Add new Petclinic tutorial.
This commit is contained in:
Ben Alex
parent
4fd3693df0
commit
1849597775
|
|
@ -38,6 +38,7 @@
|
|||
<item name="Reference Guide" href="reference.html"/>
|
||||
<item name="Sample SQL Schema" href="dbinit.txt"/>
|
||||
<item name="FAQ" href="faq.html"/>
|
||||
<item name="Petclinic Tutorial" href="petclinic-tutorial.html"/>
|
||||
<item name="External Web Articles" href="articles.html"/>
|
||||
<item name="Products using Acegi" href="powering.html"/>
|
||||
<item name="Use without Spring" href="standalone.html"/>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,149 @@
|
|||
<html>
|
||||
<head>
|
||||
<title>Tutorial: Adding Security to Spring Petclinic</title>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<h1>Tutorial: Adding Security to Spring Petclinic</h1>
|
||||
<h2>Background requirements</h2>
|
||||
|
||||
<p>To complete this tutorial, you will require a servlet container (such as Tomcat)
|
||||
and a general understanding of using Spring without Acegi Security. The Petclinic
|
||||
sample itself is part of Spring and should help you learn Spring. We suggest you
|
||||
only try to learn one thing at a time, and start with Spring/Petclinic before
|
||||
Acegi Security.
|
||||
</p>
|
||||
|
||||
<h2>Download</h2>
|
||||
<ul>
|
||||
<li>Spring 2.0 M4 with dependencies ZIP file</li>
|
||||
<li>Acegi Security 1.0.0</li>
|
||||
</ul>
|
||||
|
||||
<p>
|
||||
Unzip both files. After unzipping Acegi Security, you'll need to unzip the
|
||||
acegi-security-sample-tutorial.war file, because we need some files that are
|
||||
included within it. In the code below, we'll refer to the respective unzipped
|
||||
locations as %spring% and %acegi% (with the latter variable referring to the
|
||||
unzipped WAR, not the original ZIP). There is no need to setup any environment
|
||||
variables to complete the tutorial.
|
||||
</p>
|
||||
|
||||
<h2>Setup database</h2>
|
||||
|
||||
<p>Start the Hypersonic server (this is just normal Petclinic configuration):
|
||||
<pre>
|
||||
cd %spring%\samples\petclinic\db\hsqldb
|
||||
server
|
||||
</pre>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
Insert some data (again, normal Petclinic configuration):
|
||||
<pre>
|
||||
cd %spring%\samples\petclinic
|
||||
build setupDB
|
||||
</pre>
|
||||
</p>
|
||||
|
||||
<h2>Setup Petclinic's web.xml</h2>
|
||||
|
||||
<p>Edit %spring%\samples\petclinic\war\WEB-INF\web.xml and insert the following block of code.
|
||||
<pre>
|
||||
<filter>
|
||||
<filter-name>Acegi Filter Chain Proxy</filter-name>
|
||||
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
|
||||
<init-param>
|
||||
<param-name>targetClass</param-name>
|
||||
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>Acegi Filter Chain Proxy</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
</pre>
|
||||
Next, locate the "contextConfigLocation" parameter, and add a new line into the existing param-value.
