roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gma...@apache.org
Subject svn commit: r1513259 - in /roller/trunk/app: ./ src/main/java/org/apache/roller/weblogger/ui/core/ src/main/java/org/apache/roller/weblogger/ui/core/filters/ src/main/java/org/apache/roller/weblogger/ui/core/security/ src/main/resources/ src/main/resou...
Date Mon, 12 Aug 2013 21:28:10 GMT
Author: gmazza
Date: Mon Aug 12 21:28:09 2013
New Revision: 1513259

URL: http://svn.apache.org/r1513259
Log:
ROL-1968: Upgrade to Spring Security 3.1.4.RELEASE

Removed:
    roller/trunk/app/src/main/resources/META-INF/spring.schemas
    roller/trunk/app/src/main/resources/spring-security-2.0.1-openidfix.xsd
Modified:
    roller/trunk/app/pom.xml
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/RollerContext.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetails.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
    roller/trunk/app/src/main/webapp/WEB-INF/security.xml
    roller/trunk/app/src/main/webapp/roller-ui/logout-redirect.jsp

Modified: roller/trunk/app/pom.xml
URL: http://svn.apache.org/viewvc/roller/trunk/app/pom.xml?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/pom.xml (original)
+++ roller/trunk/app/pom.xml Mon Aug 12 21:28:09 2013
@@ -24,7 +24,7 @@
         <testPlanetCache>${project.build.testOutputDirectory}${file.separator}planetcache</testPlanetCache>
         <lucene.version>4.4.0</lucene.version>
         <spring.version>3.2.4.RELEASE</spring.version>
-        <spring.security.version>2.0.7.RELEASE</spring.security.version>
+        <spring.security.version>3.1.4.RELEASE</spring.security.version>
     </properties>
 
     <dependencies>
@@ -268,7 +268,13 @@
        
         <dependency>
             <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-core</artifactId>
+            <artifactId>spring-security-config</artifactId>
+            <version>${spring.security.version}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-ldap</artifactId>
             <version>${spring.security.version}</version>
         </dependency>
 
@@ -308,12 +314,6 @@
             </exclusions>
         </dependency>
 
-        <dependency>
-            <groupId>org.springframework.ldap</groupId>
-            <artifactId>spring-ldap</artifactId>
-            <version>1.2</version>
-        </dependency>
-
         <!-- OpenID deps -->
 
         <dependency>

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/RollerContext.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/RollerContext.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/RollerContext.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/RollerContext.java
Mon Aug 12 21:28:09 2013
@@ -25,15 +25,15 @@ import java.util.Iterator;
 import javax.servlet.ServletContext;
 import javax.servlet.ServletContextEvent;
 import javax.servlet.ServletContextListener;
-import org.springframework.security.providers.AuthenticationProvider;
-import org.springframework.security.providers.ProviderManager;
-import org.springframework.security.providers.dao.DaoAuthenticationProvider;
-import org.springframework.security.providers.dao.UserCache;
-import org.springframework.security.providers.encoding.Md5PasswordEncoder;
-import org.springframework.security.providers.encoding.PasswordEncoder;
-import org.springframework.security.providers.encoding.ShaPasswordEncoder;
-import org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider;
-import org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.ProviderManager;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.core.userdetails.UserCache;
+import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
+import org.springframework.security.authentication.encoding.PasswordEncoder;
+import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
+import org.springframework.security.authentication.RememberMeAuthenticationProvider;
+import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.roller.weblogger.WebloggerException;
@@ -245,7 +245,7 @@ public class RollerContext extends Conte
         boolean doEncrypt = Boolean.valueOf(encryptPasswords).booleanValue();
         
         if (doEncrypt) {
-            DaoAuthenticationProvider provider = (DaoAuthenticationProvider) ctx.getBean("org.springframework.security.providers.dao.DaoAuthenticationProvider#0");
+            DaoAuthenticationProvider provider = (DaoAuthenticationProvider) ctx.getBean("org.springframework.security.authentication.dao.DaoAuthenticationProvider#0");
             String algorithm = WebloggerConfig.getProperty("passwds.encryption.algorithm");
             PasswordEncoder encoder = null;
             if (algorithm.equalsIgnoreCase("SHA")) {
@@ -262,8 +262,8 @@ public class RollerContext extends Conte
         }
 
         if (WebloggerConfig.getBooleanProperty("securelogin.enabled")) {
-            AuthenticationProcessingFilterEntryPoint entryPoint =
-                (AuthenticationProcessingFilterEntryPoint) ctx.getBean("_formLoginEntryPoint");
+            LoginUrlAuthenticationEntryPoint entryPoint =
+                (LoginUrlAuthenticationEntryPoint) ctx.getBean("_formLoginEntryPoint");
             entryPoint.setForceHttps(true);
         }
    

