Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-181: Remove acegifier application.

This commit is contained in:
Luke Taylor 2007-07-24 18:20:22 +00:00
parent ea42164af2
commit 156965b370
15 changed files with 0 additions and 1241 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
samples/acegifier/.cvsignore
View File

@ -1 +0,0 @@
target

52
samples/acegifier/pom.xml
View File

@ -1,52 +0,0 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.acegisecurity</groupId>
<artifactId>acegi-security-samples-acegifier</artifactId>
<packaging>war</packaging>
<name>acegi-security-samples-acegifier</name>
<parent>
<groupId>org.acegisecurity</groupId>
<artifactId>acegi-security-samples</artifactId>
<version>1.0.5-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
<groupId>org.acegisecurity</groupId>
<artifactId>acegi-security</artifactId>
<version>${pom.version}</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>2.0.4</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.4</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>dom4j</groupId>
<artifactId>dom4j</artifactId>
<version>1.6</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>jaxen</groupId>
<artifactId>jaxen</artifactId>
<version>1.1-beta-8</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>freemarker</groupId>
<artifactId>freemarker</artifactId>
<version>2.3.4</version>
<type>jar</type>
</dependency>
</dependencies>
</project>

45
samples/acegifier/project.xml
View File

@ -1,45 +0,0 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<project>
<extend>${basedir}/../project.xml</extend>
<pomVersion>3</pomVersion>
<artifactId>acegi-security-sample-acegifier</artifactId>
<name>Acegi Security System for Spring - Acegifier sample</name>
<siteDirectory>/home/groups/a/ac/acegisecurity/htdocs/multiproject/acegi-security-sample-acegifier</siteDirectory>
<repository>
<connection>scm:svn:https://acegisecurity.svn.sourceforge.net/svnroot/acegisecurity/trunk/acegisecurity</connection>
<developerConnection>scm:svn:https://acegisecurity.svn.sourceforge.net/svnroot/acegisecurity/trunk/acegisecurity</developerConnection>
<url>http://acegisecurity.svn.sourceforge.net/viewcvs.cgi/acegisecurity/trunk/acegisecurity/samples/acegifier/</url>
</repository>
<dependencies>
<dependency>
<groupId>dom4j</groupId>
<artifactId>dom4j</artifactId>
<version>1.6</version>
<type>jar</type>
<url>http://www.dom4j.org</url>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<groupId>jaxen</groupId>
<artifactId>jaxen</artifactId>
<version>1.1-beta-8</version>
<type>jar</type>
<url>http://www.jaxen.org</url>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<groupId>freemarker</groupId>
<artifactId>freemarker</artifactId>
<version>2.3.4</version>
<type>jar</type>
<url>http://www.freemarker.org/</url>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
</dependencies>
</project>

