From 4a8d4c48b84748449dbba84dd3b7eb644985321c Mon Sep 17 00:00:00 2001
From: Michal Srb <msrb@redhat.com>
Date: Tue, 28 Jan 2014 10:18:13 +0100
Subject: [PATCH 5/7] Port groovy scripts to spring-security
---
.../groovy/hudson/model/AbstractProjectTest.groovy | 4 ++--
.../AbstractPasswordBasedSecurityRealm.groovy | 6 +++---
.../webapp/WEB-INF/security/SecurityFilters.groovy | 20 ++++++++++----------
3 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/test/src/test/groovy/hudson/model/AbstractProjectTest.groovy b/test/src/test/groovy/hudson/model/AbstractProjectTest.groovy
index a36a740..510d542 100644
--- a/test/src/test/groovy/hudson/model/AbstractProjectTest.groovy
+++ b/test/src/test/groovy/hudson/model/AbstractProjectTest.groovy
@@ -46,8 +46,8 @@ import hudson.triggers.TriggerDescriptor;
import hudson.util.StreamTaskListener;
import hudson.util.OneShotEvent
import jenkins.model.Jenkins;
-import org.acegisecurity.context.SecurityContext;
-import org.acegisecurity.context.SecurityContextHolder;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
import org.jvnet.hudson.test.HudsonTestCase
import org.jvnet.hudson.test.Bug;
import org.jvnet.hudson.test.MemoryAssert
diff --git a/war/src/main/webapp/WEB-INF/security/AbstractPasswordBasedSecurityRealm.groovy b/war/src/main/webapp/WEB-INF/security/AbstractPasswordBasedSecurityRealm.groovy
index 453687d..eabeb37 100644
--- a/war/src/main/webapp/WEB-INF/security/AbstractPasswordBasedSecurityRealm.groovy
+++ b/war/src/main/webapp/WEB-INF/security/AbstractPasswordBasedSecurityRealm.groovy
@@ -24,9 +24,9 @@
/*
Configure Hudson's own user database as the authentication realm.
*/
-import org.acegisecurity.providers.ProviderManager
-import org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider
-import org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider
+import org.springframework.security.authentication.ProviderManager
+import org.springframework.security.authentication.AnonymousAuthenticationProvider
+import org.springframework.security.authentication.RememberMeAuthenticationProvider
import jenkins.model.Jenkins
authenticationManager(ProviderManager) {
diff --git a/war/src/main/webapp/WEB-INF/security/SecurityFilters.groovy b/war/src/main/webapp/WEB-INF/security/SecurityFilters.groovy
index 55f5dcd..15cffe1 100644
--- a/war/src/main/webapp/WEB-INF/security/SecurityFilters.groovy
+++ b/war/src/main/webapp/WEB-INF/security/SecurityFilters.groovy
@@ -32,11 +32,11 @@ import hudson.security.BasicAuthenticationFilter
import hudson.security.ChainedServletFilter
import hudson.security.UnwrapSecurityExceptionFilter
import hudson.security.HudsonAuthenticationEntryPoint
-import org.acegisecurity.providers.anonymous.AnonymousProcessingFilter
+import org.springframework.security.web.authentication.AnonymousAuthenticationFilter
import jenkins.security.ExceptionTranslationFilter
-import org.acegisecurity.ui.basicauth.BasicProcessingFilter
-import org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint
-import org.acegisecurity.ui.rememberme.RememberMeProcessingFilter
+import org.springframework.security.web.authentication.www.BasicAuthenticationFilter
+import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
+import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
import hudson.security.HttpSessionContextIntegrationFilter2
import hudson.security.SecurityRealm
import hudson.security.NoopFilter
@@ -45,7 +45,7 @@ import jenkins.security.ApiTokenFilter
// providers that apply to both patterns
def commonProviders() {
return [
- bean(AnonymousProcessingFilter) {
+ bean(AnonymousAuthenticationFilter) {
key = "anonymous" // must match with the AnonymousProvider
userAttribute = "anonymous,"
},
@@ -74,13 +74,13 @@ filter(ChainedServletFilter) {
// allow clients to submit basic authentication credential
// but allow that to be skipped since it can interfere with reverse proxy setup
Boolean.getBoolean("jenkins.security.ignoreBasicAuth") ? bean(NoopFilter) :
- bean(BasicProcessingFilter) {
+ bean(BasicAuthenticationFilter) {
authenticationManager = securityComponents.manager
// if basic authentication fails (which only happens incorrect basic auth credential is sent),
// respond with 401 with basic auth request, instead of redirecting the user to the login page,
// since users of basic auth tends to be a program and won't see the redirection to the form
// page as a failure
- authenticationEntryPoint = bean(BasicProcessingFilterEntryPoint) {
+ authenticationEntryPoint = bean(BasicAuthenticationEntryPoint) {
realmName = "Jenkins"
}
},
@@ -89,9 +89,9 @@ filter(ChainedServletFilter) {
rememberMeServices = securityComponents.rememberMe
authenticationFailureUrl = "/loginError"
defaultTargetUrl = "/"
- filterProcessesUrl = "/j_acegi_security_check"
+ filterProcessesUrl = "/j_spring_security_check"
},
- bean(RememberMeProcessingFilter) {
+ bean(RememberMeAuthenticationFilter) {
rememberMeServices = securityComponents.rememberMe
authenticationManager = securityComponents.manager
},
@@ -107,4 +107,4 @@ legacy(ChainedServletFilter) {
// when using container-authentication we can't hit /login directly.
// we first have to hit protected /loginEntry, then let the container
// trap that into /login.
-}
\ No newline at end of file
+}
--
1.8.5.3