jasig.cas.support.pac4j.authentication.handler.support; + +import static org.junit.Assert.assertEquals; +import static org.mockito.Mockito.mock; + +import java.security.GeneralSecurityException; + +import javax.security.auth.login.FailedLoginException; + +import org.jasig.cas.authentication.HandlerResult; +import org.jasig.cas.authentication.PreventedException; +import org.jasig.cas.authentication.principal.Principal; +import org.jasig.cas.support.pac4j.authentication.principal.ClientCredential; +import org.jasig.cas.support.pac4j.test.MockFacebookClient; +import org.junit.Before; +import org.junit.Test; +import org.pac4j.core.client.Clients; +import org.pac4j.core.credentials.Credentials; +import org.pac4j.oauth.credentials.OAuthCredentials; +import org.pac4j.oauth.profile.facebook.FacebookProfile; +import org.springframework.webflow.context.ExternalContextHolder; +import org.springframework.webflow.context.servlet.ServletExternalContext; + +/** + * Tests the {@link ClientAuthenticationHandler}. + * + * @author Jerome Leleu + * @since 4.1 + * + */ +public final class ClientAuthenticationHandlerTests { + + private final static String CALLBACK_URL = "http://localhost:8080/callback"; + private final static String ID = "123456789"; + + private MockFacebookClient fbClient; + + private ClientAuthenticationHandler handler; + + private ClientCredential clientCredential; + + @Before + public void setUp() { + this.fbClient = new MockFacebookClient(); + final Clients clients = new Clients(CALLBACK_URL, fbClient); + this.handler = new ClientAuthenticationHandler(clients); + final Credentials credentials = new OAuthCredentials(null, MockFacebookClient.CLIENT_NAME); + this.clientCredential = new ClientCredential(credentials); + ExternalContextHolder.setExternalContext(mock(ServletExternalContext.class)); + } + + @Test + public void testOk() throws GeneralSecurityException, PreventedException { + final FacebookProfile facebookProfile = new FacebookProfile(); + facebookProfile.setId(ID); + this.fbClient.setFacebookProfile(facebookProfile); + final HandlerResult result = this.handler.authenticate(this.clientCredential); + final Principal principal = result.getPrincipal(); + assertEquals(FacebookProfile.class.getSimpleName() + "#" + ID, principal.getId()); + } + + @Test(expected = FailedLoginException.class) + public void testNoProfile() throws GeneralSecurityException, PreventedException { + this.handler.authenticate(this.clientCredential); + } +} diff --git a/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/web/flow/MockFacebookClient.java b/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/test/MockFacebookClient.java similarity index 68% rename from cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/web/flow/MockFacebookClient.java rename to cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/test/MockFacebookClient.java index 8f6fdb7d30f0..770b38bddbbb 100644 --- a/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/web/flow/MockFacebookClient.java +++ b/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/test/MockFacebookClient.java @@ -16,11 +16,12 @@ * specific language governing permissions and limitations * under the License. */ -package org.jasig.cas.support.pac4j.web.flow; +package org.jasig.cas.support.pac4j.test; import org.pac4j.core.context.WebContext; import org.pac4j.oauth.client.FacebookClient; import org.pac4j.oauth.credentials.OAuthCredentials; +import org.pac4j.oauth.profile.facebook.FacebookProfile; /** * Mock class for the FacebookClient. @@ -30,9 +31,13 @@ */ public class MockFacebookClient extends FacebookClient { + public final static String CLIENT_NAME = "FacebookClient"; + + private FacebookProfile facebookProfile; + @Override public String getName() { - return "FacebookClient"; + return CLIENT_NAME; } @Override @@ -43,4 +48,17 @@ protected void internalInit() { protected