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
Mon Aug 12 21:28:09 2013
@@ -18,19 +18,23 @@
 
 package org.apache.roller.weblogger.ui.core.filters;
 
+import java.io.IOException;
 import java.net.MalformedURLException;
 import java.net.URL;
 
 import javax.servlet.Filter;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.providers.openid.OpenIDAuthenticationToken;
-import org.springframework.security.ui.openid.OpenIDAuthenticationProcessingFilter;
-import org.springframework.security.userdetails.UsernameNotFoundException;
-import org.springframework.security.ui.openid.OpenIDConsumer;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.openid.OpenIDAuthenticationToken;
+import org.springframework.security.openid.OpenIDAuthenticationFilter;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.openid.OpenIDConsumer;
 //import org.springframework.security.userdetails.openid.OpenIDUserAttribute;
 
 
@@ -39,41 +43,49 @@ import org.springframework.security.ui.o
  * @author Tatyana Tokareva
  */
 public class CustomOpenIDAuthenticationProcessingFilter 
-        extends OpenIDAuthenticationProcessingFilter implements Filter {
+        extends OpenIDAuthenticationFilter implements Filter {
 
     private OpenIDConsumer consumer;
     private String claimedIdentityFieldName = DEFAULT_CLAIMED_IDENTITY_FIELD;
     private static Log log = LogFactory.getLog(CustomOpenIDAuthenticationProcessingFilter.class);
 
     @Override
-    public Authentication attemptAuthentication(HttpServletRequest req) throws AuthenticationException
{
+    public Authentication attemptAuthentication(HttpServletRequest req, HttpServletResponse
rsp) throws AuthenticationException,
+            IOException {
         OpenIDAuthenticationToken auth = null;
 
         // Processing standard OpenId user authentication    
-        auth = (OpenIDAuthenticationToken) super.attemptAuthentication(req);
+        auth = (OpenIDAuthenticationToken) super.attemptAuthentication(req, rsp);
+
+        if (auth != null) {
+            GrantedAuthority ga = (GrantedAuthority) auth.getAuthorities().toArray()[0];
 
-        if (auth.getAuthorities()[0].getAuthority().equals("openidLogin")) {
+            if (ga.getAuthority().equals("openidLogin")) {
 
-            /* TODO: when Spring Security 2.1 is released, we can uncomment 
-             * this code, which will allow us to pre-populate the new user 
-             * registration form with information from the OpenID Provider.
-             * 
-            Collection<OpenIDUserAttribute> sREGAttributesList = auth.getAttributes();
-            OpenIDUserAttribute openidName = new OpenIDUserAttribute(
-                OpenIDUserAttribute.Attributes.openidname.toString(), "");
-            openidName.setValue(auth.getIdentityUrl());
-            sREGAttributesList.add(openidName);
-            
-            // TODO: find a better place to stash attributes
-            UserManager mgr = WebloggerFactory.getWeblogger().getUserManager();         
  
