fix #121

pom.xml

@@ -593,7 +593,7 @@
     <dependency>
       <groupId>org.codelibs</groupId>
       <artifactId>corelib</artifactId>
-      <version>0.1.2</version>
+      <version>0.2.0-SNAPSHOT</version>
     </dependency>
     <dependency>
       <groupId>org.codelibs.solr</groupId>
@@ -603,7 +603,7 @@
     <dependency>
       <groupId>org.codelibs.sastruts</groupId>
       <artifactId>sastruts-core</artifactId>
-      <version>0.1.1</version>
+      <version>0.2.0-SNAPSHOT</version>
     </dependency>
     <dependency>
       <groupId>org.codelibs.sastruts</groupId>

src/main/java/jp/sf/fess/Constants.java

@@ -35,8 +35,6 @@ public class Constants extends CoreLibConstants {
 
     public static final String WEB_API_VERSION = "5";
 
-    public static final String LOGIN_INFO = "jp.sf.fess.LoginInfo";
-
     public static final String EMPTY_STRING = "";
 
     public static final String[] EMPTY_STRINGS = new String[0];
@@ -168,7 +166,7 @@ public class Constants extends CoreLibConstants {
 
     public static final String NOTIFICATION_TO_PROPERTY = "notification.to";
 
-    public static final String AUTH_CIPHER = "jp.sf.fess.AuthCipher";
+    public static final String AUTH_CIPHER = "authenticationCipher";
 
     public static final String RETURN_PATH = "jp.sf.fess.ReturnPath";
 

src/main/java/jp/sf/fess/action/LoginAction.java

@@ -20,8 +20,9 @@ import java.io.IOException;
 import java.io.Serializable;
 import java.util.Enumeration;
 import java.util.HashMap;
-import java.util.List;
+import java.util.HashSet;
 import java.util.Map;
+import java.util.Set;
 
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
@@ -30,12 +31,14 @@ import javax.servlet.http.HttpSession;
 
 import jp.sf.fess.Constants;
 import jp.sf.fess.FessSystemException;
-import jp.sf.fess.crypto.FessCipher;
 import jp.sf.fess.entity.LoginInfo;
 import jp.sf.fess.form.LoginForm;
 import jp.sf.fess.helper.SystemHelper;
+import jp.sf.fess.util.ComponentUtil;
 
 import org.apache.struts.Globals;
+import org.codelibs.core.crypto.CachedCipher;
+import org.codelibs.sastruts.core.SSCConstants;
 import org.seasar.framework.util.StringUtil;
 import org.seasar.struts.annotation.ActionForm;
 import org.seasar.struts.annotation.Execute;
@@ -62,7 +65,7 @@ public class LoginAction implements Serializable {
         final HttpServletRequest request = RequestUtil.getRequest();
         final HttpSession session = request.getSession();
         // check login session
-        final Object obj = session.getAttribute(Constants.LOGIN_INFO);
+        final Object obj = session.getAttribute(SSCConstants.USER_INFO);
         if (obj instanceof LoginInfo) {
             final LoginInfo loginInfo = (LoginInfo) obj;
             if (loginInfo.isAdministrator()) {
@@ -83,13 +86,13 @@ public class LoginAction implements Serializable {
 
         String returnPath;
         if (StringUtil.isNotBlank(loginForm.returnPath)) {
-            final FessCipher fessCipher = FessCipher.class.cast(RequestUtil
-                    .getRequest().getAttribute(Constants.AUTH_CIPHER));
-            if (fessCipher == null) {
+            final CachedCipher cipher = ComponentUtil
+                    .getCipher(Constants.AUTH_CIPHER);
+            if (cipher == null) {
                 throw new FessSystemException(
                         "A cipher for authentication is null. Please check a filter setting.");
             }
-            final String value = fessCipher.decryptoText(loginForm.returnPath);
+            final String value = cipher.decryptoText(loginForm.returnPath);
             final int idx = value.indexOf('|');
             if (idx >= 0) {
                 returnPath = value.substring(idx + 1);
@@ -131,25 +134,24 @@ public class LoginAction implements Serializable {
         // create user info
         final LoginInfo loginInfo = new LoginInfo();
         loginInfo.setUsername(request.getRemoteUser());
-        session.setAttribute(Constants.LOGIN_INFO, loginInfo);
+        session.setAttribute(SSCConstants.USER_INFO, loginInfo);
 
         String returnPath;
-        final List<String> authenticatedRoleList = systemHelper
-                .getAuthenticatedRoleList();
-        if (request.isUserInRole(systemHelper.getAdminRole())) {
+        final Set<String> authenticatedRoleList = systemHelper
+                .getAuthenticatedRoleSet();
+        final Set<String> roleSet = new HashSet<>();
+        for (final String role : authenticatedRoleList) {
+            if (request.isUserInRole(role)) {
+                roleSet.add(role);
+            }
+        }
+        loginInfo.setRoleSet(roleSet);
+
+        if (loginInfo.isAdministrator()) {
             if (logger.isInfoEnabled()) {
                 logger.info("[LOGIN] ADMIN: " + "The usename is "
                         + request.getRemoteUser());
             }
-            loginInfo.setAdministrator(true);
-
-            if (authenticatedRoleList != null) {
-                for (final String role : authenticatedRoleList) {
-                    if (request.isUserInRole(role)) {
-                        loginInfo.addRole(role);
-                    }
-                }
-            }
 
             returnPath = (String) session.getAttribute(Constants.RETURN_PATH);
             if (returnPath != null) {
@@ -159,28 +161,18 @@ public class LoginAction implements Serializable {
                 returnPath = getAdminRootPath();
             }
         } else {
-            if (authenticatedRoleList != null) {
-                boolean authenticated = false;
-                for (final String role : authenticatedRoleList) {
-                    if (request.isUserInRole(role)) {
-                        loginInfo.addRole(role);
-                        authenticated = true;
-                    }
+            if (!loginInfo.getRoleSet().isEmpty()) {
+                if (logger.isInfoEnabled()) {
+                    logger.info("[LOGIN] USER: " + "The usename is "
+                            + request.getRemoteUser());
                 }
-                if (authenticated) {
-                    if (logger.isInfoEnabled()) {
-                        logger.info("[LOGIN] USER: " + "The usename is "
-                                + request.getRemoteUser());
-                    }
-                    loginInfo.setAdministrator(false);
-                } else {
-                    if (logger.isWarnEnabled()) {
-                        logger.warn("Login Failure: " + request.getRemoteUser()
-                                + " does not have authenticated roles.");
-                    }
-                    // logout
-                    session.invalidate();
+            } else {
+                if (logger.isWarnEnabled()) {
+                    logger.warn("Login Failure: " + request.getRemoteUser()
+                            + " does not have authenticated roles.");
                 }
+                // logout
+                session.invalidate();
             }
             returnPath = RequestUtil.getRequest().getContextPath();
         }