144
samples/acegifier/src/main/java/acegifier/WebXmlConverter.java
View File

@ -1,144 +0,0 @@
package acegifier;
import java.io.IOException;
import java.io.InputStream;
import java.util.List;
import javax.xml.transform.Source;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerConfigurationException;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.stream.StreamSource;
import org.dom4j.Document;
import org.dom4j.DocumentException;
import org.dom4j.DocumentHelper;
import org.dom4j.Node;
import org.dom4j.io.DocumentResult;
import org.dom4j.io.DocumentSource;
import org.dom4j.io.SAXReader;
import org.springframework.core.io.ClassPathResource;
import org.springframework.util.Assert;
/**
* A utility to translate a web.xml file into a set of acegi security spring beans.
*
* <p>
* Also produces a new "acegified" web.xml file with the necessary filters installed
* and the security elements defined by the servlet DTD removed.
*
* <p>
* This class wraps the XSL transform which actually does most of the work.
* </p>
*
* @author Luke Taylor
* @version $Id$
*/
public class WebXmlConverter {
private static final String WEB_TO_SPRING_XSL_FILE = "web-to-spring.xsl";
private static final String NEW_WEB_XSLT_FILE = "acegi-web.xsl";
private Transformer acegiSecurityTransformer, newWebXmlTransformer;
/**
* The name of the spring-beans file which the beans will be stored in.
* This is required when writing the new web.xml content.
*/
private String acegiOutputFileName = "applicationContext-acegi-security.xml";
/** The web.xml content to be converted */
private Source xmlSource;
/** The results of the conversion */
private Document newWebXml, acegiBeansXml;
public WebXmlConverter() throws IOException, TransformerConfigurationException {
TransformerFactory tf = TransformerFactory.newInstance();
Source source = createTransformerSource(WEB_TO_SPRING_XSL_FILE);
System.out.println("1");
acegiSecurityTransformer = tf.newTransformer(source);
System.out.println("2");
newWebXmlTransformer = tf.newTransformer(createTransformerSource(NEW_WEB_XSLT_FILE));
System.out.println("3");
}
private Source createTransformerSource(String fileName) throws IOException {
ClassPathResource resource = new ClassPathResource(fileName);
Source source = new StreamSource(resource.getInputStream());
return source;
}
/**
* Performs the transformations on the input source.
* Creates new web.xml content and a set of acegi-security Spring beans which can be
* accessed through the appropriate getter methods.
*/
public void doConversion() throws IOException, TransformerException {
Assert.notNull(xmlSource, "The XML input must be set");
// Create the modified web.xml file
newWebXmlTransformer.setParameter("acegi-security-context-file", acegiOutputFileName);
// newWebXmlTransformer.setParameter("cas-proxy-url", "http://localhost:8433/cas/proxy");
DocumentResult result = new DocumentResult();
newWebXmlTransformer.transform(xmlSource, result);
newWebXml = result.getDocument();
result = new DocumentResult();
acegiSecurityTransformer.transform(xmlSource, result);
acegiBeansXml = result.getDocument();
}
/** Set the input as an xml string */
public void setInput(String xml) throws DocumentException {
setInput(DocumentHelper.parseText(xml));
}
/** Set the input as a stream */
public void setInput(InputStream in) throws DocumentException {
SAXReader reader = new SAXReader();
setInput(reader.read(in));
}
/** set the input as a dom4j document */
public void setInput(Document document) throws DocumentException {
validateWebXml(document);
xmlSource = new DocumentSource(document);
}
/** Checks the web.xml to make sure it contains correct data */
private void validateWebXml(Document document) throws DocumentException {
Node authMethodNode =
document.selectSingleNode("/web-app/login-config/auth-method");
if (authMethodNode == null)
throw new DocumentException("login-config and auth-method must be present");
String authMethod = authMethodNode.getStringValue().toUpperCase();
if (!authMethod.equals("BASIC") && !authMethod.equals("FORM")) {
throw new DocumentException("unsupported auth-method: " + authMethod);
}
List roles = document.selectNodes("/web-app/security-role");
if (roles.isEmpty()) {
throw new DocumentException("Each role used must be defined in a security-role element");
}
}
public String getAcegiOutputFileName() {
return acegiOutputFileName;
}
public void setAcegiOutputFileName(String acegiOutputFileName) {
this.acegiOutputFileName = acegiOutputFileName;
}
/** Returns the converted web.xml content */
public Document getNewWebXml() {
return newWebXml;
}
/**
* Returns the created spring-beans xml content which should be used in
* the application context file.
*/
public Document getAcegiBeans() {
return acegiBeansXml;
}
}

158
samples/acegifier/src/main/java/acegifier/web/AcegifierController.java
View File

