Changed default for exceptionOnValidationFailure and message.

This seems to have some formatting changes in it also for some reason.
2013-06-19 23:11:22 -04:00 · 2013-06-19 23:11:22 -04:00 · b802354fdb
parent 1993718cc7
commit b802354fdb
39 changed files with 229 additions and 214 deletions
--- a/assembly.xml
+++ b/assembly.xml
@ -77,7 +77,7 @@
                <includeDependencies>true</includeDependencies>
                <unpack>false</unpack>
                <useDefaultExcludes>true</useDefaultExcludes>
-				<includes />
+                <includes/>
            </binaries>
        </moduleSet>
    </moduleSets>
--- a/cas-client-core/src/main/java/org/jasig/cas/client/authentication/AttributePrincipalImpl.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/AttributePrincipalImpl.java
@ -18,13 +18,14 @@
 */
 package org.jasig.cas.client.authentication;

-import java.util.Collections;
-import java.util.Map;
 import org.jasig.cas.client.proxy.ProxyRetriever;
 import org.jasig.cas.client.util.CommonUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import java.util.Collections;
+import java.util.Map;
+
 /**
 * Concrete implementation of the AttributePrincipal interface.
 *
--- a/cas-client-core/src/main/java/org/jasig/cas/client/authentication/AuthenticationFilter.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/AuthenticationFilter.java
@ -18,21 +18,16 @@
 */
 package org.jasig.cas.client.authentication;

+import java.io.IOException;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 import org.jasig.cas.client.util.AbstractCasFilter;
 import org.jasig.cas.client.util.CommonUtils;
 import org.jasig.cas.client.util.ReflectUtils;
 import org.jasig.cas.client.validation.Assertion;

-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import java.io.IOException;
-
 /**
 * Filter implementation to intercept all requests and attempt to authenticate
 * the user by redirecting them to CAS (unless the user has a ticket).
@ -87,7 +82,8 @@ public class AuthenticationFilter extends AbstractCasFilter {
                this.gatewayStorage = ReflectUtils.newInstance(gatewayStorageClass);
            }

-            final String authenticationRedirectStrategyClass = getPropertyFromInitParams(filterConfig, "authenticationRedirectStrategyClass", null);
+            final String authenticationRedirectStrategyClass = getPropertyFromInitParams(filterConfig,
+                    "authenticationRedirectStrategyClass", null);

            if (authenticationRedirectStrategyClass != null) {
                this.authenticationRedirectStrategy = ReflectUtils.newInstance(authenticationRedirectStrategyClass);
@ -100,7 +96,8 @@ public class AuthenticationFilter extends AbstractCasFilter {
        CommonUtils.assertNotNull(this.casServerLoginUrl, "casServerLoginUrl cannot be null.");
    }

-    public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
+    public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse,
+            final FilterChain filterChain) throws IOException, ServletException {
        final HttpServletRequest request = (HttpServletRequest) servletRequest;
        final HttpServletResponse response = (HttpServletResponse) servletResponse;
        final HttpSession session = request.getSession(false);
@ -132,7 +129,8 @@ public class AuthenticationFilter extends AbstractCasFilter {

        logger.debug("Constructed service url: {}", modifiedServiceUrl);

-        final String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);
+        final String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl,
+                getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);

        logger.debug("redirecting to \"{}\"", urlToRedirectTo);
        this.authenticationRedirectStrategy.redirect(request, response, urlToRedirectTo);
--- a/cas-client-core/src/main/java/org/jasig/cas/client/authentication/AuthenticationRedirectStrategy.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/AuthenticationRedirectStrategy.java
@ -1,8 +1,8 @@
 package org.jasig.cas.client.authentication;

-import java.io.IOException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;

 /**
 * Interface to abstract the authentication strategy for redirecting.  The traditional method was to always just redirect,
--- a/cas-client-core/src/main/java/org/jasig/cas/client/authentication/DefaultAuthenticationRedirectStrategy.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/DefaultAuthenticationRedirectStrategy.java
@ -1,8 +1,8 @@
 package org.jasig.cas.client.authentication;

