Converted "suggested steps" file to apt. Removed upgrade links prior to 0.7.
This commit is contained in:
Luke Taylor
parent
5005e9c973
commit
368fc4372a
|
|
@ -0,0 +1,103 @@
|
|||
--------------------------------
|
||||
Acegi Security Suggested Steps
|
||||
--------------------------------
|
||||
|
||||
Suggested Steps
|
||||
|
||||
Presented below are the steps we encourage you to take in order to gain the most
|
||||
out of Acegi Security in a realistic timeframe.
|
||||
|
||||
|
||||
[[1]] First of all, deploy the "Tutorial Sample", which is included in the main distribution
|
||||
ZIP file. The sample doesn't do a great deal, but it does give you a template that can
|
||||
be quickly and easily used to integrate into your own project.
|
||||
|
||||
Estimated time: 30 minutes.
|
||||
|
||||
|
||||
[[2]] Next, follow the <a href="petclinic-tutorial.html">Petclinic tutorial</a>, which
|
||||
covers how to add Acegi Security to the commonly-used Petclinic sample application
|
||||
that ships with Spring. This will give you a hands-on approach to integrating
|
||||
Acegi Security into your own application.
|
||||
|
||||
Estimated time: 1 hour.
|
||||
|
||||
[[3]] Next, review the {{{reference.html}Reference Guide}}, and in particular
|
||||
Part I. It has been designed to give you a solid overview. Go through the beans
|
||||
defined in the "Tutorial Sample" and understand their main purpose within the overall
|
||||
framework. Once you understand this, you'll have no difficulty moving on to more
|
||||
complex examples. You can also experiment in the Petclinic tutorial that you
|
||||
implemented in the last step.
|
||||
|
||||
Estimated time: 1 day.
|
||||
|
||||
[[4]] If you have relatively simple security needs, you can probably start to integrate
|
||||
Acegi Security into your application at this point. Just use the "Tutorial Sample"
|
||||
as your basis (now that you understand how it works). Those with more complicated
|
||||
requirements should review the "Contacts Sample" application.
|
||||
This will probably involve deploying <<<acegi-security-sample-contacts-filter.war>>>,
|
||||
which is also included in the release ZIP file.
|
||||
|
||||
The purpose of understanding the "Contacts Sample" is to get a better feel for how method
|
||||
security is implemented, particularly with domain object access control lists. This will
|
||||
really round-out the rest of the framework for you.
|
||||
|
||||
The actual java (TODO: link) code
|
||||
is a completely standard Spring application, except <<<ContactManagerBackend>>>
|
||||
which shows how we create and delete ACL permissions. The rest of the Java code has no
|
||||
security awareness, with all security services being declared in the XML files
|
||||
(don't worry, there aren't any new XML formats to learn: they're all standard Spring IoC container
|
||||
declarations or the stock-standard <<<web.xml>>>). The main
|
||||
XML files to review are
|
||||
|
||||
TODO: SVN Links:
|
||||
|
||||
~~ <a target="_blank" class="newWindow" href="http://cvs.sourceforge.net/viewcvs.py/acegisecurity/acegisecurity/samples/contacts/src/main/webapp/filter/WEB-INF/applicationContext-acegi-security.xml?view=auto">applicationContext-acegi-security.xml</a> (from the filter webapp),
|
||||
~~ <a target="_blank" class="newWindow" href="http://cvs.sourceforge.net/viewcvs.py/acegisecurity/acegisecurity/samples/contacts/src/main/webapp/common/WEB-INF/applicationContext-common-authorization.xml?view=auto">applicationContext-common-authorization.xml</a>,
|
||||
~~ <a target="_blank" class="newWindow" href="http://cvs.sourceforge.net/viewcvs.py/acegisecurity/acegisecurity/samples/contacts/src/main/webapp/common/WEB-INF/applicationContext-common-business.xml?view=auto">applicationContext-common-business.xml</a> (just note we add <<<contactManagerSecurity>>> to the services layer target bean), and
|
||||
~~ <a target="_blank" class="newWindow" href="http://cvs.sourceforge.net/viewcvs.py/acegisecurity/acegisecurity/samples/contacts/src/main/webapp/filter/WEB-INF/web.xml?view=auto">web.xml</a> (from the filter webapp).
|
||||
|
||||
The XML definitions are comprehensively discussed in the
|
||||
{{{reference.html}Reference Guide}}.
|
||||
|
||||
|
||||
Please note the release ZIP files do not include the sample application Java source code. You
|
||||
will need to download from SVN if you would like to access the Java sources.
|
||||
|
||||
Estimated time: 1-2 days.
|
||||
|
||||
|
||||
[[5]]By now you will have a good grasp on how Acegi Security works, and all that is left to
|
||||
do is design your own application's implementation.
|
||||
|
||||
|
||||
We strongly recommend that you start your actual integration with the "Tutorial Sample".
|
||||
Don't start by integrating with the "Contacts Sample", even if you have complex needs.
|
||||
Most people reporting problems on the forums do so because of a configuration problem,
|
||||
as they're trying to make far too many changes at once without really knowing what
|
||||
they're doing. Instead, make changes one at a time, starting from the bare bones configuration
|
||||
provided by the "Tutorial Sample".
|
||||
|
||||
If you've followed the steps above, and refer back to the
|
||||
{{{reference.html}Reference Guide}},
|
||||
{{{http://www.springframework.org}forums}}, and
|
||||
{{{faq.html}FAQ}}
|
||||
for help, you'll find it pretty easy to implement Acegi Security in your application.
|
||||
Most importantly, you'll be using a security framework that offers you complete container
|
||||
portability, flexibility, and community support - without needing to write and maintain your
|
||||
own code.
|
||||
|
||||
Estimated time: 1-5 days.
|
||||
|
||||
|
||||
Please note the time estimates are just that: estimates. They will vary considerably depending
|
||||
on how much experience you have, particularly with Java and Spring. They will also vary depending
|
||||
on how complex your intended security-enabled application will be. Some people need to push the domain
|
||||
object instance access control list capabilities to the maximum, whilst others don't even need anything
|
||||
beyond web request security. The good thing is Acegi Security will either directly support your future
|
||||
needs, or provide a clearly-defined extension point for addressing them.
|
||||
|
||||
|
||||
We welcome your feedback about how long it has actually taken you to complete each step, so we
|
||||
can update this page and help new users better assess their project timetables in the future.
|
||||
Any other tips on what you found helpful in learning Acegi Security are also very welcome.
|
||||
|
|
@ -54,10 +54,6 @@
|
|||
<item name="Upgrading to 1.0.0" href="upgrade/upgrade-090-100.html"/>
|
||||
<item name="Upgrading to 0.9.0" href="upgrade/upgrade-080-090.html"/>
|
||||
<item name="Upgrading to 0.8.0" href="upgrade/upgrade-070-080.html"/>
|
||||
<item name="Upgrading to 0.7.0" href="upgrade/upgrade-06-070.html"/>
|
||||
<item name="Upgrading to 0.6" href="upgrade/upgrade-05-06.html"/>
|
||||
<item name="Upgrading to 0.5" href="upgrade/upgrade-04-05.html"/>
|
||||
<item name="Upgrading to 0.4" href="upgrade/upgrade-03-04.html"/>
|
||||
<item name="Core JavaDocs" href="acegi-security/apidocs/index.html" target="_blank"/>
|
||||
<item name="Contacts HTTPS" href="acegi-security-sample-contacts/ssl/howto.txt"/>
|
||||
<item name="Project Policies" href="policies.html"/>
|
||||
|
|
|
|||
Loading…
Reference in New Issue