@ -1,158 +0,0 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package acegifier.web;
import acegifier.WebXmlConverter;
import org.acegisecurity.util.FilterChainProxy;
import org.acegisecurity.util.InMemoryResource;
import org.dom4j.Document;
import org.dom4j.DocumentException;
import org.dom4j.io.OutputFormat;
import org.dom4j.io.XMLWriter;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.support.DefaultListableBeanFactory;
import org.springframework.beans.factory.xml.XmlBeanDefinitionReader;
import org.springframework.validation.BindException;
import org.springframework.validation.Errors;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.SimpleFormController;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.transform.TransformerException;
/**
* Takes a submitted web.xml, applies the transformer to it and returns the resulting modified web.xml and
* acegi-app-context.xml file contents.
*
* @author Luke Taylor
* @version $Id$
*/
public class AcegifierController extends SimpleFormController {
//~ Constructors ===================================================================================================
public AcegifierController() {}
//~ Methods ========================================================================================================
/**
* Creates a BeanFactory from the spring beans XML document
*
* @param beans DOCUMENT ME!
*
* @return DOCUMENT ME!
*/
private DefaultListableBeanFactory createBeanFactory(Document beans) {
DefaultListableBeanFactory bf = new DefaultListableBeanFactory();
XmlBeanDefinitionReader beanReader = new XmlBeanDefinitionReader(bf);
beanReader.loadBeanDefinitions(new InMemoryResource(beans.asXML().getBytes()));
return bf;
}
public ModelAndView onSubmit(HttpServletRequest request, HttpServletResponse response, Object command,
BindException errors) throws Exception {
AcegifierForm conversion = (AcegifierForm) command;
WebXmlConverter converter = new WebXmlConverter();
int nBeans = 0;
Document newWebXml = null;
Document acegiBeans = null;
try {
converter.setInput(conversion.getWebXml());
converter.doConversion();
newWebXml = converter.getNewWebXml();
acegiBeans = converter.getAcegiBeans();
nBeans = validateAcegiBeans(conversion, acegiBeans, errors);
} catch (DocumentException de) {
errors.rejectValue("webXml", "webXmlDocError", "There was a problem with your web.xml: " + de.getMessage());
} catch (TransformerException te) {
errors.rejectValue("webXml", "transFailure",
"There was an error during the XSL transformation: " + te.getMessage());
}
if (errors.hasErrors()) {
return showForm(request, response, errors);
}
Map model = new HashMap();
model.put("webXml", prettyPrint(newWebXml));
model.put("acegiBeansXml", prettyPrint(acegiBeans));
model.put("nBeans", new Integer(nBeans));
return new ModelAndView("acegificationResults", model);
}
/**
* Creates a formatted XML string from the supplied document
*
* @param document DOCUMENT ME!
*
* @return DOCUMENT ME!
*
* @throws IOException DOCUMENT ME!
*/
private String prettyPrint(Document document) throws IOException {
ByteArrayOutputStream output = new ByteArrayOutputStream();
OutputFormat format = OutputFormat.createPrettyPrint();
format.setTrimText(false);
XMLWriter writer = new XMLWriter(output, format);
writer.write(document);
writer.flush();
writer.close();
return output.toString();
}
/**
* Validates the acegi beans, based on the input form data, and returns the number of spring beans defined
* in the document.
*
* @param conversion DOCUMENT ME!
* @param beans DOCUMENT ME!
* @param errors DOCUMENT ME!
*
* @return DOCUMENT ME!
*/
private int validateAcegiBeans(AcegifierForm conversion, Document beans, Errors errors) {
DefaultListableBeanFactory bf = createBeanFactory(beans);
//TODO: actually do some proper validation!
try {
bf.getBean("filterChainProxy", FilterChainProxy.class);
} catch (BeansException be) {
errors.rejectValue("webXml", "beansInvalid",
"There was an error creating or accessing the bean factory " + be.getMessage());
}
return bf.getBeanDefinitionCount();
}
}

38
samples/acegifier/src/main/java/acegifier/web/AcegifierForm.java
View File

@ -1,38 +0,0 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package acegifier.web;
/**
* Form backing object for the Acegifier controller.
*
* @author Luke Taylor
* @version $Id$
*/
public class AcegifierForm {
//~ Instance fields ================================================================================================
private String webXml;
//~ Methods ========================================================================================================
public String getWebXml() {
return webXml;
}
public void setWebXml(String webXml) {
this.webXml = webXml;
}
}

