SWS-559 - Upgrade Spring Security to 3.0.2

Author: Tareq Abedrabbo

parent/pom.xml

@@ -538,31 +538,33 @@
             <dependency>
                 <groupId>org.springframework.security</groupId>
                 <artifactId>spring-security-core</artifactId>
-                <version>2.0.5.RELEASE</version>
+                <version>3.0.2.RELEASE</version>
                 <exclusions>
                     <exclusion>
                         <groupId>org.springframework</groupId>
                         <artifactId>spring-support</artifactId>
                     </exclusion>
                 </exclusions>
             </dependency>
-            <dependency>
-                <groupId>org.springframework.security</groupId>
-                <artifactId>spring-security-core-tiger</artifactId>
-                <version>2.0.5.RELEASE</version>
-            </dependency>
             <dependency>
                 <groupId>org.springframework.security</groupId>
                 <artifactId>spring-security-core</artifactId>
-                <version>2.0.5.RELEASE</version>
+                <version>3.0.2.RELEASE</version>
                 <classifier>tests</classifier>
                 <exclusions>
                     <exclusion>
                         <groupId>org.springframework</groupId>
                         <artifactId>spring-support</artifactId>
                     </exclusion>
                 </exclusions>
-            </dependency>            
+            </dependency>
+            <!-- X.509 dependencies -->
+            <dependency>
+                <groupId>net.sf.ehcache</groupId>
+                <artifactId>ehcache-core</artifactId>
+                <version>2.0.1</version>
+                <optional>true</optional>
+            </dependency>
             <!-- JEE dependencies -->
             <dependency>
                 <groupId>javax.xml.soap</groupId>

pom.xml

@@ -408,7 +408,7 @@
                                         <artifactItem>
                                             <groupId>org.springframework.security</groupId>
                                             <artifactId>spring-security-core</artifactId>
-                                            <version>2.0.5.RELEASE</version>
+                                            <version>3.0.2.RELEASE</version>
                                             <outputDirectory>${project.build.directory}/dependency/spring-security/</outputDirectory>
                                         </artifactItem>
                                         <!--Java EE-->

samples/airline/server/pom.xml

@@ -246,10 +246,6 @@
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-core</artifactId>
         </dependency>
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-core-tiger</artifactId>
-        </dependency>
         <dependency>
             <groupId>org.apache.activemq</groupId>
             <artifactId>activemq-core</artifactId>
@@ -269,7 +265,7 @@
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-core</artifactId>
-            <version>2.0.5.RELEASE</version>
+            <version>3.0.2.RELEASE</version>
             <classifier>tests</classifier>
             <scope>test</scope>
         </dependency>

samples/airline/server/src/main/java/org/springframework/ws/samples/airline/security/FrequentFlyerDetails.java

@@ -16,9 +16,12 @@
 
 package org.springframework.ws.samples.airline.security;
 
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.userdetails.UserDetails;
+import java.util.ArrayList;
+import java.util.Collection;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.GrantedAuthorityImpl;
+import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.ws.samples.airline.domain.FrequentFlyer;
 
 /**
@@ -31,14 +34,17 @@ public class FrequentFlyerDetails implements UserDetails {
 
     private FrequentFlyer frequentFlyer;
 
-    public static final GrantedAuthority[] GRANTED_AUTHORITIES =
-            new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_FREQUENT_FLYER")};
+    public static final Collection<GrantedAuthority> GRANTED_AUTHORITIES =
+            new ArrayList<GrantedAuthority>();
+    {
+        GRANTED_AUTHORITIES.add(new GrantedAuthorityImpl("ROLE_FREQUENT_FLYER"));
+    };
 
     public FrequentFlyerDetails(FrequentFlyer frequentFlyer) {
         this.frequentFlyer = frequentFlyer;
     }
 
-    public GrantedAuthority[] getAuthorities() {
+    public Collection<GrantedAuthority> getAuthorities() {
         return GRANTED_AUTHORITIES;
     }
 

samples/airline/server/src/main/java/org/springframework/ws/samples/airline/security/SpringFrequentFlyerSecurityService.java

@@ -17,12 +17,12 @@
 package org.springframework.ws.samples.airline.security;
 
 import org.springframework.dao.DataAccessException;
-import org.springframework.security.Authentication;
-import org.springframework.security.context.SecurityContext;
-import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UserDetailsService;
-import org.springframework.security.userdetails.UsernameNotFoundException;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.ws.samples.airline.dao.FrequentFlyerDao;
 import org.springframework.ws.samples.airline.domain.FrequentFlyer;

samples/airline/server/src/main/java/org/springframework/ws/samples/airline/service/impl/AirlineServiceImpl.java

