Permalink
Browse files

Updating to Spring and Security 3.1

  • Loading branch information...
1 parent f2b2fbe commit 84f506828cbb56bc8bc5a6f5a959652e345fb402 @vschafer vschafer committed Jun 26, 2012
View
@@ -192,7 +192,7 @@
</build>
<properties>
- <spring.version>3.0.7.RELEASE</spring.version>
+ <spring.version>3.1.1.RELEASE</spring.version>
<spring.security.version>3.1.1.RELEASE</spring.security.version>
</properties>
View
@@ -20,12 +20,12 @@
<artifactId>spring-security-core</artifactId>
<version>${spring.security.version}</version>
</dependency>
-
+
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring.security.version}</version>
- </dependency>
+ </dependency>
<dependency>
<groupId>org.springframework.security</groupId>
@@ -81,6 +81,7 @@
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.1.1</version>
+ <scope>test</scope>
<optional>true</optional>
</dependency>
@@ -90,7 +91,7 @@
<version>1.0</version>
<scope>test</scope>
</dependency>
-
+
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-mock</artifactId>
@@ -50,7 +50,7 @@ public ExpiringUsernameAuthenticationToken(Object principal, Object credentials)
* @param credentials credentials
* @param authorities authorities
*/
- public ExpiringUsernameAuthenticationToken(Date tokenExpiration, Object principal, Object credentials, Collection<GrantedAuthority> authorities) {
+ public ExpiringUsernameAuthenticationToken(Date tokenExpiration, Object principal, Object credentials, Collection<? extends GrantedAuthority> authorities) {
super(principal, credentials, authorities);
this.tokenExpiration = tokenExpiration;
}
@@ -108,7 +108,7 @@ public Authentication authenticate(Authentication authentication) throws Authent
Object userDetails = getUserDetails(credential);
Object principal = getPrincipal(credential, userDetails);
- Collection<GrantedAuthority> entitlements = getEntitlements(credential, userDetails);
+ Collection<? extends GrantedAuthority> entitlements = getEntitlements(credential, userDetails);
Date expiration = getExpirationDate(credential);
ExpiringUsernameAuthenticationToken result = new ExpiringUsernameAuthenticationToken(expiration, principal, credential, entitlements);
@@ -170,7 +170,7 @@ protected Object getPrincipal(SAMLCredential credential, Object userDetail) {
* @param userDetail user detail object returned from getUserDetails call
* @return collection of users entitlements, mustn't be null
*/
- protected Collection<GrantedAuthority> getEntitlements(SAMLCredential credential, Object userDetail) {
+ protected Collection<? extends GrantedAuthority> getEntitlements(SAMLCredential credential, Object userDetail) {
if (userDetail instanceof UserDetails) {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.addAll(((UserDetails) userDetail).getAuthorities());
@@ -115,7 +115,7 @@ public void processLogout(HttpServletRequest request, HttpServletResponse respon
try {
- logger.debug("Processing SAML2 logout message");
+ log.debug("Processing SAML2 logout message");
context = contextProvider.getLocalEntity(request, response);
context.setCommunicationProfileId(getProfileName());
processor.retrieveMessage(context);
@@ -14,6 +14,8 @@
*/
package org.springframework.security.saml;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
@@ -31,6 +33,11 @@
public class SAMLRelayStateSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
/**
+ * Class logger.
+ */
+ protected final static Logger log = LoggerFactory.getLogger(SAMLRelayStateSuccessHandler.class);
+
+ /**
* Implementation tries to load RelayString from the SAMLCredential authentication object and in case the state
* is present uses it as the target URL. In case the state is missing behaviour is the same as of the
* SavedRequestAwareAuthenticationSuccessHandler.
@@ -43,7 +50,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
SAMLCredential samlCredential = (SAMLCredential) credentials;
String relayStateURL = getTargetURL(samlCredential.getRelayState());
if (relayStateURL != null) {
- logger.debug("Redirecting to RelayState Url: " + relayStateURL);
+ log.debug("Redirecting to RelayState Url: " + relayStateURL);
getRedirectStrategy().sendRedirect(request, response, relayStateURL);
return;
}
@@ -14,15 +14,15 @@
*/
package org.springframework.security.saml.metadata;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.opensaml.Configuration;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.xml.io.Marshaller;
import org.opensaml.xml.io.MarshallerFactory;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.util.XMLHelper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.saml.context.SAMLContextProvider;
import org.springframework.security.saml.context.SAMLMessageContext;
@@ -50,7 +50,10 @@
*/
public class MetadataDisplayFilter extends GenericFilterBean {
- private final Log logger = LogFactory.getLog(this.getClass());
+ /**
+ * Class logger.
+ */
+ protected final static Logger log = LoggerFactory.getLogger(MetadataDisplayFilter.class);
/**
* Class storing all SAML metadata documents
@@ -130,10 +133,10 @@ protected void displayMetadata(String spEntityName, PrintWriter writer) throws S
writer.print(XMLHelper.nodeToString(element));
}
} catch (MarshallingException e) {
- logger.error("Error marshalling entity descriptor", e);
+ log.error("Error marshalling entity descriptor", e);
throw new ServletException(e);
} catch (MetadataProviderException e) {
- logger.error("Error retrieving metadata", e);
+ log.error("Error retrieving metadata", e);
throw new ServletException("Error retrieving metadata", e);
}
}
@@ -14,8 +14,6 @@
*/