-            mgr.userAttributes.put(
-                UserAttribute.Attributes.openidUrl.toString(),
-                sREGAttributesList);
-            */
-            
-            // Username not found in Roller for this user, so throw exception
-            // which will route user to the new user registration page.
-            throw new UsernameNotFoundException("ERROR no user: new openid user");
+                /* TODO: when Spring Security 2.1 is released, we can uncomment
+                 * this code, which will allow us to pre-populate the new user
+                 * registration form with information from the OpenID Provider.
+                 *
+                Collection<OpenIDUserAttribute> sREGAttributesList = auth.getAttributes();
+                OpenIDUserAttribute openidName = new OpenIDUserAttribute(
+                    OpenIDUserAttribute.Attributes.openidname.toString(), "");
+                openidName.setValue(auth.getIdentityUrl());
+                sREGAttributesList.add(openidName);
+
+                // TODO: find a better place to stash attributes
+                UserManager mgr = WebloggerFactory.getWeblogger().getUserManager();
+                mgr.userAttributes.put(
+                    UserAttribute.Attributes.openidUrl.toString(),
+                    sREGAttributesList);
+                */
+
+            } else {
+                // route user to new user registration page.
+                throw new UsernameNotFoundException("ERROR no user: openid authority not
found");
+            }
+        } else {
+            // route user to new user registration page.
+            throw new UsernameNotFoundException("ERROR no user: openid authentication failed");
         }
         return auth;
     }
@@ -84,7 +96,7 @@ public class CustomOpenIDAuthenticationP
     @Override
     protected String lookupRealm(String returnToUrl) {
 
-        String mapping = (String) getRealmMapping().get(returnToUrl);
+        String mapping = super.lookupRealm(returnToUrl);
 
         if (mapping == null) {
             try {

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java
Mon Aug 12 21:28:09 2013
@@ -24,13 +24,15 @@ import org.apache.roller.weblogger.busin
 import org.apache.roller.weblogger.pojos.User;
 import org.springframework.dao.DataRetrievalFailureException;
 import org.springframework.ldap.core.DirContextOperations;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.ldap.LdapAuthoritiesPopulator;
-import org.springframework.security.userdetails.UsernameNotFoundException;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.util.Assert;
 
+import java.util.Collection;
 import java.util.List;
+import java.util.ArrayList;
 
 
 /**
@@ -45,7 +47,7 @@ public class AuthoritiesPopulator implem
     /* (non-Javadoc)
      * @see org.springframework.security.ldap.LdapAuthoritiesPopulator#getGrantedAuthorities(org.springframework.ldap.core.DirContextOperations,
String)
      */
-    public GrantedAuthority[] getGrantedAuthorities(DirContextOperations userData, String
username) {
+    public Collection<GrantedAuthority> getGrantedAuthorities(DirContextOperations
userData, String username) {
 
         // This check is probably unnecessary.
         if (userData == null) {
@@ -68,17 +70,17 @@ public class AuthoritiesPopulator implem
         }
 
         int roleCount = roles.size() + (defaultRole != null ? 1 : 0);
-        GrantedAuthority[] authorities = new GrantedAuthorityImpl[roleCount];
+        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(roleCount);
// SimpleGrantedAuthority[roleCount];
         int i = 0;
         for(String role : roles) {
-            authorities[i++] = new GrantedAuthorityImpl(role);
+            authorities.add(new SimpleGrantedAuthority(role));
         }
         
         if (defaultRole != null) {
-            authorities[roleCount-1] = defaultRole;
+            authorities.add(defaultRole);
         }
 
-        if (authorities.length == 0) {
+        if (authorities.size() == 0) {
             // TODO: This doesn't seem like the right type of exception to throw here, but
retained it, fixed the message
             throw new UsernameNotFoundException("User " + username + " has no roles granted
and there is no default role set.");
         }
@@ -93,6 +95,6 @@ public class AuthoritiesPopulator implem
      */
     public void setDefaultRole(String defaultRole) {
         Assert.notNull(defaultRole, "The defaultRole property cannot be set to null");
-        this.defaultRole = new GrantedAuthorityImpl(defaultRole);
+        this.defaultRole = new SimpleGrantedAuthority(defaultRole);
     }
 }

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java
Mon Aug 12 21:28:09 2013
@@ -26,9 +26,9 @@ import org.apache.roller.weblogger.Weblo
 import org.apache.roller.weblogger.business.WebloggerFactory;
 import org.apache.roller.weblogger.business.UserManager;
 import org.apache.roller.weblogger.pojos.User;
-import org.springframework.security.Authentication;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.context.SecurityContextHolder;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
 
 /**
  * @author Elias Torres (<a href="mailto:eliast@us.ibm.com">eliast@us.ibm.com</a>)

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
Mon Aug 12 21:28:09 2013
@@ -26,10 +26,10 @@ import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.servlet.http.HttpServletRequest;
 