src/main/java/jp/sf/fess/crypto/FessCipher.java

@@ -1,134 +0,0 @@
-/*
- * Copyright 2009-2014 the CodeLibs Project and the Others.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
- * either express or implied. See the License for the specific language
- * governing permissions and limitations under the License.
- */
-
-package jp.sf.fess.crypto;
-
-import java.nio.charset.Charset;
-import java.util.Queue;
-import java.util.concurrent.ConcurrentLinkedQueue;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.SecretKeySpec;
-
-import jp.sf.fess.FessSystemException;
-
-import org.apache.commons.codec.binary.Base64;
-import org.seasar.framework.container.annotation.tiger.Binding;
-import org.seasar.framework.container.annotation.tiger.BindingType;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class FessCipher {
-    private static final Logger logger = LoggerFactory
-            .getLogger(FessCipher.class);
-
-    protected static final Charset UTF_8 = Charset.forName("UTF-8");
-
-    public String algorithm = "Blowfish";
-
-    @Binding(bindingType = BindingType.MUST)
-    public String key;
-
-    public Charset charset = UTF_8;
-
-    protected Queue<Cipher> encryptoQueue = new ConcurrentLinkedQueue<Cipher>();
-
-    protected Queue<Cipher> decryptoQueue = new ConcurrentLinkedQueue<Cipher>();
-
-    public byte[] encrypto(final byte[] data) {
-        final Cipher cipher = pollEncryptoCipher();
-        byte[] encrypted;
-        try {
-            encrypted = cipher.doFinal(data);
-        } catch (final Exception e) {
-            throw new FessSystemException(
-                    "Could not create a new cipher for encrypto.", e);
-        } finally {
-            offerEncryptoCipher(cipher);
-        }
-        return encrypted;
-    }
-
-    public String encryptoText(final String text) {
-        return new String(
-                Base64.encodeBase64(encrypto(text.getBytes(charset))), UTF_8);
-    }
-
-    public byte[] decrypto(final byte[] data) {
-        final Cipher cipher = pollDecryptoCipher();
-        byte[] decrypted;
-        try {
-            decrypted = cipher.doFinal(data);
-        } catch (final Exception e) {
-            throw new FessSystemException(
-                    "Could not create a new cipher for decrypto.", e);
-        } finally {
-            offerDecryptoCipher(cipher);
-        }
-        return decrypted;
-    }
-
-    public String decryptoText(final String text) {
-        return new String(decrypto(Base64.decodeBase64(text.getBytes(UTF_8))),
-                charset);
-    }
-
-    protected Cipher pollEncryptoCipher() {
-        Cipher cipher = encryptoQueue.poll();
-        if (cipher == null) {
-            if (logger.isInfoEnabled()) {
-                logger.info("Initializing a cipher for an encryption.");
-            }
-            final SecretKeySpec sksSpec = new SecretKeySpec(
-                    key.getBytes(UTF_8), algorithm);
-            try {
-                cipher = Cipher.getInstance(algorithm);
-                cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, sksSpec);
-            } catch (final Exception e) {
-                throw new FessSystemException(
-                        "Could not create a new cipher for encrypto.", e);
-            }
-        }
-        return cipher;
-    }
-
-    protected void offerEncryptoCipher(final Cipher cipher) {
-        encryptoQueue.offer(cipher);
-    }
-
-    protected Cipher pollDecryptoCipher() {
-        Cipher cipher = decryptoQueue.poll();
-        if (cipher == null) {
-            if (logger.isInfoEnabled()) {
-                logger.info("Initializing a cipher for an decryption.");
-            }
-            final SecretKeySpec sksSpec = new SecretKeySpec(
-                    key.getBytes(UTF_8), algorithm);
-            try {
-                cipher = Cipher.getInstance(algorithm);
-                cipher.init(javax.crypto.Cipher.DECRYPT_MODE, sksSpec);
-            } catch (final Exception e) {
-                throw new FessSystemException(
-                        "Could not create a new cipher for decrypto.", e);
-            }
-        }
-        return cipher;
-    }
-
-    protected void offerDecryptoCipher(final Cipher cipher) {
-        decryptoQueue.offer(cipher);
-    }
-}

src/main/java/jp/sf/fess/entity/LoginInfo.java

@@ -16,54 +16,14 @@
 
 package jp.sf.fess.entity;
 
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.List;
+import jp.sf.fess.util.ComponentUtil;
 
-import org.seasar.framework.util.StringUtil;
+import org.codelibs.sastruts.core.entity.UserInfo;
 
-public class LoginInfo implements Serializable {
-
-    private static final long serialVersionUID = 1L;
-
-    protected String username;
-
-    protected boolean administrator = false;
-
-    protected List<String> roleList = new ArrayList<String>();
+public class LoginInfo extends UserInfo {
 
     protected long updatedTime = System.currentTimeMillis();
 
-    public String getUsername() {
-        return username;
-    }
-
-    public void setUsername(final String username) {
-        this.username = username;
-    }
-
-    public boolean isAdministrator() {
-        return administrator;
-    }
-
-    public void setAdministrator(final boolean administrator) {
-        this.administrator = administrator;
-    }
-
-    public void addRole(final String role) {
-        if (StringUtil.isNotBlank(role)) {
-            roleList.add(role);
-        }
-    }
-
-    public void setRoleList(final List<String> roleList) {
-        this.roleList = roleList;
-    }
-
-    public List<String> getRoleList() {
-        return roleList;
-    }
-
     public void setUpdatedTime(final long updatedTime) {
         this.updatedTime = updatedTime;
     }
@@ -72,10 +32,14 @@ public class LoginInfo implements Serializable {
         return updatedTime;
     }
 
-    @Override
-    public String toString() {
-        return "LoginInfo [username=" + username + ", administrator="
-                + administrator + ", roleList=" + roleList + ", updatedTime="
-                + updatedTime + "]";
+    public boolean isAdministrator() {
+        for (final String role : ComponentUtil.getSystemHelper()
+                .getAdminRoleSet()) {
+            if (isUserInRole(role)) {
+                return true;
+            }
+        }
+        return false;
     }
+
 }