-import java.io.IOException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;

 /**
 * Implementation of the {@link AuthenticationRedirectStrategy} class that preserves the original behavior that existed prior to 3.3.0.
--- a/cas-client-core/src/main/java/org/jasig/cas/client/authentication/FacesCompatibleAuthenticationRedirectStrategy.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/FacesCompatibleAuthenticationRedirectStrategy.java
@ -1,10 +1,11 @@
 package org.jasig.cas.client.authentication;

-import java.io.IOException;
-import java.io.PrintWriter;
+import org.jasig.cas.client.util.CommonUtils;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import org.jasig.cas.client.util.CommonUtils;
+import java.io.IOException;
+import java.io.PrintWriter;

 /**
 * Implementation of the redirect strategy that can handle a Faces Ajax request in addition to the standard redirect style.
--- a/cas-client-core/src/main/java/org/jasig/cas/client/proxy/AbstractEncryptedProxyGrantingTicketStorageImpl.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/proxy/AbstractEncryptedProxyGrantingTicketStorageImpl.java
@ -18,13 +18,13 @@
 */
 package org.jasig.cas.client.proxy;

+import javax.crypto.Cipher;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.DESedeKeySpec;
 import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.security.spec.InvalidKeySpecException;
-import javax.crypto.Cipher;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.DESedeKeySpec;

 /**
 * Provides encryption capabilities. Not entirely safe to configure since we have no way of controlling the
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractCasProtocolUrlBasedTicketValidator.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractCasProtocolUrlBasedTicketValidator.java
@ -18,9 +18,10 @@
 */
 package org.jasig.cas.client.validation;

-import java.net.URL;
 import org.jasig.cas.client.util.CommonUtils;

+import java.net.URL;
+
 /**
 * Abstract class that knows the protocol for validating a CAS ticket.
 *
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractTicketValidationFilter.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractTicketValidationFilter.java
@ -60,7 +60,7 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
    private boolean redirectAfterValidation = true;

    /** Determines whether an exception is thrown when there is a ticket validation failure. */
-    private boolean exceptionOnValidationFailure = true;
+    private boolean exceptionOnValidationFailure = false;

    /**
     * Specify whether the Assertion should be stored in a session
@ -126,7 +126,7 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {

    protected void initInternal(final FilterConfig filterConfig) throws ServletException {
        setExceptionOnValidationFailure(parseBoolean(getPropertyFromInitParams(filterConfig,
-                "exceptionOnValidationFailure", "true")));
+                "exceptionOnValidationFailure", "false")));
        logger.trace("Setting exceptionOnValidationFailure parameter: {}", this.exceptionOnValidationFailure);
        setRedirectAfterValidation(parseBoolean(getPropertyFromInitParams(filterConfig, "redirectAfterValidation",
                "true")));
@ -221,8 +221,7 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
                    return;
                }
            } catch (final TicketValidationException e) {
-                response.setStatus(HttpServletResponse.SC_FORBIDDEN);
-                logger.warn(e.getMessage(), e);
+                logger.debug(e.getMessage(), e);

                onFailedValidation(request, response);

@ -230,7 +229,7 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
                    throw new ServletException(e);
                }

-                response.sendError(HttpServletResponse.SC_FORBIDDEN);
+                response.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage());

                return;
            }
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Assertion.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Assertion.java
@ -18,10 +18,11 @@
 */
 package org.jasig.cas.client.validation;

+import org.jasig.cas.client.authentication.AttributePrincipal;
+
 import java.io.Serializable;
 import java.util.Date;
 import java.util.Map;
-import org.jasig.cas.client.authentication.AttributePrincipal;

 /**
 * Represents a response to a validation request.
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AssertionImpl.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AssertionImpl.java
@ -18,13 +18,14 @@
 */
 package org.jasig.cas.client.validation;