118
samples/acegifier/src/main/resources/acegi-web.xsl
View File

@ -1,118 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
| XSL Sheet used by the web.xml to acegi-security beans converter
| to create the new acegified web.xml.
| $Id$
-->
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
<!-- The CAS proxy url (left empty if not to be used) -->
<xsl:param name="cas-proxy-url"/>
<!-- The acegi context file name - used in the -->
<xsl:param name="acegi-security-context-file" select="'applicationContext-acegi-security.xml'"/>
<xsl:output doctype-public="-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
doctype-system="http://java.sun.com/dtd/web-app_2_3.dtd"
indent="yes"/>
<!-- Identity template which we override for specific cases -->
<xsl:template match="@*|node()">
<xsl:copy>
<xsl:apply-templates select="@*|node()"/>
</xsl:copy>
</xsl:template>
<xsl:template match="web-app">
<web-app>
<xsl:apply-templates select="icon|display-name|description|distributable"/>
<xsl:apply-templates select="context-param"/>
<xsl:call-template name="insert-spring-context-param"/>
<xsl:if test="$cas-proxy-url">
<!-- Required for CAS ProxyTicketReceptor servlet. This is the
URL to CAS' "proxy" actuator, where a PGT and TargetService can
be presented to obtain a new proxy ticket. THIS CAN BE
REMOVED IF THE APPLICATION DOESN'T NEED TO ACT AS A PROXY -->
<context-param>
<param-name>edu.yale.its.tp.cas.proxyUrl</param-name>
<param-value><xsl:value-of select="$cas-proxy-url"/></param-value>
</context-param>
<xsl:text>&#xA;&#xA;</xsl:text>
</xsl:if>
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<xsl:text>&#xA;&#xA;</xsl:text>
<xsl:apply-templates select="filter"/>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<xsl:text>&#xA;&#xA;</xsl:text>
<xsl:apply-templates select="filter-mapping"/>
<!-- Only add a spring context loader listener if there isn't one there already -->
<xsl:if test="not(./listener/listener-class[string()='org.springframework.web.context.ContextLoaderListener'])">
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<xsl:text>&#xA;&#xA;</xsl:text>
</xsl:if>
<xsl:apply-templates select="listener"/>
<!-- Run any remaining non-security elements through the identity template -->
<xsl:apply-templates select="servlet|servlet-mapping|session-config|mime-mapping|welcome-file-list|error-page|taglib|resource-env-ref|resource-ref|env-entry|ejb-ref|ejb-local-ref"/>
</web-app>
</xsl:template>
<!--
| Looks for the case where we have an existing Spring context and appends
| the acegi file to the list of app. context files. Otherwise just copies the contents.
-->
<xsl:template match="context-param">
<context-param>
<xsl:choose>
<xsl:when test="./param-name = 'contextConfigLocation'">
<param-name>contextConfigLocation</param-name>
<param-value>
<xsl:value-of select="./param-value"/>
<xsl:value-of select="concat(' /WEB-INF/',$acegi-security-context-file)"/><xsl:text>&#xA; </xsl:text>
</param-value>
</xsl:when>
<xsl:otherwise>
<xsl:apply-templates />
</xsl:otherwise>
</xsl:choose>
</context-param>
<xsl:text>&#xA;&#xA;</xsl:text>
</xsl:template>
<!--
| Inserts a Spring config location context-param if one doesn't already exist.
| If there is one, do nothing as it will be handled by the context-param template above.
-->
<xsl:template name="insert-spring-context-param">
<xsl:if test="not(./context-param/param-name[string() = 'contextConfigLocation'])">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
<xsl:value-of select="concat('/WEB-INF/',$acegi-security-context-file)"/><xsl:text>&#xA;</xsl:text>
</param-value>
</context-param>
<xsl:text>&#xA;&#xA;</xsl:text>
</xsl:if>
</xsl:template>
</xsl:stylesheet>