src/main/java/jp/sf/fess/filter/AuthenticationFilter.java

@@ -1,154 +0,0 @@
-/*
- * Copyright 2009-2014 the CodeLibs Project and the Others.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
- * either express or implied. See the License for the specific language
- * governing permissions and limitations under the License.
- */
-
-package jp.sf.fess.filter;
-
-import java.io.IOException;
-import java.net.URLEncoder;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import jp.sf.fess.Constants;
-import jp.sf.fess.crypto.FessCipher;
-import jp.sf.fess.entity.LoginInfo;
-import jp.sf.fess.util.ComponentUtil;
-
-import org.seasar.framework.util.StringUtil;
-
-public class AuthenticationFilter implements Filter {
-    private static final String DEFAULT_CIPHER_NAME = "authenticationCipher";
-
-    public List<Pattern> urlPatternList = new ArrayList<Pattern>();
-
-    protected String cipherName;
-
-    protected String loginPath;
-
-    protected String adminRole;
-
-    protected boolean useSecureLogin;
-
-    @Override
-    public void destroy() {
-        urlPatternList = null;
-        cipherName = null;
-    }
-
-    @Override
-    public void doFilter(final ServletRequest request,
-            final ServletResponse response, final FilterChain chain)
-            throws IOException, ServletException {
-        final HttpServletRequest req = (HttpServletRequest) request;
-        final HttpServletResponse res = (HttpServletResponse) response;
-        final String uri = req.getRequestURI();
-        final FessCipher fessCipher = ComponentUtil.getCipher(cipherName);
-        for (final Pattern pattern : urlPatternList) {
-            final Matcher matcher = pattern.matcher(uri);
-            if (matcher.matches()) {
-                if (useSecureLogin) {
-                    final String requestURL = req.getRequestURL().toString();
-                    if (requestURL.startsWith("http:")) {
-                        // redirect
-                        res.sendRedirect(requestURL.replaceFirst("^http:",
-                                "https:"));
-                        return;
-                    }
-                }
-
-                // require authentication
-                boolean redirectLogin = false;
-                final Object obj = req.getSession().getAttribute(
-                        Constants.LOGIN_INFO);
-                if (!(obj instanceof LoginInfo)) {
-                    redirectLogin = true;
-                } else {
-                    final LoginInfo loginInfo = (LoginInfo) obj;
-                    if (!loginInfo.isAdministrator()) {
-                        redirectLogin = true;
-                    }
-                }
-                if (redirectLogin) {
-                    final StringBuilder buf = new StringBuilder(256);
-                    buf.append(System.currentTimeMillis());
-                    buf.append('|');
-                    buf.append(req.getRequestURL());
-
-                    String encoding = request.getCharacterEncoding();
-                    if (encoding == null) {
-                        encoding = Constants.UTF_8;
-                    }
-
-                    final StringBuilder urlBuf = new StringBuilder(1000);
-                    urlBuf.append(res.encodeURL(loginPath));
-                    urlBuf.append("?returnPath=");
-                    urlBuf.append(URLEncoder.encode(
-                            fessCipher.encryptoText(buf.toString()), encoding));
-
-                    // redirect
-                    res.sendRedirect(urlBuf.toString());
-                    return;
-                }
-            }
-        }
-
-        request.setAttribute(Constants.AUTH_CIPHER, fessCipher);
-
-        chain.doFilter(request, response);
-    }
-
-    @Override
-    public void init(final FilterConfig filterConfig) throws ServletException {
-        String value = filterConfig.getInitParameter("urlPatterns");
-        if (value != null) {
-            final String[] urlPatterns = value.split(",");
-            for (final String urlPattern : urlPatterns) {
-                // TODO context name 
-                urlPatternList.add(Pattern.compile(urlPattern.trim()));
-            }
-        }
-
-        cipherName = filterConfig.getInitParameter("cipherName");
-        if (StringUtil.isBlank(cipherName)) {
-            cipherName = DEFAULT_CIPHER_NAME;
-        }
-
-        loginPath = filterConfig.getInitParameter("loginPath");
-        if (StringUtil.isBlank(loginPath)) {
-            loginPath = filterConfig.getServletContext().getContextPath()
-                    + "/login/";
-        }
-
-        value = filterConfig.getInitParameter("useSecureLogin");
-        if (StringUtil.isNotBlank(value)) {
-            useSecureLogin = Boolean.parseBoolean(value);
-        } else {
-            useSecureLogin = false;
-        }
-
-    }
-
-}

src/main/java/jp/sf/fess/filter/LoginInfoFilter.java

@@ -17,8 +17,8 @@
 package jp.sf.fess.filter;
 
 import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.HashSet;
+import java.util.Set;
 
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
@@ -29,11 +29,13 @@ import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 
-import jp.sf.fess.Constants;
 import jp.sf.fess.entity.LoginInfo;
 import jp.sf.fess.helper.SystemHelper;
 import jp.sf.fess.util.ComponentUtil;
 
+import org.codelibs.sastruts.core.SSCConstants;
+
+// TODO refactoring...
 public class LoginInfoFilter implements Filter {
     private long updateInterval = 60 * 60 * 1000L; // 1h
 
@@ -52,10 +54,10 @@ public class LoginInfoFilter implements Filter {
         final HttpServletRequest hRequest = (HttpServletRequest) request;
         final HttpSession session = hRequest.getSession();
         LoginInfo loginInfo = (LoginInfo) session
-                .getAttribute(Constants.LOGIN_INFO);
+                .getAttribute(SSCConstants.USER_INFO);
         if (loginInfo == null) {
             loginInfo = new LoginInfo();
-            session.setAttribute(Constants.LOGIN_INFO, loginInfo);
+            session.setAttribute(SSCConstants.USER_INFO, loginInfo);
 
             updateRoleList(hRequest, loginInfo);
         } else {
@@ -72,15 +74,15 @@ public class LoginInfoFilter implements Filter {
     private void updateRoleList(final HttpServletRequest hRequest,
             final LoginInfo loginInfo) {
         final SystemHelper systemHelper = ComponentUtil.getSystemHelper();
-        final List<String> authenticatedRoleList = systemHelper
-                .getAuthenticatedRoleList();
-        final List<String> roleList = new ArrayList<String>();
+        final Set<String> authenticatedRoleList = systemHelper
+                .getAuthenticatedRoleSet();
+        final Set<String> roleSet = new HashSet<>();
         for (final String role : authenticatedRoleList) {
             if (hRequest.isUserInRole(role)) {
-                roleList.add(role);
+                roleSet.add(role);
             }
         }
-        loginInfo.setRoleList(roleList);
+        loginInfo.setRoleSet(roleSet);
     }
 
     @Override

src/main/java/jp/sf/fess/helper/LabelTypeHelper.java

@@ -84,8 +84,8 @@ public class LabelTypeHelper implements Serializable {
         }
 
         final List<Map<String, String>> itemList = new ArrayList<Map<String, String>>();
-        final List<String> roleList = roleQueryHelper.build();
-        if (roleList.isEmpty()) {
+        final Set<String> roleSet = roleQueryHelper.build();
+        if (roleSet.isEmpty()) {
             for (final LabelTypeItem item : labelTypeItemList) {
                 final Map<String, String> map = new HashMap<String, String>(2);
                 map.put(Constants.ITEM_LABEL, item.getLabel());
@@ -94,7 +94,7 @@ public class LabelTypeHelper implements Serializable {
             }
         } else {
             for (final LabelTypeItem item : labelTypeItemList) {
-                for (final String roleValue : roleList) {
+                for (final String roleValue : roleSet) {
                     if (item.getRoleValueList().contains(roleValue)) {
                         final Map<String, String> map = new HashMap<String, String>(
                                 2);

src/main/java/jp/sf/fess/helper/RoleQueryHelper.java

@@ -16,7 +16,7 @@
 
 package jp.sf.fess.helper;
 
-import java.util.List;
+import java.util.Set;
 
 public interface RoleQueryHelper {
 
@@ -25,6 +25,6 @@ public interface RoleQueryHelper {
      * 
      * @return a list of a role. (not null)
      */
-    List<String> build();
+    Set<String> build();
 