-import java.util.Collections;
-import java.util.Date;
-import java.util.Map;
 import org.jasig.cas.client.authentication.AttributePrincipal;
 import org.jasig.cas.client.authentication.AttributePrincipalImpl;
 import org.jasig.cas.client.util.CommonUtils;

+import java.util.Collections;
+import java.util.Date;
+import java.util.Map;
+
 /**
 * Concrete Implementation of the {@link Assertion}.
 *
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java
@ -18,9 +18,10 @@
 */
 package org.jasig.cas.client.validation;

-import java.util.List;
 import org.jasig.cas.client.util.XmlUtils;

+import java.util.List;
+
 /**
 * Extension to the traditional Service Ticket validation that will validate service tickets and proxy tickets.
 *
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java
@ -18,10 +18,6 @@
 */
 package org.jasig.cas.client.validation;

-import java.io.StringReader;
-import java.util.*;
-import javax.xml.parsers.SAXParser;
-import javax.xml.parsers.SAXParserFactory;
 import org.jasig.cas.client.authentication.AttributePrincipal;
 import org.jasig.cas.client.authentication.AttributePrincipalImpl;
 import org.jasig.cas.client.proxy.Cas20ProxyRetriever;
@ -35,6 +31,11 @@ import org.xml.sax.SAXException;
 import org.xml.sax.XMLReader;
 import org.xml.sax.helpers.DefaultHandler;

+import javax.xml.parsers.SAXParser;
+import javax.xml.parsers.SAXParserFactory;
+import java.io.StringReader;
+import java.util.*;
+
 /**
 * Implementation of the TicketValidator that will validate Service Tickets in compliance with the CAS 2.
 *
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/ProxyListEditor.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/ProxyListEditor.java
@ -18,13 +18,14 @@
 */
 package org.jasig.cas.client.validation;

+import org.jasig.cas.client.util.CommonUtils;
+
 import java.beans.PropertyEditorSupport;
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.StringReader;
 import java.util.ArrayList;
 import java.util.List;
-import org.jasig.cas.client.util.CommonUtils;

 /**
 * Convert a String-formatted list of acceptable proxies to an array.
--- a/cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java
+++ b/cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java
@ -18,27 +18,20 @@
 */
 package org.jasig.cas.client.authentication;

+import static org.junit.Assert.*;
 import java.io.IOException;
 import java.lang.reflect.Field;
 import java.net.URLEncoder;
-
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
-
 import org.jasig.cas.client.util.AbstractCasFilter;
 import org.jasig.cas.client.validation.AssertionImpl;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
-import org.springframework.mock.web.MockFilterConfig;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.mock.web.MockHttpSession;
-import org.springframework.mock.web.MockServletContext;
-
-import static org.junit.Assert.*;
+import org.springframework.mock.web.*;

 /**
 * Tests for the AuthenticationFilter.
@ -77,8 +70,7 @@ public final class AuthenticationFilterTests {
        final MockHttpServletResponse response = new MockHttpServletResponse();
        final FilterChain filterChain = new FilterChain() {

-            public void doFilter(ServletRequest arg0, ServletResponse arg1)
-                    throws IOException, ServletException {
+            public void doFilter(ServletRequest arg0, ServletResponse arg1) throws IOException, ServletException {
                // nothing to do
            }
        };
@ -86,9 +78,8 @@ public final class AuthenticationFilterTests {
        request.setSession(session);
        this.filter.doFilter(request, response, filterChain);

-        assertEquals(CAS_LOGIN_URL + "?service="
-                + URLEncoder.encode(CAS_SERVICE_URL, "UTF-8"), response
-                .getRedirectedUrl());
+        assertEquals(CAS_LOGIN_URL + "?service=" + URLEncoder.encode(CAS_SERVICE_URL, "UTF-8"),
+                response.getRedirectedUrl());
    }