302
samples/acegifier/src/main/resources/web-to-spring.xsl
View File

@ -1,302 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
| XSL Sheet used by the web.xml to acegi-security beans converter
| $Id$
-->
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
<xsl:output doctype-public="-//SPRING//DTD BEAN//EN"
doctype-system="http://www.springframework.org/dtd/spring-beans.dtd"
indent="no"/>
<!-- Variables for case conversions -->
<xsl:variable name="lowercase" select="'abcdefghijklmnopqrstuvwxyz'"/>
<xsl:variable name="uppercase" select="'ABCDEFGHIJKLMNOPQRSTUVWXYZ'"/>
<xsl:variable name="welcome-files" select="web-app/welcome-file-list/welcome-file"/>
<!-- Convert the auth-method content to upper case -->
<xsl:variable name="auth-method" select="translate(string(web-app/login-config/auth-method), $lowercase, $uppercase)"/>
<!--
| Find the security-role elements in the file and uses them to build a list of
| all defined roles.
-->
<xsl:variable name="all-roles">
<xsl:for-each select="web-app/security-role/role-name">
<xsl:text>ROLE_</xsl:text>
<xsl:value-of select="translate(string(), $lowercase, $uppercase)"/>
<xsl:if test="position() != last()">,</xsl:if>
</xsl:for-each>
</xsl:variable>
<!--
| The list of filters for use in filterToBeanProxy
-->
<xsl:variable name="filter-list">
<xsl:text>/**=httpSessionContextIntegrationFilter</xsl:text>
<xsl:choose>
<xsl:when test="$auth-method = 'FORM'">
<xsl:text>,authenticationProcessingFilter</xsl:text>
</xsl:when>
<xsl:when test="$auth-method = 'BASIC'">
<xsl:text>,basicProcessingFilter</xsl:text>
</xsl:when>
<xsl:otherwise>
<xsl:message terminate="yes">Unsupported auth-method in web.xml, must be FORM or BASIC</xsl:message>
</xsl:otherwise>
</xsl:choose>
<xsl:text>,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor</xsl:text>
</xsl:variable>
<!--
| The main template (where the processing work starts)
-->
<xsl:template match = "web-app">
<beans>
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basename"><value>messages</value></property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<xsl:call-template name="filter-to-bean-proxy"/>
<xsl:call-template name="authentication-beans"/>
<xsl:apply-templates select="./login-config"/>
<xsl:call-template name="filter-invocation-interceptor"/>
</beans>
</xsl:template>
<!--
| Mainly static set of beans. The InMemoryDaoImpl instance is created with a single user
| called "superuser" who has all the defined roles in the web.xml file.
-->
<xsl:template name="authentication-beans">
<xsl:comment>======================== AUTHENTICATION =======================</xsl:comment>
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="messageSource"><ref local="messageSource"/></property>
<property name="providers">
<list>
<ref local="daoAuthenticationProvider"/>
<ref local="anonymousAuthenticationProvider"/>
<ref local="rememberMeAuthenticationProvider"/>
</list>
</property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="messageSource"><ref local="messageSource"/></property>
<property name="userDetailsService"><ref local="inMemoryDaoImpl"/></property>
<!-- property name="userCache"><ref local="userCache"/></property-->
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
<property name="userMap">
<value>
superuser=password,<xsl:value-of select="$all-roles"/>
<xsl:text>&#xA; </xsl:text>
</value>
</property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key"><value>foobar</value></property>
<property name="userAttribute"><value>anonymousUser,ROLE_ANONYMOUS</value></property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
<property name="messageSource"><ref local="messageSource"/></property>
<property name="key"><value>foobar</value></property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
<xsl:text>&#xA;&#xA;</xsl:text>
<bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
<property name="rememberMeServices"><ref local="rememberMeServices"/></property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
<property name="userDetailsService"><ref local="inMemoryDaoImpl"/></property>
<property name="key"><value>springRocks</value></property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
<property name="messageSource"><ref local="messageSource"/></property>
<property name="key"><value>springRocks</value></property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
</xsl:template>
<!--
| Processes the login-config definition and inserts the ExceptionTranslationFilter with
| the appropriate beans for either form or basic authentication.
-->
<xsl:template match="login-config">
<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<xsl:choose>
<xsl:when test="$auth-method = 'FORM'">
<ref local="authenticationProcessingFilterEntryPoint"/>
</xsl:when>
<xsl:when test="$auth-method = 'BASIC'">
<ref local="basicProcessingFilterEntryPoint"/>
</xsl:when>
</xsl:choose>
</property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<xsl:choose>
<xsl:when test="$auth-method = 'FORM'">
<xsl:call-template name="form-login"/>
</xsl:when>
<xsl:when test="$auth-method = 'BASIC'">
<bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
<property name="authenticationManager"><ref local="authenticationManager"/></property>
<property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
<property name="realmName"><value>Your Realm</value></property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
</xsl:when>
</xsl:choose>
</xsl:template>
<!--
| Converts a form login configuration to an Acegi AuthenticationProcessingFilter and its entry point.
| The content of the form-login-page element is used for the loginFormUrl property of the entry point
| and the form-error-page is used for the authenticationFailureUrl property of the filter.
|
| The user must manually change the form Url to "j_acegi_security_check" in their login page.
-->
<xsl:template name="form-login">
<xsl:comment>Make sure that these properties match your setup. In particular, remember to switch your login
form action from "j_security_check" to "j_acegi_security_check"
</xsl:comment>
<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="authenticationFailureUrl"><value><xsl:value-of select="form-login-config/form-error-page"/></value></property>
<property name="defaultTargetUrl"><value>/</value></property>
<property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
<property name="rememberMeServices"><ref local="rememberMeServices"/></property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl"><value><xsl:value-of select="form-login-config/form-login-page"/></value></property>
<property name="forceHttps"><value>false</value></property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
</xsl:template>
<!--
| Outputs a standard filterToBeanProxy bean.
-->
<xsl:template name="filter-to-bean-proxy">
<xsl:comment>======================== FILTER CHAIN =======================</xsl:comment>
<xsl:comment>if you wish to use channel security, add "channelProcessingFilter," in front
of "httpSessionContextIntegrationFilter" in the list below</xsl:comment>
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
<xsl:value-of select="$filter-list"/>
<xsl:text>&#xA; </xsl:text>
</value>
</property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
</xsl:template>
<xsl:template name="filter-invocation-interceptor">
<bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
<property name="messageSource"><ref local="messageSource"/></property>
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
<property name="decisionVoters">
<list>
<ref bean="roleVoter"/>
</list>
</property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
<xsl:comment>An access decision voter that reads ROLE_* configuration settings</xsl:comment>
<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>
<xsl:text>&#xA;&#xA;</xsl:text>
<xsl:comment>
Note the order that entries are placed against the objectDefinitionSource is critical.
The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last.
We also include ROLE_ANONYMOUS (the anonymous role) for web.xml role-names of "*". This is obviously different from the
original intention but there isn't a direct mapping to the acegi way of doing things. You should modify the permissions as required,
removing anonymous access where necessary.
</xsl:comment>
<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="messageSource"><ref local="messageSource"/></property>
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
<property name="objectDefinitionSource">
<value>
<xsl:text>&#xA; CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON</xsl:text>
<xsl:text>&#xA; PATTERN_TYPE_APACHE_ANT</xsl:text>
<xsl:apply-templates select="security-constraint"/>
<xsl:text>&#xA; /*=ROLE_ANONYMOUS</xsl:text> <!-- by default allow anonymous access to top level urls -->
<xsl:text>&#xA; </xsl:text>
</value>
</property>
</bean>
<xsl:text>&#xA;&#xA;</xsl:text>
</xsl:template>
<!--
| Converts a security-constraint (a url-pattern and the associated role-name elements)
| to the form
| antUrlPattern=list of allowed roles
| Roles are converted to upper case and have the "ROLE_" prefix appended.
|
| In the case of role-name='*', signifying "any authenticated role", the complete list of roles
| defined in the web.xml file is used along with the anonymous role - so *unauthenticated* users can
| access the url.
|
| URLs which end in a wild card, will be converted to end in the recursive path version '**',
| e.g. /private/* becomes /private/**
-->
<xsl:template match="security-constraint">
<xsl:variable name="url" select="web-resource-collection/url-pattern"/>
<xsl:text>&#xA; </xsl:text>
<xsl:value-of select="$url"/>
<xsl:if test="substring($url, string-length($url)) = '*'">*</xsl:if>
<xsl:text>=</xsl:text>
<xsl:for-each select="./auth-constraint/role-name">
<xsl:choose>
<xsl:when test="string() = '*'">
<xsl:text>ROLE_ANONYMOUS,</xsl:text>
<xsl:value-of select="$all-roles"/>
</xsl:when>
<xsl:otherwise>
<xsl:text>ROLE_</xsl:text>
<xsl:value-of select="translate(string(), $lowercase, $uppercase)"/>
</xsl:otherwise>
</xsl:choose>
<xsl:if test="position() != last()">,</xsl:if>
</xsl:for-each>
</xsl:template>
</xsl:stylesheet>