 }

src/main/java/jp/sf/fess/helper/SystemHelper.java

@@ -22,11 +22,13 @@ import java.io.Serializable;
 import java.io.UnsupportedEncodingException;
 import java.net.URLEncoder;
 import java.sql.Timestamp;
-import java.util.ArrayList;
+import java.util.Collection;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
+import java.util.Set;
 import java.util.UUID;
 import java.util.concurrent.atomic.AtomicBoolean;
 
@@ -57,7 +59,7 @@ public class SystemHelper implements Serializable {
     private static final Logger logger = LoggerFactory
             .getLogger(SystemHelper.class);
 
-    private String adminRole = "fess";
+    private final Set<String> adminRoleSet = new HashSet<>();
 
     private String[] crawlerJavaOptions = new String[] {
             "-Djava.awt.headless=true", "-server", "-Xmx512m",
@@ -239,22 +241,28 @@ public class SystemHelper implements Serializable {
         return designJspFileNameMap.get(fileName);
     }
 
-    public String getAdminRole() {
-        return adminRole;
+    public Set<String> getAdminRoleSet() {
+        return adminRoleSet;
     }
 
-    public void setAdminRole(final String adminRole) {
-        this.adminRole = adminRole;
+    public void addAdminRoles(final Collection<String> adminRoles) {
+        adminRoleSet.addAll(adminRoles);
     }
 
-    public List<String> getAuthenticatedRoleList() {
+    public Set<String> getAuthenticatedRoleSet() {
         final RoleTypeService roleTypeService = SingletonS2Container
                 .getComponent(RoleTypeService.class);
         final List<RoleType> roleTypeList = roleTypeService.getRoleTypeList();
-        final List<String> roleList = new ArrayList<String>(roleTypeList.size());
+
+        final Set<String> roleList = new HashSet<>(roleTypeList.size()
+                + adminRoleSet.size());
         for (final RoleType roleType : roleTypeList) {
             roleList.add(roleType.getValue());
         }
+
+        // system roles
+        roleList.addAll(adminRoleSet);
+
         return roleList;
     }
 

src/main/java/jp/sf/fess/helper/impl/QueryHelperImpl.java

@@ -195,8 +195,8 @@ public class QueryHelperImpl implements QueryHelper, Serializable {
         }
 
         if (roleQueryHelper != null) {
-            final List<String> roleList = roleQueryHelper.build();
-            if (roleList.size() > maxFilterQueriesForRole) {
+            final Set<String> roleSet = roleQueryHelper.build();
+            if (roleSet.size() > maxFilterQueriesForRole) {
                 // add query
                 final String sq = queryBuf.toString();
                 queryBuf = new StringBuilder(255);
@@ -210,23 +210,23 @@ public class QueryHelperImpl implements QueryHelper, Serializable {
                     queryBuf.append(')');
                 }
                 queryBuf.append(_AND_);
-                if (roleList.size() > 1) {
+                if (roleSet.size() > 1) {
                     queryBuf.append('(');
                 }
-                queryBuf.append(getRoleQuery(roleList));
-                if (roleList.size() > 1) {
+                queryBuf.append(getRoleQuery(roleSet));
+                if (roleSet.size() > 1) {
                     queryBuf.append(')');
                 }
-            } else if (!roleList.isEmpty()) {
+            } else if (!roleSet.isEmpty()) {
                 // add filter query
-                searchQuery.addFilterQuery(getRoleQuery(roleList));
+                searchQuery.addFilterQuery(getRoleQuery(roleSet));
             }
         }
 
         return searchQuery.query(queryBuf.toString());
     }
 
-    private String getRoleQuery(final List<String> roleList) {
+    private String getRoleQuery(final Set<String> roleList) {
         final StringBuilder queryBuf = new StringBuilder(255);
         boolean isFirst = true;
         for (final String role : roleList) {

src/main/java/jp/sf/fess/helper/impl/RoleQueryHelperImpl.java

@@ -17,22 +17,23 @@
 package jp.sf.fess.helper.impl;
 
 import java.io.Serializable;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 
-import jp.sf.fess.Constants;
-import jp.sf.fess.crypto.FessCipher;
 import jp.sf.fess.entity.LoginInfo;
 import jp.sf.fess.helper.RoleQueryHelper;
 import jp.sf.fess.helper.SystemHelper;
 
+import org.codelibs.core.crypto.CachedCipher;
+import org.codelibs.sastruts.core.SSCConstants;
 import org.seasar.framework.util.StringUtil;
 import org.seasar.struts.util.RequestUtil;
 import org.slf4j.Logger;
@@ -53,7 +54,7 @@ public class RoleQueryHelperImpl implements RoleQueryHelper, Serializable {
     private static final Logger logger = LoggerFactory
             .getLogger(RoleQueryHelperImpl.class);
 
-    public FessCipher fessCipher;
+    public CachedCipher cipher;
 
     public String valueSeparator = "\n";
 
@@ -81,8 +82,8 @@ public class RoleQueryHelperImpl implements RoleQueryHelper, Serializable {
      * @see jp.sf.fess.helper.impl.RoleQueryHelper#build()
      */
     @Override
-    public List<String> build() {
-        final List<String> roleList = new ArrayList<String>();
+    public Set<String> build() {
+        final Set<String> roleList = new HashSet<>();
         final HttpServletRequest request = RequestUtil.getRequest();
 
         // request parameter
@@ -110,9 +111,9 @@ public class RoleQueryHelperImpl implements RoleQueryHelper, Serializable {
             final HttpSession session = request.getSession(false);
             if (session != null) {
                 final LoginInfo loginInfo = (LoginInfo) session
-                        .getAttribute(Constants.LOGIN_INFO);
+                        .getAttribute(SSCConstants.USER_INFO);
                 if (loginInfo != null) {
-                    roleList.addAll(loginInfo.getRoleList());
+                    roleList.addAll(loginInfo.getRoleSet());
                 }
             }
         }
@@ -128,7 +129,7 @@ public class RoleQueryHelperImpl implements RoleQueryHelper, Serializable {
         return roleList;
     }
 
-    protected List<String> buildByParameter(final HttpServletRequest request) {
+    protected Set<String> buildByParameter(final HttpServletRequest request) {
 
         final String parameter = request.getParameter(parameterKey);
         if (logger.isDebugEnabled()) {
@@ -138,10 +139,10 @@ public class RoleQueryHelperImpl implements RoleQueryHelper, Serializable {
             return decodedRoleList(parameter, encryptedParameterValue);
         }
 
-        return Collections.emptyList();
+        return Collections.emptySet();
     }
 
-    protected List<String> buildByHeader(final HttpServletRequest request) {
+    protected Set<String> buildByHeader(final HttpServletRequest request) {
 
         final String parameter = request.getHeader(headerKey);
         if (logger.isDebugEnabled()) {
@@ -151,11 +152,11 @@ public class RoleQueryHelperImpl implements RoleQueryHelper, Serializable {
             return decodedRoleList(parameter, encryptedHeaderValue);
         }
 
-        return Collections.emptyList();
+        return Collections.emptySet();
 