    @Test
@ -101,8 +92,7 @@ public final class AuthenticationFilterTests {
        request.setSecure(true);
        final FilterChain filterChain = new FilterChain() {

-            public void doFilter(ServletRequest arg0, ServletResponse arg1)
-                    throws IOException, ServletException {
+            public void doFilter(ServletRequest arg0, ServletResponse arg1) throws IOException, ServletException {
                // nothing to do
            }
        };
@ -117,10 +107,11 @@ public final class AuthenticationFilterTests {

        this.filter.doFilter(request, response, filterChain);

-        assertEquals(CAS_LOGIN_URL
+        assertEquals(
+                CAS_LOGIN_URL
                        + "?service="
-                + URLEncoder.encode("https://localhost:8443"
-                + request.getRequestURI() + "?" + request.getQueryString(),
+                        + URLEncoder.encode(
+                                "https://localhost:8443" + request.getRequestURI() + "?" + request.getQueryString(),
                                "UTF-8"), response.getRedirectedUrl());
    }

@ -131,15 +122,13 @@ public final class AuthenticationFilterTests {
        final MockHttpServletResponse response = new MockHttpServletResponse();
        final FilterChain filterChain = new FilterChain() {

-            public void doFilter(ServletRequest arg0, ServletResponse arg1)
-                    throws IOException, ServletException {
+            public void doFilter(ServletRequest arg0, ServletResponse arg1) throws IOException, ServletException {
                // nothing to do
            }
        };

        request.setSession(session);
-        session.setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION,
-                new AssertionImpl("test"));
+        session.setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, new AssertionImpl("test"));
        this.filter.doFilter(request, response, filterChain);

        assertNull(response.getRedirectedUrl());
@ -152,8 +141,7 @@ public final class AuthenticationFilterTests {
        final MockHttpServletResponse response = new MockHttpServletResponse();
        final FilterChain filterChain = new FilterChain() {

-            public void doFilter(ServletRequest arg0, ServletResponse arg1)
-                    throws IOException, ServletException {
+            public void doFilter(ServletRequest arg0, ServletResponse arg1) throws IOException, ServletException {
                // nothing to do
            }
        };
@ -173,8 +161,7 @@ public final class AuthenticationFilterTests {
        final MockHttpServletResponse response = new MockHttpServletResponse();
        final FilterChain filterChain = new FilterChain() {

-            public void doFilter(ServletRequest arg0, ServletResponse arg1)
-                    throws IOException, ServletException {
+            public void doFilter(ServletRequest arg0, ServletResponse arg1) throws IOException, ServletException {
                // nothing to do
            }
        };
@ -226,7 +213,8 @@ public final class AuthenticationFilterTests {
        final MockServletContext context = new MockServletContext();
        context.addInitParameter("casServerLoginUrl", "https://cas.example.com/login");
        context.addInitParameter("service", "https://localhost:8443/service");
-        context.addInitParameter("authenticationRedirectStrategyClass", "org.jasig.cas.client.authentication.FacesCompatibleAuthenticationRedirectStrategy");
+        context.addInitParameter("authenticationRedirectStrategyClass",
+                "org.jasig.cas.client.authentication.FacesCompatibleAuthenticationRedirectStrategy");
        f.init(new MockFilterConfig(context));
    }
 }
--- a/cas-client-core/src/test/java/org/jasig/cas/client/authentication/FacesCompatibleAuthenticationRedirectStrategyTests.java
+++ b/cas-client-core/src/test/java/org/jasig/cas/client/authentication/FacesCompatibleAuthenticationRedirectStrategyTests.java
@ -1,11 +1,12 @@
 package org.jasig.cas.client.authentication;

-import static org.junit.Assert.*;
 import org.junit.Before;
 import org.junit.Test;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;