package org.springframework.security.saml.metadata;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.opensaml.Configuration;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.SAMLObjectBuilder;
@@ -44,6 +42,8 @@
import org.opensaml.xml.signature.SignatureException;
import org.opensaml.xml.signature.Signer;
import org.opensaml.xml.util.Pair;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.saml.SAMLEntryPoint;
import org.springframework.security.saml.SAMLLogoutProcessingFilter;
@@ -95,7 +95,10 @@
protected KeyManager keyManager;
- private final Log logger = LogFactory.getLog(MetadataGenerator.class);
+ /**
+ * Class logger.
+ */
+ protected final static Logger log = LoggerFactory.getLogger(MetadataGenerator.class);
/**
* Default constructor.
@@ -121,7 +124,7 @@ protected KeyInfo generateKeyInfoForCredential(Credential credential) {
KeyInfoGeneratorFactory factory = manager.getDefaultManager().getFactory(credential);
return factory.newInstance().generate(credential);
} catch (org.opensaml.xml.security.SecurityException e) {
- logger.error("Can't obtain key from the keystore or generate key info: " + encryptionKey, e);
+ log.error("Can't obtain key from the keystore or generate key info: " + encryptionKey, e);
throw new SAMLRuntimeException("Can't obtain key from keystore or generate key info", e);
}
}
@@ -457,10 +460,10 @@ protected void signSAMLObject(SAMLObject outboundSAML, Credential signingCredent
Signer.signObject(signature);
} catch (MarshallingException e) {
- logger.error("Unable to marshall protocol message in preparation for signing", e);
+ log.error("Unable to marshall protocol message in preparation for signing", e);
throw new MessageEncodingException("Unable to marshall protocol message in preparation for signing", e);
} catch (SignatureException e) {
- logger.error("Unable to sign protocol message", e);
+ log.error("Unable to sign protocol message", e);
throw new MessageEncodingException("Unable to sign protocol message", e);
}
}
@@ -14,11 +14,11 @@
*/
package org.springframework.security.saml.metadata;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.Assert;
import org.springframework.web.filter.GenericFilterBean;
@@ -39,7 +39,10 @@
*/
public class MetadataGeneratorFilter extends GenericFilterBean {
- private final Log logger = LogFactory.getLog(this.getClass());
+ /**
+ * Class logger.
+ */
+ protected final static Logger log = LoggerFactory.getLogger(MetadataGeneratorFilter.class);
/**
* Class storing all SAML metadata documents
@@ -88,7 +91,7 @@ protected void processMetadataInitialization(HttpServletRequest request) throws
try {
- logger.info("No default metadata configured, generating with default values, please pre-configure metadata for production use");
+ log.info("No default metadata configured, generating with default values, please pre-configure metadata for production use");
String alias = DEFAULT_ALIAS;
@@ -113,7 +116,7 @@ protected void processMetadataInitialization(HttpServletRequest request) throws
ExtendedMetadata extendedMetadata = new ExtendedMetadata();
generator.generateExtendedMetadata(extendedMetadata);
- logger.info("Created default metadata for system with entityID: " + descriptor.getEntityID());
+ log.info("Created default metadata for system with entityID: " + descriptor.getEntityID());
MetadataMemoryProvider memoryProvider = new MetadataMemoryProvider(descriptor);
memoryProvider.initialize();
MetadataProvider metadataProvider = new ExtendedMetadataDelegate(memoryProvider, extendedMetadata);
@@ -123,7 +126,7 @@ protected void processMetadataInitialization(HttpServletRequest request) throws
manager.refreshMetadata();
} catch (MetadataProviderException e) {
- logger.error("Error generating system metadata", e);
+ log.error("Error generating system metadata", e);
throw new ServletException("Error generating system metadata", e);
}
@@ -2,7 +2,7 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
+ http://www.springframework.org/schema/util http://www.springframework.orsg/schema/util/spring-util.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<!-- Enable autowiring -->
@@ -3,25 +3,27 @@
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
+ http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
- <!-- Enable autowiring -->
+ <!-- Enable auto-wiring -->
<context:annotation-config/>
<context:component-scan base-package="org.springframework.security.saml"/>
+ <!-- Unsecured pages -->
+ <security:http security="none" pattern="/saml/web/**"/>
+ <security:http security="none" pattern="/logout.jsp"/>
+ <security:http security="none" pattern="/favicon.ico"/>
+
+ <!-- Secured pages -->
<security:http entry-point-ref="samlEntryPoint">
<security:intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY"/>
- <security:intercept-url pattern="/saml/web/**" filters="none"/>
- <security:intercept-url pattern="/logout.jsp" filters="none"/>
- <security:intercept-url pattern="/login.jsp" filters="none"/>
- <security:intercept-url pattern="/favicon.ico" filters="none"/>
<security:custom-filter before="FIRST" ref="metadataGeneratorFilter"/>
<security:custom-filter after="BASIC_AUTH_FILTER" ref="samlFilter"/>
</security:http>
<bean id="samlFilter" class="org.springframework.security.web.FilterChainProxy">
- <security:filter-chain-map path-type="ant">
+ <security:filter-chain-map request-matcher="ant">
<security:filter-chain pattern="/saml/login/**" filters="samlEntryPoint"/>
<security:filter-chain pattern="/saml/logout/**" filters="samlLogoutFilter"/>
<security:filter-chain pattern="/saml/metadata/**" filters="metadataDisplayFilter"/>

0 comments on commit 84f5068

Please sign in to comment.