     }
 
-    protected List<String> buildByCookie(final HttpServletRequest request) {
+    protected Set<String> buildByCookie(final HttpServletRequest request) {
 
         final Cookie[] cookies = request.getCookies();
         if (cookies != null) {
@@ -172,24 +173,24 @@ public class RoleQueryHelperImpl implements RoleQueryHelper, Serializable {
             }
         }
 
-        return Collections.emptyList();
+        return Collections.emptySet();
     }
 
-    protected List<String> buildByCookieNameMapping(
+    protected Set<String> buildByCookieNameMapping(
             final HttpServletRequest request) {
 
-        final List<String> roleNameList = new ArrayList<String>();
+        final Set<String> roleNameSet = new HashSet<>();
         final Cookie[] cookies = request.getCookies();
         if (cookies != null) {
             for (final Cookie cookie : cookies) {
-                addRoleFromCookieMapping(roleNameList, cookie);
+                addRoleFromCookieMapping(roleNameSet, cookie);
             }
         }
 
-        return roleNameList;
+        return roleNameSet;
     }
 
-    protected void addRoleFromCookieMapping(final List<String> roleNameList,
+    protected void addRoleFromCookieMapping(final Set<String> roleNameList,
             final Cookie cookie) {
         final String roleName = cookieNameMap.get(cookie.getName());
         if (StringUtil.isNotBlank(roleName)) {
@@ -197,21 +198,21 @@ public class RoleQueryHelperImpl implements RoleQueryHelper, Serializable {
         }
     }
 
-    protected List<String> decodedRoleList(final String value,
+    protected Set<String> decodedRoleList(final String value,
             final boolean encrypted) {
         String rolesStr = value;
-        if (encrypted && fessCipher != null) {
-            rolesStr = fessCipher.decryptoText(rolesStr);
+        if (encrypted && cipher != null) {
+            rolesStr = cipher.decryptoText(rolesStr);
         }
 
-        final List<String> roleList = new ArrayList<String>();
+        final Set<String> roleSet = new HashSet<>();
         if (valueSeparator.length() > 0) {
             final String[] values = rolesStr.split(valueSeparator);
             if (values.length > 1) {
                 final String[] roles = values[1].split(roleSeparator);
                 for (final String role : roles) {
                     if (StringUtil.isNotEmpty(role)) {
-                        roleList.add(role);
+                        roleSet.add(role);
                     }
                 }
             }
@@ -219,11 +220,11 @@ public class RoleQueryHelperImpl implements RoleQueryHelper, Serializable {
             final String[] roles = rolesStr.split(roleSeparator);
             for (final String role : roles) {
                 if (StringUtil.isNotEmpty(role)) {
-                    roleList.add(role);
+                    roleSet.add(role);
                 }
             }
         }
-        return roleList;
+        return roleSet;
     }
 
     public void addCookieNameMapping(final String cookieName,

src/main/java/jp/sf/fess/service/SearchService.java

@@ -19,6 +19,7 @@ package jp.sf.fess.service;
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.Collections;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
@@ -280,13 +281,14 @@ public class SearchService implements Serializable {
             final List<String> fieldNames, final List<String> labels,
             final int rows) {
 
-        final List<String> roleList;
+        final Set<String> roleSet;
         if (roleQueryHelper != null) {
-            roleList = roleQueryHelper.build();
+            roleSet = roleQueryHelper.build();
         } else {
-            roleList = new ArrayList<String>();
+            roleSet = new HashSet<>();
         }
 
+        final List<String> roleList = new ArrayList<>(roleSet); // TODO 
         final String suggestQuery = suggester.buildSuggestQuery(q, fieldNames,
                 labels, roleList);
 

src/main/java/jp/sf/fess/util/ComponentUtil.java

@@ -17,7 +17,6 @@
 package jp.sf.fess.util;
 
 import jp.sf.fess.api.WebApiManagerFactory;
-import jp.sf.fess.crypto.FessCipher;
 import jp.sf.fess.ds.DataStoreFactory;
 import jp.sf.fess.helper.CrawlingConfigHelper;
 import jp.sf.fess.helper.CrawlingSessionHelper;
@@ -40,6 +39,7 @@ import jp.sf.fess.helper.ViewHelper;
 import jp.sf.fess.job.JobExecutor;
 import jp.sf.fess.solr.IndexUpdater;
 
+import org.codelibs.core.crypto.CachedCipher;
 import org.codelibs.core.util.DynamicProperties;
 import org.codelibs.solr.lib.SolrGroupManager;
 import org.seasar.framework.container.SingletonS2Container;
@@ -105,7 +105,7 @@ public final class ComponentUtil {
     private ComponentUtil() {
     }
 
-    public static FessCipher getCipher(final String cipherName) {
+    public static CachedCipher getCipher(final String cipherName) {
         return SingletonS2Container.getComponent(cipherName);
     }
 

src/main/resources/app.dicon

@@ -19,7 +19,7 @@
 
 	<component name="actionMessagesThrowsInterceptor" class="jp.sf.fess.interceptor.FessActionMessagesThrowsInterceptor"/>
 
-	<component name="authenticationCipher" class="jp.sf.fess.crypto.FessCipher">
+	<component name="authenticationCipher" class="org.codelibs.core.crypto.CachedCipher">
         <!-- CHANGE THE FOLLOWING KEY -->
 		<property name="key">"1234567890123456"</property>
 	</component>

src/main/resources/fess.dicon

@@ -25,7 +25,6 @@
 	</component>
 	<component name="systemHelper" class="jp.sf.fess.helper.SystemHelper">
 		<!--
-		<property name="adminRole">"fess"</property>
 		<property name="javaCommandPath">"java"</property>
 		<property name="filterPathEncoding">"UTF-8"</property>
 		<property name="useOwnTmpDir">true</property>
@@ -56,6 +55,9 @@
 "-Xdebug",
 "-Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=127.0.0.1:8000",
  -->
+ 		<initMethod name="addAdminRoles">
+ 			<arg>{"fess"}</arg>
+ 		</initMethod>
 		<initMethod name="addDesignJspFileName">
 			<arg>"index"</arg>
 			<arg>"index.jsp"</arg>
@@ -169,8 +171,8 @@
 		<property name="encryptedHeaderValue">true</property>
 		<property name="cookieKey">"fessRoles"</property>
 		<property name="encryptedCookieValue">true</property>
-		<property name="fessCipher">
-			<component class="jp.sf.fess.crypto.FessCipher">
+		<property name="cipher">
+			<component class="org.codelibs.core.crypto.CachedCipher">
 				<property name="key">"1234567890123456"</property>
 			</component>
 		</property>

src/main/webapp/WEB-INF/web.xml

@@ -60,7 +60,7 @@
 
   <filter>
     <filter-name>authenticationFilter</filter-name>
-    <filter-class>jp.sf.fess.filter.AuthenticationFilter</filter-class>
+    <filter-class>org.codelibs.sastruts.core.filter.AuthFilter</filter-class>
     <init-param>
       <param-name>urlPatterns</param-name>
       <param-value>/fess/admin.*</param-value>
@@ -242,16 +242,6 @@
     </form-login-config>
   </login-config>
 