56
samples/acegifier/src/main/webapp/WEB-INF/acegifier-servlet.xml
View File

@ -1,56 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
| Spring web setup for the acegifier.
|
| $Id$
-->
<beans>
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basename"><value>messages</value></property>
</bean>
<bean id="conversionController" class="acegifier.web.AcegifierController">
<property name="formView" value="acegificationForm" />
<property name="commandClass" value="acegifier.web.AcegifierForm"/>
</bean>
<bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="mappings">
<props>
<prop key="/convert.htm">conversionController</prop>
</props>
</property>
</bean>
<!--
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix"><value>/WEB-INF/jsp/</value></property>
<property name="suffix"><value>.jsp</value></property>
</bean>
-->
<bean
id="freemarkerConfig"
class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer">
<property name="templateLoaderPath"><value>/WEB-INF/freemarker/</value></property>
<property name="freemarkerVariables">
<map>
<entry key="xml_escape"><ref local="fmXmlEscape"/></entry>
</map>
</property>
</bean>
<bean id="fmXmlEscape" class="freemarker.template.utility.XmlEscape"/>
<bean
id="viewResolver"
class="org.springframework.web.servlet.view.freemarker.FreeMarkerViewResolver">
<property name="exposeSpringMacroHelpers"><value>true</value></property>
<property name="cache"><value>true</value></property>
<property name="prefix"><value></value></property>
<property name="suffix"><value>.ftl</value></property>
</bean>
</beans>

7
samples/acegifier/src/main/webapp/WEB-INF/applicationContext.xml
View File

@ -1,7 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
</beans>

20
samples/acegifier/src/main/webapp/WEB-INF/freemarker/acegificationForm.ftl
View File

@ -1,20 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<#import "spring.ftl" as spring />
<html>
<head>
<title>Acegi Security Web.xml Converter</title>
</head>
<body>
<form method="POST">
<@spring.bind "command.webXml" />
<textarea name="webXml" rows="40" cols="80">${spring.status.value?default("Paste your web.xml here.")}</textarea>
<br />
<@spring.showErrors "<br />"/>
<input type="submit" value="Convert"/>
</form>
</body>
</html>

39
samples/acegifier/src/main/webapp/WEB-INF/freemarker/acegificationResults.ftl
View File

@ -1,39 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Acegi Security Web.xml Converter</title>
</head>
<body>
<p>Congratulations! Your web.xml file has been "Acegified" successfully.</p>
<h2>Web.xml</h2>
<p>
This is the converted web.xml file which you should use in your Acegi-Secured
Spring application. It should contain the mechanism for loading the Spring application
context file which defines your security configuration as well as the
necessary filters to apply this configuration.
</p>
<pre>
${webXml?xml}
</pre>
<h2>Acegi Security Beans</h2>
<p>
This is the file which defines your security configuration (a standard Spring
application context file). It should be named "applicationContext-acegi-security.xml"
and placed in your WEB-INF directory.
</p>
<pre>
${acegiBeansXml?xml}
</pre>
<p>Note that these files may require some manual changes before they work as expected and are
intended as a guide only :).</p>
</body>
</html>

51
samples/acegifier/src/main/webapp/WEB-INF/web.xml
View File

@ -1,51 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" >
<display-name>Acegifier Application</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
</param-value>
</context-param>
<!--
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
-->
<welcome-file-list>
<welcome-file>/convert.htm</welcome-file>
</welcome-file-list>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!--
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
-->
<servlet>
<servlet-name>acegifier</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>acegifier</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
</web-app>

102
samples/acegifier/src/test/java/acegifier/WebXmlConverterTests.java
View File