+import static org.junit.Assert.*;
+
 public class FacesCompatibleAuthenticationRedirectStrategyTests {

    private FacesCompatibleAuthenticationRedirectStrategy strategy;
--- a/cas-client-core/src/test/java/org/jasig/cas/client/util/CommonUtilsTests.java
+++ b/cas-client-core/src/test/java/org/jasig/cas/client/util/CommonUtilsTests.java
@ -18,12 +18,13 @@
 */
 package org.jasig.cas.client.util;

-import java.util.ArrayList;
-import java.util.Collection;
 import junit.framework.TestCase;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;

+import java.util.ArrayList;
+import java.util.Collection;
+
 /**
 * Tests for the CommonUtils.
 *
--- a/cas-client-core/src/test/java/org/jasig/cas/client/validation/AssertionImplTests.java
+++ b/cas-client-core/src/test/java/org/jasig/cas/client/validation/AssertionImplTests.java
@ -18,12 +18,13 @@
 */
 package org.jasig.cas.client.validation;

-import java.util.HashMap;
-import java.util.Map;
 import junit.framework.TestCase;
 import org.jasig.cas.client.authentication.AttributePrincipal;
 import org.jasig.cas.client.authentication.AttributePrincipalImpl;

+import java.util.HashMap;
+import java.util.Map;
+
 /**
 * Test cases for the {@link AssertionImpl}.
 *
--- a/cas-client-core/src/test/java/org/jasig/cas/client/validation/Cas10TicketValidationFilterTests.java
+++ b/cas-client-core/src/test/java/org/jasig/cas/client/validation/Cas10TicketValidationFilterTests.java
@ -18,12 +18,13 @@
 */
 package org.jasig.cas.client.validation;

-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
 import org.junit.Test;
 import org.springframework.mock.web.MockFilterConfig;
 import org.springframework.mock.web.MockServletContext;

+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
 /**
 * Unit test for {@link Cas10TicketValidationFilter}.
 *
--- a/cas-client-core/src/test/java/org/jasig/cas/client/validation/Saml11TicketValidationFilterTests.java
+++ b/cas-client-core/src/test/java/org/jasig/cas/client/validation/Saml11TicketValidationFilterTests.java
@ -18,12 +18,13 @@
 */
 package org.jasig.cas.client.validation;

-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
 import org.junit.Test;
 import org.springframework.mock.web.MockFilterConfig;
 import org.springframework.mock.web.MockServletContext;

+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
 /**
 * Unit test for {@link Saml11TicketValidationFilter}.
 *
--- a/cas-client-core/src/test/resources/cas20ProxyTicketValidator.xml
+++ b/cas-client-core/src/test/resources/cas20ProxyTicketValidator.xml
@ -25,7 +25,7 @@

    <bean id="proxyTicketValidator"
          class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator">
-		<constructor-arg index="0" value="http://localhost:8089/" />
+        <constructor-arg index="0" value="http://localhost:8089/"/>
        <property name="allowedProxyChains">
            <value>
                test test2 test3 test4 test5
@ -33,13 +33,13 @@
                proxy1 proxy2 proxy3
            </value>
        </property>
-        <property name="proxyCallbackUrl" value="https://localhost:8443/test" />
-        <property name="renew" value="true" />
+        <property name="proxyCallbackUrl" value="https://localhost:8443/test"/>
+        <property name="renew" value="true"/>
    </bean>