-  <security-role>
-  	<role-name>fess</role-name>
-  </security-role>
-
-  <!--
-  <security-role>
-  	<role-name>role1</role-name>
-  </security-role>
-  -->
-
   <error-page>
   	<error-code>400</error-code>
   	<location>/WEB-INF/view/error/redirect.jsp?type=badRequest</location>

src/test/java/jp/sf/fess/crypto/FessCipherTest.java

@@ -1,72 +0,0 @@
-/*
- * Copyright 2009-2014 the CodeLibs Project and the Others.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
- * either express or implied. See the License for the specific language
- * governing permissions and limitations under the License.
- */
-
-package jp.sf.fess.crypto;
-
-import org.seasar.extension.unit.S2TestCase;
-
-public class FessCipherTest extends S2TestCase {
-    public FessCipher fessCipher;
-
-    @Override
-    protected String getRootDicon() throws Throwable {
-        return "jp/sf/fess/crypto/cipher.dicon";
-    }
-
-    public void test_encypto() throws Exception {
-        final byte[] value = "test".getBytes(FessCipher.UTF_8);
-        final byte[] result = new byte[] { -71, 94, 118, -115, -62, -28, -92,
-                -29 };
-        final byte[] data = fessCipher.encrypto(value);
-        assertEquals(8, data.length);
-        for (int i = 0; i < 8; i++) {
-            assertEquals(result[i], data[i]);
-        }
-        assertEquals(1, fessCipher.encryptoQueue.size());
-        assertEquals(0, fessCipher.decryptoQueue.size());
-    }
-
-    public void test_decypto() throws Exception {
-        final byte[] value = new byte[] { -71, 94, 118, -115, -62, -28, -92,
-                -29 };
-        final byte[] result = "test".getBytes(FessCipher.UTF_8);
-        final byte[] data = fessCipher.decrypto(value);
-        assertEquals(4, data.length);
-        for (int i = 0; i < 4; i++) {
-            assertEquals(result[i], data[i]);
-        }
-        assertEquals(0, fessCipher.encryptoQueue.size());
-        assertEquals(1, fessCipher.decryptoQueue.size());
-    }
-
-    public void test_encyptoText() {
-        final String value = "test";
-        final String result = "uV52jcLkpOM=";
-        final String data = fessCipher.encryptoText(value);
-        assertEquals(result, data);
-        assertEquals(1, fessCipher.encryptoQueue.size());
-        assertEquals(0, fessCipher.decryptoQueue.size());
-    }
-
-    public void test_decyptoText() {
-        final String value = "uV52jcLkpOM=";
-        final String result = "test";
-        final String data = fessCipher.decryptoText(value);
-        assertEquals(result, data);
-        assertEquals(0, fessCipher.encryptoQueue.size());
-        assertEquals(1, fessCipher.decryptoQueue.size());
-    }
-}

src/test/java/jp/sf/fess/helper/impl/QueryHelperImplTest.java

@@ -16,10 +16,10 @@
 
 package jp.sf.fess.helper.impl;
 
-import java.util.ArrayList;
-import java.util.List;
+import java.util.HashSet;
 import java.util.Locale;
 import java.util.Map;
+import java.util.Set;
 
 import jp.sf.fess.Constants;
 import jp.sf.fess.InvalidQueryException;
@@ -193,8 +193,8 @@ public class QueryHelperImplTest extends S2TestCase {
     public void test_build_roleType() {
         queryHelperImpl.roleQueryHelper = new RoleQueryHelper() {
             @Override
-            public List<String> build() {
-                final List<String> list = new ArrayList<String>();
+            public Set<String> build() {
+                final Set<String> list = new HashSet<>();
                 list.add("guest");
                 return list;
             }
@@ -215,8 +215,8 @@ public class QueryHelperImplTest extends S2TestCase {
 
         queryHelperImpl.roleQueryHelper = new RoleQueryHelper() {
             @Override
-            public List<String> build() {
-                final List<String> list = new ArrayList<String>();
+            public Set<String> build() {
+                final Set<String> list = new HashSet<>();
                 list.add("guest");
                 list.add("admin");
                 return list;
@@ -247,8 +247,8 @@ public class QueryHelperImplTest extends S2TestCase {
         };
         queryHelperImpl.roleQueryHelper = new RoleQueryHelper() {
             @Override
-            public List<String> build() {
-                final List<String> list = new ArrayList<String>();
+            public Set<String> build() {
+                final Set<String> list = new HashSet<>();
                 list.add("guest");
                 list.add("admin");
                 return list;

src/test/java/jp/sf/fess/helper/impl/RoleQueryHelperImplTest.java

@@ -16,18 +16,18 @@
 
 package jp.sf.fess.helper.impl;
 
-import java.util.List;
+import java.util.Set;
 
 import javax.servlet.http.Cookie;
 
 import jp.sf.fess.FessSystemException;
-import jp.sf.fess.crypto.FessCipher;
 
+import org.codelibs.core.crypto.CachedCipher;
 import org.seasar.extension.unit.S2TestCase;
 
 public class RoleQueryHelperImplTest extends S2TestCase {
 
-    public FessCipher fessCipher;
+    public CachedCipher cipher;
 
     @Override
     protected String getRootDicon() throws Throwable {
@@ -37,40 +37,40 @@ public class RoleQueryHelperImplTest extends S2TestCase {
     public void test_buildByParameter() {
         final RoleQueryHelperImpl roleQueryHelperImpl = new RoleQueryHelperImpl();
 
-        List<String> roleList;
+        Set<String> roleSet;
 
-        roleList = roleQueryHelperImpl.buildByParameter(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByParameter(getRequest());
+        assertEquals(0, roleSet.size());
 
         roleQueryHelperImpl.parameterKey = "fess1";
 
         getRequest().setParameter("aaa", "bbb");
-        roleList = roleQueryHelperImpl.buildByParameter(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByParameter(getRequest());
+        assertEquals(0, roleSet.size());
 
         roleQueryHelperImpl.encryptedParameterValue = false;
         getRequest().setParameter("fess1", "xxx\nrole1,role2,role3");
-        roleList = roleQueryHelperImpl.buildByParameter(getRequest());
-        assertEquals(3, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
-        assertEquals("role3", roleList.get(2));
+        roleSet = roleQueryHelperImpl.buildByParameter(getRequest());
+        assertEquals(3, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
+        assertTrue(roleSet.contains("role3"));
 
         roleQueryHelperImpl.parameterKey = "fess2";
 