|
||||
The resulting block will look like this:
|
||||
<pre>
|
||||
<context-param>
|
||||
<param-name>contextConfigLocation</param-name>
|
||||
<param-value>
|
||||
/WEB-INF/applicationContext-jdbc.xml
|
||||
/WEB-INF/applicationContext-acegi-security.xml
|
||||
</param-value>
|
||||
</context-param>
|
||||
</pre>
|
||||
</p>
|
||||
|
||||
<h2>Add the necessary files</h2>
|
||||
|
||||
<p>
|
||||
We now need to put some extra files into Petclinic. The following commands should work:
|
||||
<pre>
|
||||
copy %acegi%\acegilogin.jsp %spring%\samples\petclinic\war
|
||||
copy %acegi%\WEB-INF\users.properties %spring%\samples\petclinic\war\WEB-INF
|
||||
copy %acegi%\WEB-INF\applicationContext-acegi-security.xml %spring%\samples\petclinic\war\WEB-INF
|
||||
copy %acegi%\WEB-INF\lib\acegi-security-1.0.0.jar %spring%\samples\petclinic\war\WEB-INF\lib
|
||||
copy %acegi%\WEB-INF\lib\oro-2.0.8.jar %spring%\samples\petclinic\war\WEB-INF\lib
|
||||
copy %acegi%\WEB-INF\lib\commons-codec-1.3.jar %spring%\samples\petclinic\war\WEB-INF\lib
|
||||
</pre>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
To make it easier to experiment with the application, let's edit
|
||||
%spring%\samples\petclinic\war\WEB-INF\jsp\footer.jsp. Add a new "logout" link, as shown:
|
||||
<pre>
|
||||
<table style="width:100%"><tr>
|
||||
<td><A href="<c:url value="/welcome.htm"/>">Home</A></td>
|
||||
<td><A href="<c:url value="/j_acegi_logout"/>">Logout</A></td>
|
||||
<td style="text-align:right;color:silver">PetClinic :: a Spring Framework demonstration</td>
|
||||
</tr></table>
|
||||
|
||||
</pre>
|
||||
|
||||
</p>
|
||||
|
||||
<h2>Modify the allowed URLs</h2>
|
||||
|
||||
<p>
|
||||
Our last step is to specify which URLs require authorization and which do not. Let's
|
||||
edit %spring%\samples\petclinic\war\WEB-INF\applicationContext-acegi-security.xml.
|
||||
Scroll to the bottom and locate the bean definition for FilterSecurityInterceptor.
|
||||
Edit its objectDefinitionSource property so that it reflects the following:
|
||||
<pre>
|
||||
<property name="objectDefinitionSource">
|
||||
<value>
|
||||
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
|
||||
PATTERN_TYPE_APACHE_ANT
|
||||
/acegilogin.jsp=IS_AUTHENTICATED_ANONYMOUSLY
|
||||
/**=IS_AUTHENTICATED_REMEMBERED
|
||||
</value>
|
||||
</property>
|
||||
</pre>
|
||||
</p>
|
||||
|
||||
<h2>Build and deploy the Petclinic WAR file</h2>
|
||||
|
||||
<p>
|
||||
Use the Ant build and deploy to your servlet container:
|
||||
<pre>
|
||||
cd %spring%\samples\petclinic
|
||||
build warfile
|
||||
copy dist\petclinic.war %TOMCAT_HOME%\webapps
|
||||
</pre>
|
||||
</p>
|
||||
|
||||
<p>Finally, start your container and try to visit the home page.
|
||||
Your request should be intercepted and you will be forced to login.</p>
|
||||
|
||||
<h2>What now?</h2>
|
||||
<p>
|
||||
These steps can be applied to your own application. Although we do suggest
|
||||
that you visit <a href="http://acegisecurity.org">http://acegisecurity.org</a>
|
||||
and in particular review the "Suggested Steps" for getting started with Acegi
|
||||
Security.</p>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
|
@ -36,7 +36,16 @@
|
|||
ZIP file. The sample doesn't do a great deal, but it does give you a template that can
|
||||
be quickly and easily used to integrate into your own project.<br><br>
|
||||
|
||||
Estimated time: 30 minutes - 2 hours.<br><br>
|
||||
Estimated time: 30 minutes.<br><br>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
Next, follow the <a href="petclinic-tutorial.html">Petclinic tutorial</a>, which
|
||||
covers how to add Acegi Security to the commonly-used Petclinic sample application
|
||||
that ships with Spring. This will give you a hands-on approach to integrating
|
||||
Acegi Security into your own application.<br><br>
|
||||
|
||||
Estimated time: 1 hour.<br><br>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
|
|
@ -44,7 +53,8 @@
|
|||
Part I. It has been designed to give you a solid overview. Go through the beans
|
||||
defined in the "Tutorial Sample" and understand their main purpose within the overall
|
||||
framework. Once you understand this, you'll have no difficulty moving on to more
|
||||
complex examples.<br><br>
|
||||
complex examples. You can also experiment in the Petclinic tutorial that you
|
||||
implemented in the last step.<br><br>
|
||||
|
||||
Estimated time: 1 day.<br><br>
|
||||
</li>
|
||||
|
|
|
|||
Loading…
Reference in New Issue