OAuthCredentials retrieveCredentials(final WebContext context) { return new OAuthCredentials("fakeVerifier", getName()); } + + @Override + protected FacebookProfile retrieveUserProfile(final OAuthCredentials credentials, final WebContext context) { + return facebookProfile; + } + + public FacebookProfile getFacebookProfile() { + return facebookProfile; + } + + public void setFacebookProfile(FacebookProfile facebookProfile) { + this.facebookProfile = facebookProfile; + } } diff --git a/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/web/flow/ClientActionTests.java b/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/web/flow/ClientActionTests.java index 9a174e4f9398..858539284c25 100644 --- a/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/web/flow/ClientActionTests.java +++ b/cas-server-support-pac4j/src/test/java/org/jasig/cas/support/pac4j/web/flow/ClientActionTests.java @@ -26,6 +26,7 @@ import org.jasig.cas.CentralAuthenticationService; import org.jasig.cas.authentication.principal.Service; import org.jasig.cas.authentication.principal.SimpleWebApplicationServiceImpl; +import org.jasig.cas.support.pac4j.test.MockFacebookClient; import org.junit.Test; import org.pac4j.core.client.Clients; import org.pac4j.oauth.client.FacebookClient; diff --git a/cas-server-support-radius/src/main/java/org/jasig/cas/adaptors/radius/JRadiusServerImpl.java b/cas-server-support-radius/src/main/java/org/jasig/cas/adaptors/radius/JRadiusServerImpl.java index 67f0b38e9e07..b9b70ce34b6e 100644 --- a/cas-server-support-radius/src/main/java/org/jasig/cas/adaptors/radius/JRadiusServerImpl.java +++ b/cas-server-support-radius/src/main/java/org/jasig/cas/adaptors/radius/JRadiusServerImpl.java @@ -38,7 +38,7 @@ import net.jradius.packet.attribute.AttributeFactory; import net.jradius.packet.attribute.AttributeList; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.authentication.PreventedException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; diff --git a/cas-server-support-saml/pom.xml b/cas-server-support-saml/pom.xml index 00d4dda1c112..a08a8784d544 100644 --- a/cas-server-support-saml/pom.xml +++ b/cas-server-support-saml/pom.xml @@ -38,7 +38,7 @@ org.opensaml opensaml - 2.5.1-1 + ${opensaml.version} compile @@ -79,6 +79,12 @@ compile + + xml-apis + xml-apis + runtime + + org.jasig.cas cas-server-core diff --git a/cas-server-support-saml/src/main/java/org/jasig/cas/support/saml/authentication/principal/SamlService.java b/cas-server-support-saml/src/main/java/org/jasig/cas/support/saml/authentication/principal/SamlService.java index be1ea745b595..1d029a016b6b 100644 --- a/cas-server-support-saml/src/main/java/org/jasig/cas/support/saml/authentication/principal/SamlService.java +++ b/cas-server-support-saml/src/main/java/org/jasig/cas/support/saml/authentication/principal/SamlService.java @@ -18,20 +18,18 @@ */ package org.jasig.cas.support.saml.authentication.principal; -import java.io.BufferedReader; -import java.util.HashMap; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; - import org.apache.commons.io.IOUtils; import org.jasig.cas.authentication.principal.AbstractWebApplicationService; import org.jasig.cas.authentication.principal.Response; -import org.jasig.cas.authentication.principal.Service; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.util.StringUtils; +import javax.servlet.http.HttpServletRequest; +import java.io.BufferedReader; +import java.util.HashMap; +import java.util.Map; + /** * Class to represent that this service wants to use SAML. We use this in * combination with the CentralAuthenticationServiceImpl to choose the right @@ -88,15 +86,6 @@ protected SamlService(final String id, final String originalUrl, this.requestId = requestId; } - /** - * {@inheritDoc} - * This always returns true because a SAML Service does not receive the TARGET value on validation. - */ - @Override - public boolean matches(final Service service) { - return true; - } - public String getRequestID() { return this.requestId; } @@ -145,9 +134,9 @@ public static SamlService createServiceFrom( } LOGGER.debug("Attempted to extract Request from HttpServletRequest. Results:"); - LOGGER.debug(String.format("Request Body: %s", requestBody)); - LOGGER.debug(String.format("Extracted ArtifactId: %s", artifactId)); - LOGGER.debug(String.format("Extracted Request Id: %s", requestId)); + LOGGER.debug("Request Body: {}", requestBody); + LOGGER.debug("Extracted ArtifactId: {}", artifactId); + LOGGER.debug("Extracted Request Id: {}", requestId); return new SamlService(id, service, artifactId, requestId); } diff --git a/cas-server-support-saml/src/test/java/org/jasig/cas/support/saml/authentication/principal/SamlServiceTests.java b/cas-server-support-saml/src/test/java/org/jasig/cas/support/saml/authentication/principal/SamlServiceTests.java index 6e62ffc3d41d..a199913887b7 100644 --- a/cas-server-support-saml/src/test/java/org/jasig/cas/support/saml/authentication/principal/SamlServiceTests.java +++ b/cas-server-support-saml/src/test/java/org/jasig/cas/support/saml/authentication/principal/SamlServiceTests.java @@ -18,13 +18,15 @@ */ package org.jasig.cas.support.saml.authentication.principal; -import static org.junit.Assert.*; - import org.jasig.cas.authentication.principal.Response; import org.jasig.cas.authentication.principal.Response.ResponseType; +import org.jasig.cas.authentication.principal.WebApplicationService; +import org.jasig.cas.support.saml.web.support.SamlArgumentExtractor; import org.junit.Test; import org.springframework.mock.web.MockHttpServletRequest; +import static org.junit.Assert.*; + /** * @author Scott Battaglia * @since 3.1 @@ -78,4 +80,30 @@ public void testRequestBody() { assertEquals("artifact", impl.getArtifactId()); assertEquals("_192.168.16.51.1024506224022", impl.getRequestID()); } + + @Test + public void testTargetMatchesingSamlService() { + final MockHttpServletRequest request = new MockHttpServletRequest(); + request.setParameter("TARGET", "https://some.service.edu/path/to/app"); + + final SamlArgumentExtractor ext = new SamlArgumentExtractor(); + final WebApplicationService service = ext.extractService(request); + + final SamlService impl = SamlService.createServiceFrom(request); + assertTrue(impl.matches(service)); + } + + @Test + public void testTargetMatchesNoSamlService() { + final MockHttpServletRequest request = new MockHttpServletRequest(); + request.setParameter("TARGET", "https://some.service.edu/path/to/app"); + final SamlService impl = SamlService.createServiceFrom(request); + + final MockHttpServletRequest request2 = new MockHttpServletRequest(); + request2.setParameter("TARGET", "https://some.SERVICE.edu"); + final SamlArgumentExtractor ext = new SamlArgumentExtractor(); + final WebApplicationService service = ext.extractService(request2); + + assertFalse(impl.matches(service)); + } } diff --git a/cas-server-webapp-support/src/main/java/org/jasig/cas/web/FlowExecutionExceptionResolver.java b/cas-server-webapp-support/src/main/java/org/jasig/cas/web/FlowExecutionExceptionResolver.java index 426accf7b8fa..f00f7a2743e9 100644 --- a/cas-server-webapp-support/src/main/java/org/jasig/cas/web/FlowExecutionExceptionResolver.java +++ b/cas-server-webapp-support/src/main/java/org/jasig/cas/web/FlowExecutionExceptionResolver.java @@ -18,14 +18,7 @@ */ package org.jasig.cas.web; -import java.util.HashMap; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.validation.constraints.NotNull; - -import org.apache.commons.lang.StringEscapeUtils; +import org.apache.commons.lang3.StringEscapeUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.web.servlet.HandlerExceptionResolver; @@ -34,6 +27,12 @@ import org.springframework.webflow.execution.repository.BadlyFormattedFlowExecutionKeyException; import