-        roleQueryHelperImpl.fessCipher = fessCipher;
+        roleQueryHelperImpl.cipher = cipher;
         roleQueryHelperImpl.encryptedParameterValue = true;
         getRequest().setParameter("fess2",
-                fessCipher.encryptoText("xxx\nrole1,role2,role3"));
-        roleList = roleQueryHelperImpl.buildByParameter(getRequest());
-        assertEquals(3, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
-        assertEquals("role3", roleList.get(2));
+                cipher.encryptoText("xxx\nrole1,role2,role3"));
+        roleSet = roleQueryHelperImpl.buildByParameter(getRequest());
+        assertEquals(3, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
+        assertTrue(roleSet.contains("role3"));
 
         getRequest().setParameter("fess2", "fail");
         try {
-            roleList = roleQueryHelperImpl.buildByParameter(getRequest());
+            roleSet = roleQueryHelperImpl.buildByParameter(getRequest());
             fail();
         } catch (final FessSystemException e) {
             // ok
@@ -79,25 +79,25 @@ public class RoleQueryHelperImplTest extends S2TestCase {
         roleQueryHelperImpl.parameterKey = "fess3";
 
         roleQueryHelperImpl.encryptedParameterValue = false;
-        roleList = roleQueryHelperImpl.buildByParameter(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByParameter(getRequest());
+        assertEquals(0, roleSet.size());
 
         roleQueryHelperImpl.parameterKey = "fess4";
 
-        roleQueryHelperImpl.fessCipher = fessCipher;
+        roleQueryHelperImpl.cipher = cipher;
         roleQueryHelperImpl.encryptedParameterValue = true;
-        roleList = roleQueryHelperImpl.buildByParameter(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByParameter(getRequest());
+        assertEquals(0, roleSet.size());
 
     }
 
     public void test_buildByHeader() {
         final RoleQueryHelperImpl roleQueryHelperImpl = new RoleQueryHelperImpl();
 
-        List<String> roleList;
+        Set<String> roleSet;
 
         try {
-            roleList = roleQueryHelperImpl.buildByHeader(getRequest());
+            roleSet = roleQueryHelperImpl.buildByHeader(getRequest());
             fail();
         } catch (final NullPointerException e) {
             //ok
@@ -106,33 +106,33 @@ public class RoleQueryHelperImplTest extends S2TestCase {
         roleQueryHelperImpl.headerKey = "fess1";
 
         getRequest().addHeader("aaa", "bbb");
-        roleList = roleQueryHelperImpl.buildByHeader(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByHeader(getRequest());
+        assertEquals(0, roleSet.size());
 
         roleQueryHelperImpl.encryptedHeaderValue = false;
         getRequest().addHeader("fess1", "xxx\nrole1,role2,role3");
-        roleList = roleQueryHelperImpl.buildByHeader(getRequest());
-        assertEquals(3, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
-        assertEquals("role3", roleList.get(2));
+        roleSet = roleQueryHelperImpl.buildByHeader(getRequest());
+        assertEquals(3, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
+        assertTrue(roleSet.contains("role3"));
 
         roleQueryHelperImpl.headerKey = "fess2";
 
-        roleQueryHelperImpl.fessCipher = fessCipher;
+        roleQueryHelperImpl.cipher = cipher;
         roleQueryHelperImpl.encryptedHeaderValue = true;
         getRequest().addHeader("fess2",
-                fessCipher.encryptoText("xxx\nrole1,role2,role3"));
-        roleList = roleQueryHelperImpl.buildByHeader(getRequest());
-        assertEquals(3, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
-        assertEquals("role3", roleList.get(2));
+                cipher.encryptoText("xxx\nrole1,role2,role3"));
+        roleSet = roleQueryHelperImpl.buildByHeader(getRequest());
+        assertEquals(3, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
+        assertTrue(roleSet.contains("role3"));
 
         roleQueryHelperImpl.headerKey = "fess2x";
         getRequest().addHeader("fess2x", "fail");
         try {
-            roleList = roleQueryHelperImpl.buildByHeader(getRequest());
+            roleSet = roleQueryHelperImpl.buildByHeader(getRequest());
             fail();
         } catch (final FessSystemException e) {
             // ok
@@ -141,30 +141,30 @@ public class RoleQueryHelperImplTest extends S2TestCase {
         roleQueryHelperImpl.headerKey = "fess3";
 
         roleQueryHelperImpl.encryptedHeaderValue = false;
-        roleList = roleQueryHelperImpl.buildByHeader(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByHeader(getRequest());
+        assertEquals(0, roleSet.size());
 
         roleQueryHelperImpl.headerKey = "fess4";
 
-        roleQueryHelperImpl.fessCipher = fessCipher;
+        roleQueryHelperImpl.cipher = cipher;
         roleQueryHelperImpl.encryptedHeaderValue = true;
-        roleList = roleQueryHelperImpl.buildByHeader(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByHeader(getRequest());
+        assertEquals(0, roleSet.size());
     }
 
     public void test_buildByCookie() {
         final RoleQueryHelperImpl roleQueryHelperImpl = new RoleQueryHelperImpl();
 
-        List<String> roleList;
+        Set<String> roleSet;
         Cookie cookie;
 
-        roleList = roleQueryHelperImpl.buildByCookie(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByCookie(getRequest());
+        assertEquals(0, roleSet.size());
 
         cookie = new Cookie("aaa", "bbb");
         getRequest().addCookie(cookie);
         try {
-            roleList = roleQueryHelperImpl.buildByCookie(getRequest());
+            roleSet = roleQueryHelperImpl.buildByCookie(getRequest());
             fail();
         } catch (final NullPointerException e) {
             // ok
@@ -172,39 +172,39 @@ public class RoleQueryHelperImplTest extends S2TestCase {
 
         roleQueryHelperImpl.cookieKey = "fess1";
 
-        roleList = roleQueryHelperImpl.buildByCookie(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByCookie(getRequest());
+        assertEquals(0, roleSet.size());
 
         roleQueryHelperImpl.encryptedCookieValue = false;
         cookie = new Cookie("fess1", "xxx\nrole1,role2,role3");
         getRequest().addCookie(cookie);
-        roleList = roleQueryHelperImpl.buildByCookie(getRequest());
-        assertEquals(3, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
-        assertEquals("role3", roleList.get(2));
+        roleSet = roleQueryHelperImpl.buildByCookie(getRequest());
+        assertEquals(3, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
+        assertTrue(roleSet.contains("role3"));
 
         roleQueryHelperImpl.cookieKey = "fess2";
 
-        roleQueryHelperImpl.fessCipher = fessCipher;
+        roleQueryHelperImpl.cipher = cipher;
         roleQueryHelperImpl.encryptedCookieValue = true;
         cookie = new Cookie("fess2",
-                fessCipher.encryptoText("xxx\nrole1,role2,role3"));
+                cipher.encryptoText("xxx\nrole1,role2,role3"));
         getRequest().addCookie(cookie);
-        roleList = roleQueryHelperImpl.buildByCookie(getRequest());
-        assertEquals(3, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
-        assertEquals("role3", roleList.get(2));
+        roleSet = roleQueryHelperImpl.buildByCookie(getRequest());
+        assertEquals(3, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
+        assertTrue(roleSet.contains("role3"));
 
         roleQueryHelperImpl.cookieKey = "fess2x";
 