    <bean id="proxyTicketValidatorWithAllowAnyProxy"
          class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator"
          p:acceptAnyProxy="true">
-		<constructor-arg index="0" value="http://localhost:8089/" />
+        <constructor-arg index="0" value="http://localhost:8089/"/>
    </bean>
 </beans>
--- a/cas-client-integration-atlassian/src/main/java/org/jasig/cas/client/integration/atlassian/Confluence35CasAuthenticator.java
+++ b/cas-client-integration-atlassian/src/main/java/org/jasig/cas/client/integration/atlassian/Confluence35CasAuthenticator.java
@ -23,15 +23,16 @@ import com.atlassian.confluence.event.events.security.LoginFailedEvent;
 import com.atlassian.confluence.user.ConfluenceAuthenticator;
 import com.atlassian.seraph.auth.AuthenticatorException;
 import com.atlassian.seraph.auth.LoginReason;
-import java.security.Principal;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import org.jasig.cas.client.util.AbstractCasFilter;
 import org.jasig.cas.client.validation.Assertion;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.security.Principal;
+
 /**
 * Extension of ConfluenceAuthenticator to allow people to configure Confluence 3.5+ to authenticate
 * via CAS.
--- a/cas-client-integration-atlassian/src/main/java/org/jasig/cas/client/integration/atlassian/ConfluenceCasAuthenticator.java
+++ b/cas-client-integration-atlassian/src/main/java/org/jasig/cas/client/integration/atlassian/ConfluenceCasAuthenticator.java
@ -20,15 +20,16 @@ package org.jasig.cas.client.integration.atlassian;

 import com.atlassian.confluence.user.ConfluenceAuthenticator;
 import com.atlassian.seraph.auth.AuthenticatorException;
-import java.security.Principal;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import org.jasig.cas.client.util.AbstractCasFilter;
 import org.jasig.cas.client.validation.Assertion;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.security.Principal;
+
 /**
 * Extension of ConfluenceAuthenticator to allow people to configure Confluence to authenticate
 * via CAS.
--- a/cas-client-integration-atlassian/src/main/java/org/jasig/cas/client/integration/atlassian/Jira44CasAuthenticator.java
+++ b/cas-client-integration-atlassian/src/main/java/org/jasig/cas/client/integration/atlassian/Jira44CasAuthenticator.java
@ -21,15 +21,16 @@ package org.jasig.cas.client.integration.atlassian;
 import com.atlassian.jira.security.login.JiraSeraphAuthenticator;
 import com.atlassian.seraph.auth.AuthenticatorException;
 import com.atlassian.seraph.auth.LoginReason;
-import java.security.Principal;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import org.jasig.cas.client.util.AbstractCasFilter;
 import org.jasig.cas.client.validation.Assertion;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.security.Principal;
+
 /**
 * Extension of JiraSeraphAuthenticator to allow people to configure 
 * JIRA 4.4 and above to authenticate via Jasig CAS
--- a/cas-client-integration-jboss/src/main/java/org/jasig/cas/client/jboss/authentication/WebAuthenticationFilter.java
+++ b/cas-client-integration-jboss/src/main/java/org/jasig/cas/client/jboss/authentication/WebAuthenticationFilter.java
@ -18,8 +18,11 @@
 */
 package org.jasig.cas.client.jboss.authentication;

-import java.io.IOException;
-import java.security.GeneralSecurityException;
+import org.jasig.cas.client.jaas.AssertionPrincipal;
+import org.jasig.cas.client.util.AbstractCasFilter;
+import org.jasig.cas.client.util.CommonUtils;
+import org.jboss.web.tomcat.security.login.WebAuthentication;
+
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
@ -27,10 +30,8 @@ import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
-import org.jasig.cas.client.jaas.AssertionPrincipal;
-import org.jasig.cas.client.util.AbstractCasFilter;
-import org.jasig.cas.client.util.CommonUtils;
-import org.jboss.web.tomcat.security.login.WebAuthentication;
+import java.io.IOException;
+import java.security.GeneralSecurityException;

 /**
 * This servlet filter performs a programmatic JAAS login using the JBoss
--- a/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/AbstractLogoutHandler.java
+++ b/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/AbstractLogoutHandler.java
@ -18,15 +18,16 @@
 */
 package org.jasig.cas.client.tomcat;

-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import org.jasig.cas.client.util.AbstractCasFilter;
 import org.jasig.cas.client.util.CommonUtils;
 import org.jasig.cas.client.validation.Assertion;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
 /**
 * Base class for all logout handlers.
 *
--- a/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/AssertionCasRealmDelegate.java
+++ b/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/AssertionCasRealmDelegate.java
@ -18,12 +18,13 @@
 */
 package org.jasig.cas.client.tomcat;