-import org.springframework.security.Authentication;
-import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.ldap.LdapUserDetails;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.ldap.userdetails.LdapUserDetails;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.roller.weblogger.config.WebloggerConfig;
@@ -136,7 +136,9 @@ public class CustomUserRegistry {
                 locale = rollerDetails.getLocale();
                 timezone = rollerDetails.getTimeZone();
             
-            } else if(userDetails instanceof LdapUserDetails) {
+            } /* Deprecated in Spring Security 2.0.x: http://static.springsource.org/spring-security/site/docs/2.0.x/apidocs/
+                 unsure if can be returned in Spring Security 3.1
+                else if(userDetails instanceof LdapUserDetails) {
                 LdapUserDetails ldapDetails = (LdapUserDetails) userDetails;
 
                 Attributes attributes = ldapDetails.getAttributes();
@@ -146,7 +148,7 @@ public class CustomUserRegistry {
                 locale = getLdapAttribute(attributes, WebloggerConfig.getProperty(LOCALE_LDAP_PROPERTY,
DEFAULT_LOCALE_LDAP_ATTRIBUTE));
                 timezone = getLdapAttribute(attributes, WebloggerConfig.getProperty(TIMEZONE_LDAP_PROPERTY,
DEFAULT_TIMEZONE_LDAP_ATTRIBUTE));
             
-            }
+            } */
         }
 
         boolean storePassword = WebloggerConfig.getBooleanProperty("users.sso.passwords.save");

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetails.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetails.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetails.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetails.java
Mon Aug 12 21:28:09 2013
@@ -17,7 +17,7 @@
 */
 package org.apache.roller.weblogger.ui.core.security;
 
-import org.springframework.security.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetails;
 
 /**
  * An interface to extract additional properties from a UserDetails instance. These extra

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
Mon Aug 12 21:28:09 2013
@@ -1,13 +1,13 @@
 package org.apache.roller.weblogger.ui.core.security;
 
+import java.util.ArrayList;
 import java.util.List;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UserDetailsService;
-import org.springframework.security.userdetails.UsernameNotFoundException;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.apache.roller.weblogger.WebloggerException;
 import org.apache.roller.weblogger.business.Weblogger;
 import org.apache.roller.weblogger.business.WebloggerFactory;
@@ -51,23 +51,24 @@ public class RollerUserDetailsService im
                 }
                 String name;
                 String password;
-                GrantedAuthority[] authorities;
+                ArrayList<SimpleGrantedAuthority> authorities;
                 
                 // We are not throwing UsernameNotFound exception in case of 
                 // openid authentication in order to recieve user SREG attributes 
                 // from the authentication filter and save them                
                 if (userData == null) {
-                     authorities = new GrantedAuthority[1];
-                     GrantedAuthority g = new GrantedAuthorityImpl("openidLogin");
-                     authorities[0] = g;
+                     authorities = new ArrayList<SimpleGrantedAuthority>(1);
+                     SimpleGrantedAuthority g = new SimpleGrantedAuthority("openidLogin");
+                     authorities.add(g);
                      name = "openid";
                      password = "openid";
                 } else {
-                     authorities =  getAuthorities(userData, umgr);
+                     authorities = getAuthorities(userData, umgr);
                      name = userData.getUserName();
                      password = userData.getPassword();
                 }
-                UserDetails usr = new org.springframework.security.userdetails.User(name,
password, true, authorities);
+                UserDetails usr = new org.springframework.security.core.userdetails.User(name,
password,
+                        true, true, true, true, authorities);
                 return  usr;
                 
             } else {
@@ -79,8 +80,9 @@ public class RollerUserDetailsService im
                 if (userData == null) {
                     throw new UsernameNotFoundException("ERROR no user: " + userName);
                 }
-                GrantedAuthority[] authorities =  getAuthorities(userData, umgr);       

-                return new org.springframework.security.userdetails.User(userData.getUserName(),
userData.getPassword(), true, authorities);
+                ArrayList<SimpleGrantedAuthority> authorities =  getAuthorities(userData,
umgr);
+                return new org.springframework.security.core.userdetails.User(userData.getUserName(),
userData.getPassword(),
+                        true, true, true, true, authorities);
             }            
         } catch (WebloggerException ex) {
             throw new DataAccessResourceFailureException("ERROR: fetching roles", ex);
@@ -89,14 +91,14 @@ public class RollerUserDetailsService im
 
     }
         
-     private GrantedAuthority[] getAuthorities(User userData, UserManager umgr) throws WebloggerException
{
-             List<String> roles = umgr.getRoles(userData);
-            GrantedAuthority[] authorities = new GrantedAuthorityImpl[roles.size()];
-            int i = 0;
-            for (String role : roles) {
-                authorities[i++] = new GrantedAuthorityImpl(role);
-            }
-            return authorities;
-        }
+     private ArrayList<SimpleGrantedAuthority> getAuthorities(User userData, UserManager
umgr) throws WebloggerException {
+         List<String> roles = umgr.getRoles(userData);
+         ArrayList<SimpleGrantedAuthority> authorities = new ArrayList<SimpleGrantedAuthority>(roles.size());
+         int i = 0;
+         for (String role : roles) {
+             authorities.add(new SimpleGrantedAuthority(role));
+         }
+         return authorities;
+     }
     
 }

Modified: roller/trunk/app/src/main/webapp/WEB-INF/security.xml
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/security.xml?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/security.xml (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/security.xml Mon Aug 12 21:28:09 2013
@@ -17,22 +17,18 @@
   directory of this distribution.
 -->
 <beans:beans xmlns="http://www.springframework.org/schema/security"
-             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-             xmlns:beans="http://www.springframework.org/schema/beans"
-             xsi:schemaLocation="http://www.springframework.org/schema/beans
-             http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
-             http://www.springframework.org/schema/security
-             http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
-
-    <!--
-xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
-http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
--->
+       xmlns:beans="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans
+          http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+          http://www.springframework.org/schema/security
+          http://www.springframework.org/schema/security/spring-security-3.1.xsd">
+
+    <http pattern="/images/**" security="none"/>
+    <http pattern="/scripts/**" security="none"/>
+    <http pattern="/styles/**" security="none"/>
 
-    <http auto-config="false" lowercase-comparisons="true" access-decision-manager-ref="accessDecisionManager">
-        <intercept-url pattern="/images/**" filters="none"/>
-        <intercept-url pattern="/scripts/**" filters="none"/>
-        <intercept-url pattern="/styles/**" filters="none"/>
+    <http auto-config="false" access-decision-manager-ref="accessDecisionManager">
         <intercept-url pattern="/roller-ui/login-redirect**" access="admin,editor"/>
         <intercept-url pattern="/roller-ui/profile**" access="admin,editor"/>
         <intercept-url pattern="/roller-ui/createWeblog**" access="admin,editor"/>
@@ -47,15 +43,11 @@ http://www.springframework.org/schema/se
 
         <remember-me user-service-ref="rollerUserService"
                      key="715F2448-3176-11DD-ABC6-9CD955D89593"/>
-    </http>
-
 
-    <!-- Read users from Roller API -->
-    <authentication-provider user-service-ref="rollerUserService"/>
-    <beans:bean id="rollerUserService"
-                class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService"/>
+        <custom-filter ref="openidAuthenticationProcessingFilter" position="OPENID_FILTER"/>
+    </http>
 
-    <beans:bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
+    <beans:bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
         <beans:property name="allowIfAllAbstainDecisions" value="false"/>
         <beans:property name="decisionVoters">
             <beans:list>
@@ -63,39 +55,59 @@ http://www.springframework.org/schema/se
             </beans:list>
         </beans:property>
     </beans:bean>
-    <beans:bean id="roleVoter" class="org.springframework.security.vote.RoleVoter">
+    <beans:bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter">
         <beans:property name="rolePrefix" value=""/>
     </beans:bean>
 
-    <beans:bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
-        <!-- This ensures that remember-me is added as an authentication provider -->
-        <custom-authentication-provider />
+    <!-- Read users from Roller API -->
+    <authentication-manager alias='rollerAuthenticationManager'>
+        <authentication-provider user-service-ref="rollerUserService"/>
+        <authentication-provider ref="rememberMeAuthenticationProvider"/>
+        <authentication-provider ref="openIDAuthProvider"/>
+    </authentication-manager>
+
+    <beans:bean id="rollerUserService"
+                class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService"/>
+
+    <beans:bean id="rememberMeAuthenticationProvider"
+                class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
         <beans:property name="key" value="springRocks"/>
     </beans:bean>
 
-    <!-- OpenID -->
-    <authentication-manager alias='authenticationManagerAlias'/>
-    <beans:bean id = "openIDAuthProvider" class="org.springframework.security.providers.openid.OpenIDAuthenticationProvider">
-        <custom-authentication-provider/>
+    <beans:bean id = "openIDAuthProvider" class="org.springframework.security.openid.OpenIDAuthenticationProvider">
         <beans:property name="userDetailsService" ref="rollerUserService"/>
     </beans:bean>
-    <beans:bean id="openidAuthenticationProcessingFilter" class="org.apache.roller.weblogger.ui.core.filters.CustomOpenIDAuthenticationProcessingFilter">
+
+    <beans:bean id="openidAuthenticationProcessingFilter"
+                class="org.apache.roller.weblogger.ui.core.filters.CustomOpenIDAuthenticationProcessingFilter">
         <beans:property name="claimedIdentityFieldName" value="openid_identifier"/>
-        <beans:property name="defaultTargetUrl" value="/roller-ui/menu.rol"/>
         <beans:property name="filterProcessesUrl" value="/roller_j_openid_security_check"/>
+        <beans:property name="authenticationManager" ref="rollerAuthenticationManager"/>
+        <beans:property name="authenticationSuccessHandler" ref="myAuthenticationSuccessHandler"/>
+        <beans:property name="authenticationFailureHandler" ref="myAuthenticationFailureHandler"/>
+    </beans:bean>
+
+    <beans:bean id="myAuthenticationSuccessHandler"
+                class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
+        <beans:property name="defaultTargetUrl" value="/roller-ui/menu.rol"/>
+    </beans:bean>
+
+    <beans:bean id="myAuthenticationFailureHandler"
+                class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
+        <beans:property name="defaultFailureUrl" value="/roller-ui/login.rol?error=true"/>
         <beans:property name="exceptionMappings">
             <beans:props>
-                <beans:prop key="org.springframework.security.userdetails.UsernameNotFoundException">/roller-ui/register.rol
+                <beans:prop key="org.springframework.security.core.userdetails.UsernameNotFoundException">
+                    /roller-ui/register.rol
                 </beans:prop>
-                <beans:prop key="org.springframework.security.BadCredentialsException">/roller-ui/login.rol?error=true
+                <beans:prop key="org.springframework.security.authentication.BadCredentialsException">
+                    /roller-ui/login.rol?error=true
                 </beans:prop>
-                <beans:prop key="org.springframework.security.AuthenticationException">/roller-ui/login.rol?error=true
+                <beans:prop key="org.springframework.security.core.AuthenticationException">
+                    /roller-ui/login.rol?error=true
                 </beans:prop>
             </beans:props>
         </beans:property>
-        <beans:property name="authenticationFailureUrl" value="/roller-ui/login.rol?error=true"/>
-        <beans:property name="authenticationManager" ref="authenticationManagerAlias"/>
-        <custom-filter position="OPENID_PROCESSING_FILTER"/>
     </beans:bean>
-    
+
 </beans:beans>

Modified: roller/trunk/app/src/main/webapp/roller-ui/logout-redirect.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/roller-ui/logout-redirect.jsp?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/roller-ui/logout-redirect.jsp (original)
+++ roller/trunk/app/src/main/webapp/roller-ui/logout-redirect.jsp Mon Aug 12 21:28:09 2013
@@ -18,7 +18,7 @@
 <%@ page language="java" contentType="text/html; charset=UTF-8" %>
 <%@ page import="org.apache.roller.weblogger.ui.core.RollerSession" %>
 <%@ page import="javax.servlet.http.Cookie" %>
-<%@ page import="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices"
%>
+<%@ page import="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices"
%>
 
 <%
 request.getSession().removeAttribute(RollerSession.ROLLER_SESSION);



Mime
View raw message