@ -1,102 +0,0 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package acegifier;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import junit.framework.TestCase;
import org.dom4j.Document;
import org.dom4j.io.OutputFormat;
import org.dom4j.io.XMLWriter;
/**
* Tests the WebXmlConverter by applying it to a sample web.xml file.
*
* @author Luke Taylor
* @version $Id$
*/
public class WebXmlConverterTests extends TestCase {
private static final String XML_TRANSFORMER = "javax.xml.transform.TransformerFactory";
public void testFileConversion() throws Exception {
/*
THIS TEST HAS BEEN DISABLED AS IT BREAKS THE BUILD (see SEC-181 for details)
WebXmlConverter converter;
try {
converter = new WebXmlConverter();
} catch (Exception e) {
// TODO: Something went wrong, set transforer manually and retry...
System.out.println("**** WARNING: NEEDING TO FALLBACK TO A MANUAL SYSTEM PROPERTY ****");
System.setProperty(XML_TRANSFORMER, "com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl");
System.out.println(XML_TRANSFORMER + ": " + System.getProperty(XML_TRANSFORMER));
converter = new WebXmlConverter();
}
Resource r = new ClassPathResource("test-web.xml");
converter.setInput(r.getInputStream());
converter.doConversion();
DefaultListableBeanFactory bf = new DefaultListableBeanFactory();
XmlBeanDefinitionReader beanReader = new XmlBeanDefinitionReader(bf);
beanReader.loadBeanDefinitions(
new InMemoryResource(converter.getAcegiBeans().asXML().getBytes()));
assertNotNull(bf.getBean("filterChainProxy"));
ProviderManager pm = (ProviderManager) bf.getBean("authenticationManager");
assertNotNull(pm);
assertEquals(3, pm.getProviders().size());
DaoAuthenticationProvider dap =
(DaoAuthenticationProvider) bf.getBean("daoAuthenticationProvider");
assertNotNull(dap);
InMemoryDaoImpl dao = (InMemoryDaoImpl) dap.getUserDetailsService();
UserDetails user = dao.loadUserByUsername("superuser");
assertEquals("password",user.getPassword());
assertEquals(2, user.getAuthorities().length);
assertNotNull(bf.getBean("anonymousProcessingFilter"));
assertNotNull(bf.getBean("anonymousAuthenticationProvider"));
assertNotNull(bf.getBean("httpSessionContextIntegrationFilter"));
assertNotNull(bf.getBean("rememberMeProcessingFilter"));
assertNotNull(bf.getBean("rememberMeAuthenticationProvider"));
ExceptionTranslationFilter etf =
(ExceptionTranslationFilter) bf.getBean("exceptionTranslationFilter");
assertNotNull(etf);
assertNotNull(etf.getAuthenticationEntryPoint());
System.out.println(prettyPrint(converter.getNewWebXml()));
System.out.println(prettyPrint(converter.getAcegiBeans()));
*/
}
private String prettyPrint(Document document) throws IOException {
ByteArrayOutputStream output = new ByteArrayOutputStream();
OutputFormat format = OutputFormat.createPrettyPrint();
format.setNewlines(true);
format.setTrimText(false);
XMLWriter writer = new XMLWriter(output, format);
writer.write(document);
writer.flush();
writer.close();
return output.toString();
}
}

108
samples/acegifier/src/test/resources/test-web.xml
View File

@ -1,108 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<display-name>Contacts Sample Application</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-common-business.xml
/WEB-INF/applicationContext-common-authorization.xml
</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<servlet>
<servlet-name>contacts</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!--
The HttpSessionEventPublisher will publish
HttpSessionCreatedEvent and HttpSessionDestroyedEvent
to the WebApplicationContext
-->
<listener>
<listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
</listener>
<!--
- Provides web services endpoint. See remoting-servlet.xml.
-->
<servlet>
<servlet-name>remoting</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<url-pattern>/index.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<url-pattern>/hello.htm</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<url-pattern>/logoff.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>form</auth-method>
<form-login-config>
<form-login-page>/acegilogin.jsp</form-login-page>
<form-error-page>/acegilogin.jsp?login_error=1</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>user</role-name>
</security-role>
<security-role>
<role-name>dummy</role-name>
</security-role>
</web-app>