+import org.jasig.cas.client.authentication.AttributePrincipal;
+import org.jasig.cas.client.util.CommonUtils;
+
 import java.security.Principal;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
-import org.jasig.cas.client.authentication.AttributePrincipal;
-import org.jasig.cas.client.util.CommonUtils;

 /**
 * {@link CasRealm} implementation with prinicpal and role data backed by the {@link org.jasig.cas.client.validation.Assertion}.
--- a/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/AuthenticatorDelegate.java
+++ b/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/AuthenticatorDelegate.java
@ -18,11 +18,6 @@
 */
 package org.jasig.cas.client.tomcat;

-import java.io.IOException;
-import java.security.Principal;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import org.jasig.cas.client.util.AbstractCasFilter;
 import org.jasig.cas.client.util.CommonUtils;
 import org.jasig.cas.client.validation.Assertion;
@ -31,6 +26,12 @@ import org.jasig.cas.client.validation.TicketValidator;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.security.Principal;
+
 /**
 * Version-agnostic authenticator which encapsulates the core CAS workflow of
 * redirecting to CAS for unauthenticated sessions and validating service tickets
--- a/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/PropertiesCasRealmDelegate.java
+++ b/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/PropertiesCasRealmDelegate.java
@ -18,15 +18,16 @@
 */
 package org.jasig.cas.client.tomcat;

+import org.jasig.cas.client.util.CommonUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import java.io.BufferedInputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.security.Principal;
 import java.util.*;
-import org.jasig.cas.client.util.CommonUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;

 /**
 * {@link CasRealm} implementation with users and roles defined by a properties
--- a/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/RegexUriLogoutHandler.java
+++ b/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/RegexUriLogoutHandler.java
@ -18,10 +18,11 @@
 */
 package org.jasig.cas.client.tomcat;

-import java.util.regex.Pattern;
-import javax.servlet.http.HttpServletRequest;
 import org.jasig.cas.client.util.CommonUtils;

+import javax.servlet.http.HttpServletRequest;
+import java.util.regex.Pattern;
+
 /**
 * Performs CAS logout when the request URI matches a regular expression.
 *
--- a/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/StaticUriLogoutHandler.java
+++ b/cas-client-integration-tomcat-common/src/main/java/org/jasig/cas/client/tomcat/StaticUriLogoutHandler.java
@ -18,9 +18,10 @@
 */
 package org.jasig.cas.client.tomcat;

-import javax.servlet.http.HttpServletRequest;
 import org.jasig.cas.client.util.CommonUtils;

+import javax.servlet.http.HttpServletRequest;
+
 /**
 * Performs CAS logout when the request URI matches a fixed context-relative
 * URI.
--- a/cas-client-integration-tomcat-common/src/test/java/org/jasig/cas/client/tomcat/PropertiesCasRealmDelegateTests.java
+++ b/cas-client-integration-tomcat-common/src/test/java/org/jasig/cas/client/tomcat/PropertiesCasRealmDelegateTests.java
@ -18,11 +18,12 @@
 */
 package org.jasig.cas.client.tomcat;

+import junit.framework.TestCase;
+import org.jasig.cas.client.authentication.AttributePrincipalImpl;
+
 import java.security.Principal;
 import java.util.Arrays;
 import java.util.List;
-import junit.framework.TestCase;
-import org.jasig.cas.client.authentication.AttributePrincipalImpl;

 /**
 * Unit test for {@link PropertiesCasRealmDelegate} class.
--- a/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/AbstractCasRealm.java
+++ b/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/AbstractCasRealm.java
@ -18,12 +18,13 @@
 */
 package org.jasig.cas.client.tomcat.v6;