org.springframework.webflow.execution.repository.FlowExecutionRepositoryException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.validation.constraints.NotNull; +import java.util.HashMap; +import java.util.Map; + /** * The FlowExecutionExceptionResolver catches the FlowExecutionRepositoryException * thrown by Spring Webflow when the given flow id no longer exists. This can @@ -81,7 +80,7 @@ public ModelAndView resolveException(final HttpServletRequest request, logger.debug("Error getting flow information for URL [{}]", urlToRedirectTo, exception); final Map model = new HashMap(); - model.put(this.modelKey, StringEscapeUtils.escapeHtml(exception.getMessage())); + model.put(this.modelKey, StringEscapeUtils.escapeHtml4(exception.getMessage())); return new ModelAndView(new RedirectView(urlToRedirectTo), model); } diff --git a/cas-server-webapp-support/src/main/java/org/jasig/cas/web/view/CasReloadableMessageBundle.java b/cas-server-webapp-support/src/main/java/org/jasig/cas/web/view/CasReloadableMessageBundle.java index 003543aaac85..258bae224839 100644 --- a/cas-server-webapp-support/src/main/java/org/jasig/cas/web/view/CasReloadableMessageBundle.java +++ b/cas-server-webapp-support/src/main/java/org/jasig/cas/web/view/CasReloadableMessageBundle.java @@ -20,7 +20,7 @@ import java.util.Locale; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.support.ReloadableResourceBundleMessageSource; diff --git a/cas-server-webapp-support/src/test/java/org/jasig/cas/web/flow/FrontChannelLogoutActionTests.java b/cas-server-webapp-support/src/test/java/org/jasig/cas/web/flow/FrontChannelLogoutActionTests.java index 9115bccdeef9..642b57d073f2 100644 --- a/cas-server-webapp-support/src/test/java/org/jasig/cas/web/flow/FrontChannelLogoutActionTests.java +++ b/cas-server-webapp-support/src/test/java/org/jasig/cas/web/flow/FrontChannelLogoutActionTests.java @@ -30,7 +30,7 @@ import java.util.zip.Inflater; import org.apache.commons.codec.binary.Base64; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.jasig.cas.authentication.principal.SimpleWebApplicationServiceImpl; import org.jasig.cas.logout.LogoutManager; import org.jasig.cas.logout.LogoutManagerImpl; diff --git a/cas-server-webapp/pom.xml b/cas-server-webapp/pom.xml index 5ee777502731..a7bba3e628a1 100644 --- a/cas-server-webapp/pom.xml +++ b/cas-server-webapp/pom.xml @@ -34,12 +34,6 @@ ${project.version} compile - - org.jasig.cas - cas-server-support-saml - ${project.version} - compile - org.springframework spring-expression diff --git a/pom.xml b/pom.xml index 4267898a4ef3..c9c2c5bd16a1 100644 --- a/pom.xml +++ b/pom.xml @@ -242,13 +242,6 @@ 256m true - - - - **/*_.class - **/*_.java - - @@ -362,6 +355,13 @@ ${project.build.targetVersion} ${project.build.sourceVersion} + + + org.aspectj + aspectjtools + ${aspectj.version} + + org.apache.maven.plugins @@ -553,8 +553,14 @@ - commons-lang - commons-lang + xml-apis + xml-apis + ${xml.apis.version} + + + + org.apache.commons + commons-lang3 ${commons.lang.version} @@ -885,6 +891,13 @@ + + org.reflections + reflections + ${reflections.version} + compile + + @@ -1025,40 +1038,41 @@ - ${project.basedir} - CAS 2.3.3.RELEASE - 4.0.5.RELEASE + 4.0.6.RELEASE 1.0.3 - 3.2.4.RELEASE + 3.2.5.RELEASE 2.6.3 - 1.7.3 + 1.8.2 1.0.0.GA 0.9.16 1.1 - 4.2.0.Final - 4.1.0.Final - 1.7.5 - 1.5.2 + 4.3.2.Final + 4.3.6.Final + 1.7.7 + 1.6.1 3.0.1 2.0-cr-1 1.7 1.2.17 4.11 5.7 - 2.5 + 3.3.2 1.1.GA 2.4 1.9.5 2.7.2 2.0.0 4.3.4 - 2.2 + 2.4 3.3.1 2.2.1 + 0.9.8 2.2.0 + 2.6.1 + 1.4.01 2.2.0 @@ -1078,8 +1092,10 @@ 1.5 - 1.6 - 1.6 + 1.7 + 1.7 + ${project.basedir} + CAS UTF-8 UTF-8 /tmp/cas-deploy-site diff --git a/travis/log4j.xml b/travis/log4j.xml new file mode 100644 index 000000000000..cbf27306331a --- /dev/null +++ b/travis/log4j.xml @@ -0,0 +1,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +