Examples of org.springframework.security.access.SecurityConfig

• org.springframework.security.access.SecurityConfig
  Stores a {@link ConfigAttribute} as a String. @author Ben Alex

        list.add(cpXyz);
        list.add(cpAbc);
        cdm.setChannelProcessors(list);
        cdm.afterPropertiesSet();

        assertTrue(cdm.supports(new SecurityConfig("xyz")));
        assertTrue(cdm.supports(new SecurityConfig("abc")));
        assertFalse(cdm.supports(new SecurityConfig("UNSUPPORTED")));
    }

                "<global-method-security>" +
                "   <protect-pointcut expression='execution(* org..*Foo.foo(..))' access='ROLE_USER'/>" +
                "</global-method-security>" + AUTH_PROVIDER_XML
        );
        Foo foo = (Foo) appContext.getBean("target");
        foo.foo(new SecurityConfig("A"));
    }

                "<b:bean id='target' class='" + ConcreteFoo.class.getName()  + "'/>" +
                "<global-method-security pre-post-annotations='enabled'/>" + AUTH_PROVIDER_XML
        );
        SecurityContextHolder.getContext().setAuthentication(bob);
        Foo foo = (Foo) appContext.getBean("target");
        foo.foo(new SecurityConfig("A"));
    }

        );
        // External MDS should take precedence over PreAuthorize
        SecurityContextHolder.getContext().setAuthentication(bob);
        Foo foo = (Foo) appContext.getBean("target");
        try {
            foo.foo(new SecurityConfig("A"));
            fail("Bob can't invoke admin methods");
        } catch (AccessDeniedException expected) {
        }
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("admin", "password"));
        foo.foo(new SecurityConfig("A"));
    }

                AUTH_PROVIDER_XML
        );
        SecurityContextHolder.getContext().setAuthentication(bob);
        Foo foo = (Foo) appContext.getBean("target");
        try {
            foo.foo(new SecurityConfig("A"));
            fail("Bob can't invoke admin methods");
        } catch (AccessDeniedException expected) {
        }
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("admin", "password"));
        foo.foo(new SecurityConfig("A"));
    }

        }
    }

    public void testSupports() {
        InsecureChannelProcessor processor = new InsecureChannelProcessor();
        assertTrue(processor.supports(new SecurityConfig("REQUIRES_INSECURE_CHANNEL")));
        assertFalse(processor.supports(null));
        assertFalse(processor.supports(new SecurityConfig("NOT_SUPPORTED")));
    }

            String[] attributeTokens = StringUtils.commaDelimitedListToStringArray(accessConfig);
            List<ConfigAttribute> attributes = new ArrayList<ConfigAttribute>(attributeTokens.length);

            for(String token : attributeTokens) {
                attributes.add(new SecurityConfig(token));
            }

            pointcutMap.put(expression, attributes);
        }

    //~ Methods ========================================================================================================

    @Test
    public void testHashCode() {
        SecurityConfig config = new SecurityConfig("TEST");
        Assert.assertEquals("TEST".hashCode(), config.hashCode());
    }

        Assert.assertEquals("TEST".hashCode(), config.hashCode());
    }

    @Test(expected=IllegalArgumentException.class)
    public void testCannotConstructWithNullAttribute() {
           new SecurityConfig(null); // SEC-727
    }

           new SecurityConfig(null); // SEC-727
    }

    @Test(expected=IllegalArgumentException.class)
    public void testCannotConstructWithEmptyAttribute() {
           new SecurityConfig(""); // SEC-727
    }