-import java.security.Principal;
 import org.apache.catalina.realm.RealmBase;
 import org.jasig.cas.client.tomcat.CasRealm;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import java.security.Principal;
+
 /**
 * Base <code>Realm</code> implementation for all CAS realms.
 *
--- a/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java
+++ b/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java
@ -18,8 +18,6 @@
 */
 package org.jasig.cas.client.tomcat.v6;

-import java.io.IOException;
-import javax.servlet.ServletException;
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.Session;
 import org.apache.catalina.SessionEvent;
@ -29,6 +27,9 @@ import org.apache.catalina.connector.Response;
 import org.jasig.cas.client.session.SessionMappingStorage;
 import org.jasig.cas.client.session.SingleSignOutHandler;

+import javax.servlet.ServletException;
+import java.io.IOException;
+
 /**
 * Handles logout request messages sent from the CAS server by ending the current
 * HTTP session.
--- a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/AbstractAuthenticator.java
+++ b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/AbstractAuthenticator.java
@ -18,9 +18,6 @@
 */
 package org.jasig.cas.client.tomcat.v7;

-import java.io.IOException;
-import java.security.Principal;
-import javax.servlet.http.HttpServletResponse;
 import org.apache.catalina.*;
 import org.apache.catalina.authenticator.AuthenticatorBase;
 import org.apache.catalina.connector.Request;
@ -32,6 +29,10 @@ import org.jasig.cas.client.validation.TicketValidator;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.security.Principal;
+
 /**
 * Base authenticator for all authentication protocols supported by CAS.
 * 
--- a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/AbstractCasRealm.java
+++ b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/AbstractCasRealm.java
@ -18,11 +18,12 @@
 */
 package org.jasig.cas.client.tomcat.v7;

-import java.security.Principal;
 import org.apache.catalina.Wrapper;
 import org.apache.catalina.realm.RealmBase;
 import org.jasig.cas.client.tomcat.CasRealm;

+import java.security.Principal;
+
 /**
 * Base <code>Realm</code> implementation for all CAS realms.
 *
--- a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java
+++ b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java
@ -18,8 +18,6 @@
 */
 package org.jasig.cas.client.tomcat.v7;

-import java.io.IOException;
-import javax.servlet.ServletException;
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.Session;
 import org.apache.catalina.SessionEvent;
@ -32,6 +30,9 @@ import org.jasig.cas.client.session.SingleSignOutHandler;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import javax.servlet.ServletException;
+import java.io.IOException;
+
 /**
 * Handles logout request messages sent from the CAS server by ending the current
 * HTTP session.
--- a/cas-client-support-distributed-memcached/src/main/java/org/jasig/cas/client/proxy/MemcachedBackedProxyGrantingTicketStorageImpl.java
+++ b/cas-client-support-distributed-memcached/src/main/java/org/jasig/cas/client/proxy/MemcachedBackedProxyGrantingTicketStorageImpl.java
@ -18,6 +18,8 @@
 */
 package org.jasig.cas.client.proxy;

+import net.spy.memcached.MemcachedClient;
+
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStream;
@ -26,7 +28,6 @@ import java.net.InetSocketAddress;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.Future;
-import net.spy.memcached.MemcachedClient;

 /**
 * Implementation of the {@link org.jasig.cas.client.proxy.ProxyGrantingTicketStorage} interface that is backed by
--- a/src/licensing/header-definitions.xml
+++ b/src/licensing/header-definitions.xml
@ -2,8 +2,8 @@
 <additionalHeaders>
    <javadoc_style>
        <firstLine>/*</firstLine>
-    <beforeEachLine> * </beforeEachLine>
-    <endLine> */</endLine>
+        <beforeEachLine>*</beforeEachLine>
+        <endLine>*/</endLine>
        <firstLineDetectionPattern>( |\t)*/\*( |\t)*$</firstLineDetectionPattern>
        <lastLineDetectionPattern>( |\t)*\*/( |\t)*$</lastLineDetectionPattern>
        <allowBlankLines>true</allowBlankLines>