diff --git a/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java b/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java index 27f35396..7959a759 100644 --- a/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java +++ b/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java @@ -916,11 +916,11 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha } /* - * Acegi has this notion that first an {@link org.acegisecurity.Authentication} object is created + * Acegi has this notion that first an {@link Authentication} object is created * by collecting user information and then the act of authentication is done - * later (by {@link org.acegisecurity.AuthenticationManager}) to verify it. But in case of OpenID, - * we create an {@link org.acegisecurity.Authentication} only after we verified the user identity, - * so {@link org.acegisecurity.AuthenticationManager} becomes no-op. + * later (by {@link AuthenticationManager}) to verify it. But in case of OpenID, + * we create an {@link Authentication} only after we verified the user identity, + * so {@link AuthenticationManager} becomes no-op. */ @Override public SecurityComponents createSecurityComponents() { diff --git a/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java b/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java index 32d859cc..45398b67 100644 --- a/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java +++ b/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java @@ -3,15 +3,17 @@ import com.github.tomakehurst.wiremock.core.WireMockConfiguration; import com.github.tomakehurst.wiremock.junit.WireMockRule; import hudson.util.Secret; -import org.acegisecurity.AuthenticationManager; -import org.acegisecurity.BadCredentialsException; -import org.acegisecurity.GrantedAuthority; -import org.acegisecurity.GrantedAuthorityImpl; -import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; -import org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken; +import java.util.Collection; +import java.util.List; import org.junit.Rule; import org.junit.Test; import org.jvnet.hudson.test.JenkinsRule; +import org.springframework.security.authentication.AnonymousAuthenticationToken; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.crypto.bcrypt.BCrypt; import static org.junit.Assert.assertEquals; @@ -24,7 +26,7 @@ public class OicSecurityRealmTest { public static final String ADMIN = "admin"; - private static final GrantedAuthorityImpl GRANTED_AUTH1 = new GrantedAuthorityImpl(ADMIN); + private static final SimpleGrantedAuthority GRANTED_AUTH1 = new SimpleGrantedAuthority(ADMIN); @Rule public WireMockRule wireMockRule = new WireMockRule(new WireMockConfiguration().dynamicPort(), true); @@ -35,13 +37,13 @@ public class OicSecurityRealmTest { @Test public void testAuthenticate_withAnonymousAuthenticationToken() throws Exception { TestRealm realm = new TestRealm(wireMockRule); - AuthenticationManager manager = realm.getSecurityComponents().manager; + AuthenticationManager manager = realm.getSecurityComponents().manager2; assertNotNull(manager); String key = "testKey"; Object principal = "testUser"; - GrantedAuthority[] authorities = new GrantedAuthority[] {GRANTED_AUTH1}; + Collection authorities = List.of(GRANTED_AUTH1); AnonymousAuthenticationToken token = new AnonymousAuthenticationToken(key, principal, authorities); assertEquals(token, manager.authenticate(token)); @@ -50,13 +52,13 @@ public void testAuthenticate_withAnonymousAuthenticationToken() throws Exception @Test(expected = BadCredentialsException.class) public void testAuthenticate_withUsernamePasswordAuthenticationToken() throws Exception { TestRealm realm = new TestRealm(wireMockRule); - AuthenticationManager manager = realm.getSecurityComponents().manager; + AuthenticationManager manager = realm.getSecurityComponents().manager2; assertNotNull(manager); String key = "testKey"; Object principal = "testUser"; - GrantedAuthority[] authorities = new GrantedAuthority[] {GRANTED_AUTH1}; + Collection authorities = List.of(GRANTED_AUTH1); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(key, principal, authorities);