@@ -23,7 +23,7 @@
 import org.joda.time.LocalDate;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.annotation.Secured;
+import org.springframework.security.access.annotation.Secured;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.Assert;

samples/airline/server/src/test/java/org/springframework/ws/samples/airline/security/SpringFrequentFlyerSecurityServiceTest.java

@@ -19,11 +19,11 @@
 import junit.framework.TestCase;
 import static org.easymock.EasyMock.*;
 
-import org.springframework.security.context.SecurityContext;
-import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.context.SecurityContextImpl;
-import org.springframework.security.providers.TestingAuthenticationToken;
-import org.springframework.security.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.context.SecurityContextImpl;
+import org.springframework.security.authentication.TestingAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.ws.samples.airline.dao.FrequentFlyerDao;
 import org.springframework.ws.samples.airline.domain.FrequentFlyer;
 
@@ -42,7 +42,7 @@ protected void setUp() throws Exception {
     public void testGetCurrentlyAuthenticatedFrequentFlyer() throws Exception {
         FrequentFlyer frequentFlyer = new FrequentFlyer("john");
         FrequentFlyerDetails detail = new FrequentFlyerDetails(frequentFlyer);
-        TestingAuthenticationToken token = new TestingAuthenticationToken(detail, null, (GrantedAuthority[])null);
+        TestingAuthenticationToken token = new TestingAuthenticationToken(detail, null, new GrantedAuthority[]{});
         SecurityContext context = new SecurityContextImpl();
         context.setAuthentication(token);
         SecurityContextHolder.setContext(context);
@@ -60,4 +60,4 @@ public void testGetFrequentFlyer() throws Exception {
         assertEquals("Invalid result", frequentFlyer, result);
         verify(flyerDaoMock);
     }
-}
+}

security/pom.xml

@@ -107,6 +107,11 @@
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-core</artifactId>
+        </dependency>
+        <!-- X.509 dependencies -->
+        <dependency>
+            <groupId>net.sf.ehcache</groupId>
+            <artifactId>ehcache-core</artifactId>
             <optional>true</optional>
         </dependency>
         <!-- JEE dependencies -->
@@ -118,7 +123,7 @@
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-core</artifactId>
-            <version>2.0.5.RELEASE</version>
+            <version>3.0.2.RELEASE</version>
             <classifier>tests</classifier>
             <scope>test</scope>
         </dependency>

security/src/main/java/org/springframework/ws/soap/security/support/SpringSecurityUtils.java

@@ -15,11 +15,11 @@
 
 package org.springframework.ws.soap.security.support;
 
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.LockedException;
-import org.springframework.security.DisabledException;
-import org.springframework.security.AccountExpiredException;
-import org.springframework.security.CredentialsExpiredException;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.authentication.LockedException;
+import org.springframework.security.authentication.DisabledException;
+import org.springframework.security.authentication.AccountExpiredException;
+import org.springframework.security.authentication.CredentialsExpiredException;
 
 /**
  * Generic utility methods for Spring Security

security/src/main/java/org/springframework/ws/soap/security/wss4j/callback/SpringDigestPasswordValidationCallbackHandler.java

@@ -24,13 +24,13 @@
 
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.dao.DataAccessException;
-import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
-import org.springframework.security.providers.dao.UserCache;
-import org.springframework.security.providers.dao.cache.NullUserCache;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UserDetailsService;
-import org.springframework.security.userdetails.UsernameNotFoundException;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.userdetails.UserCache;
+import org.springframework.security.core.userdetails.cache.NullUserCache;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.util.Assert;
 import org.springframework.ws.soap.security.callback.CleanupCallback;
 import org.springframework.ws.soap.security.support.SpringSecurityUtils;
@@ -43,7 +43,7 @@
  * password contained in this details object is then compared with the digest in the message.
  *
  * @author Arjen Poutsma
- * @see org.springframework.security.userdetails.UserDetailsService
+ * @see org.springframework.security.core.userdetails.UserDetailsService
  * @see org.springframework.security.ui.digestauth.DigestProcessingFilter
  * @since 1.5.0
  */
@@ -113,4 +113,4 @@ private UserDetails loadUserDetails(String username) throws DataAccessException
         }
         return user;
     }
-}
+}