-        roleQueryHelperImpl.fessCipher = fessCipher;
+        roleQueryHelperImpl.cipher = cipher;
         roleQueryHelperImpl.encryptedCookieValue = true;
         cookie = new Cookie("fess2x", "fail");
         getRequest().addCookie(cookie);
         try {
-            roleList = roleQueryHelperImpl.buildByCookie(getRequest());
+            roleSet = roleQueryHelperImpl.buildByCookie(getRequest());
             fail();
         } catch (final Exception e) {
             // ok 
@@ -213,146 +213,146 @@ public class RoleQueryHelperImplTest extends S2TestCase {
         roleQueryHelperImpl.cookieKey = "fess3";
 
         roleQueryHelperImpl.encryptedCookieValue = false;
-        roleList = roleQueryHelperImpl.buildByCookie(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByCookie(getRequest());
+        assertEquals(0, roleSet.size());
 
         roleQueryHelperImpl.cookieKey = "fess4";
 
-        roleQueryHelperImpl.fessCipher = fessCipher;
+        roleQueryHelperImpl.cipher = cipher;
         roleQueryHelperImpl.encryptedCookieValue = true;
-        roleList = roleQueryHelperImpl.buildByCookie(getRequest());
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.buildByCookie(getRequest());
+        assertEquals(0, roleSet.size());
     }
 
     public void test_decodedRoleList() {
 
         final RoleQueryHelperImpl roleQueryHelperImpl = new RoleQueryHelperImpl();
 
-        List<String> roleList;
+        Set<String> roleSet;
         boolean encrypted;
         String value;
 
         encrypted = false;
         value = "";
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(0, roleSet.size());
 
         encrypted = false;
         value = "role1";
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(0, roleSet.size());
 
         encrypted = false;
         value = "role1,role2";
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(0, roleSet.size());
 
         encrypted = false;
         value = "xxx\nrole1";
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(1, roleList.size());
-        assertEquals("role1", roleList.get(0));
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(1, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
 
         encrypted = false;
         value = "xxx\nrole1,role2";
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(2, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(2, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
 
         roleQueryHelperImpl.valueSeparator = "";
 
         encrypted = false;
         value = "";
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(0, roleList.size());
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(0, roleSet.size());
 
         encrypted = false;
         value = "role1";
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(1, roleList.size());
-        assertEquals("role1", roleList.get(0));
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(1, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
 
         encrypted = false;
         value = "role1,role2";
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(2, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(2, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
 
         encrypted = false;
         value = "role1,role2,role3";
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(3, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
-        assertEquals("role3", roleList.get(2));
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(3, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
+        assertTrue(roleSet.contains("role3"));
     }
 
     public void test_decodedRoleList_withCipher() {
 
         final RoleQueryHelperImpl roleQueryHelperImpl = new RoleQueryHelperImpl();
-        roleQueryHelperImpl.fessCipher = fessCipher;
+        roleQueryHelperImpl.cipher = cipher;
 
-        List<String> roleList;
+        Set<String> roleSet;
         boolean encrypted;
         String value;
 
         encrypted = true;
-        value = fessCipher.encryptoText("");
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(0, roleList.size());
+        value = cipher.encryptoText("");
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(0, roleSet.size());
 
         encrypted = true;
-        value = fessCipher.encryptoText("role1");
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(0, roleList.size());
+        value = cipher.encryptoText("role1");
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(0, roleSet.size());
 
         encrypted = true;
-        value = fessCipher.encryptoText("role1,role2");
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(0, roleList.size());
+        value = cipher.encryptoText("role1,role2");
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(0, roleSet.size());
 
         encrypted = true;
-        value = fessCipher.encryptoText("xxx\nrole1");
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(1, roleList.size());
-        assertEquals("role1", roleList.get(0));
+        value = cipher.encryptoText("xxx\nrole1");
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(1, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
 
         encrypted = true;
-        value = fessCipher.encryptoText("xxx\nrole1,role2");
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(2, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
+        value = cipher.encryptoText("xxx\nrole1,role2");
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(2, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
 
         roleQueryHelperImpl.valueSeparator = "";
 
         encrypted = true;
-        value = fessCipher.encryptoText("");
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(0, roleList.size());
+        value = cipher.encryptoText("");
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(0, roleSet.size());
 
         encrypted = true;
-        value = fessCipher.encryptoText("role1");
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(1, roleList.size());
-        assertEquals("role1", roleList.get(0));
+        value = cipher.encryptoText("role1");
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(1, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
 
         encrypted = true;
-        value = fessCipher.encryptoText("role1,role2");
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(2, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
+        value = cipher.encryptoText("role1,role2");
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(2, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
 
         encrypted = true;
-        value = fessCipher.encryptoText("role1,role2,role3");
-        roleList = roleQueryHelperImpl.decodedRoleList(value, encrypted);
-        assertEquals(3, roleList.size());
-        assertEquals("role1", roleList.get(0));
-        assertEquals("role2", roleList.get(1));
-        assertEquals("role3", roleList.get(2));
+        value = cipher.encryptoText("role1,role2,role3");
+        roleSet = roleQueryHelperImpl.decodedRoleList(value, encrypted);
+        assertEquals(3, roleSet.size());
+        assertTrue(roleSet.contains("role1"));
+        assertTrue(roleSet.contains("role2"));
+        assertTrue(roleSet.contains("role3"));
     }
 
 }

src/test/resources/app_ut.dicon

@@ -15,7 +15,7 @@
 	<!-- Web -->
 	<component name="actionMessagesThrowsInterceptor" class="jp.sf.fess.interceptor.FessActionMessagesThrowsInterceptor"/>
 
-	<component name="authenticationCipher" class="jp.sf.fess.crypto.FessCipher">
+	<component name="authenticationCipher" class="org.codelibs.core.crypto.CachedCipher">
 		<property name="key">"1234567890123456"</property>
 	</component>
 	<component name="browserTypeHelper" class="jp.sf.fess.helper.BrowserTypeHelper">
@@ -32,7 +32,7 @@
 		<property name="cookieKey">"fessRoles"</property>
 		<property name="encryptedCookieValue">true</property>
 		<property name="fessCipher">
-			<component class="jp.sf.fess.crypto.FessCipher">
+			<component class="org.codelibs.core.crypto.CachedCipher">
 				<property name="key">"1234567890123456"</property>
 			</component>
 		</property>

src/test/resources/jp/sf/fess/crypto/cipher.dicon

@@ -1,8 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE components PUBLIC "-//SEASAR//DTD S2Container 2.4//EN"
-	"http://www.seasar.org/dtd/components24.dtd">
-<components>
-	<component name="fessCipher" class="jp.sf.fess.crypto.FessCipher">
-		<property name="key">"change_me"</property>
-	</component>
-</components>

src/test/resources/jp/sf/fess/helper/query.dicon

@@ -5,7 +5,7 @@
 	<component name="queryHelper" class="jp.sf.fess.helper.impl.QueryHelperImpl">
 	</component>
 
- 	<component name="fessCipher" class="jp.sf.fess.crypto.FessCipher">
+ 	<component name="cipher" class="org.codelibs.core.crypto.CachedCipher">
 		<property name="key">"1234567890123456"</property>
 	</component>