Updated heavyduty sample to work with current trunk

This commit is contained in:
Luke Taylor 2009-12-08 20:24:07 +00:00
parent adfac7e718
commit 38a09766f0
8 changed files with 95 additions and 84 deletions

6
.gitignore vendored Normal file
View File

@ -0,0 +1,6 @@
target/
.classpath
.project
.settings/
build/
*.log

View File

@ -21,7 +21,17 @@
<artifactId>spring-security-config</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
@ -43,12 +53,9 @@
<artifactId>spring-orm</artifactId>
<version>${spring.version}</version>
</dependency>
<!--
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
@ -66,7 +73,7 @@
<groupId>org.freemarker</groupId>
<artifactId>freemarker</artifactId>
<scope>runtime</scope>
<version>2.3.12</version>
<version>2.3.16</version>
</dependency>
<dependency>
<groupId>hsqldb</groupId>
@ -75,15 +82,21 @@
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<version>3.3.2.GA</version>
<scope>compile</scope>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<version>3.4.0.GA</version>
<scope>compile</scope>
<exclusions>
<exclusion>
<artifactId>commons-logging</artifactId>
<groupId>commons-logging</groupId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>1.4.1</version>
<version>1.6.2</version>
<scope>compile</scope>
</dependency>
<dependency>
@ -107,26 +120,35 @@
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-core</artifactId>
<version>1.0.2</version>
<scope>runtime</scope>
<version>1.5.5</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-server-jndi</artifactId>
<version>1.0.2</version>
<scope>runtime</scope>
<version>1.5.5</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
<version>3.2.1</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.5.8</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.4.3</version>
<version>1.5.8</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.ldap</groupId>
<artifactId>spring-ldap</artifactId>
<version>1.2.1</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
@ -157,7 +179,7 @@
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>maven-jetty-plugin</artifactId>
<version>6.1.11</version>
<version>6.1.18</version>
<configuration>
<contextPath>/heavyduty</contextPath>
<!--jettyConfig>jetty-jmx.xml</jettyConfig-->
@ -182,7 +204,7 @@
</plugins>
</build>
<properties>
<spring.version>3.0.0.CI-SNAPSHOT</spring.version>
<spring.version>3.0.0.RC3</spring.version>
<spring.security.version>3.0.0.CI-SNAPSHOT</spring.security.version>
</properties>

View File

@ -1,11 +1,8 @@
package heavyduty.security.ui;
import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
public class HeavyDutyAuthenticationProcessingFilter extends AuthenticationProcessingFilter {
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
public class HeavyDutyAuthenticationProcessingFilter extends UsernamePasswordAuthenticationFilter {
}

View File

@ -1,8 +1,8 @@
package heavyduty.security.ui;
import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
public class HeavyDutyEntryPoint extends AuthenticationProcessingFilterEntryPoint {
public class HeavyDutyEntryPoint extends LoginUrlAuthenticationEntryPoint {

View File

@ -1,10 +1,10 @@
package sample;
import java.util.List;
import java.util.Collection;
import org.aopalliance.intercept.MethodInvocation;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.vote.AccessDecisionVoter;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.core.Authentication;
public class TestVoter implements AccessDecisionVoter {
@ -17,7 +17,7 @@ public class TestVoter implements AccessDecisionVoter {
return MethodInvocation.class.isAssignableFrom(clazz);
}
public int vote(Authentication authentication, Object object, List<ConfigAttribute> config) {
public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> config) {
MethodInvocation mi = (MethodInvocation) object;
mi.getMethod().getParameterAnnotations();

View File

@ -11,10 +11,10 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<!--b:import resource="appContext-misc.xml"/-->
<context:component-scan base-package='sample'/>
@ -48,7 +48,7 @@
<x509 user-service-ref="daoUserService"/>
-->
<form-login default-target-url="/secure/index.jsp" login-page="/login.jsp" authentication-failure-url="/login.jsp?login-error=1" always-use-default-target="false"/>
<anonymous />
<!-- http-basic / -->
<logout />
<remember-me key='doesntmatter' token-repository-ref='tokenRepo' user-service-ref='daoUserService'/>
@ -56,12 +56,13 @@
<!-- <remember-me user-service-ref="daoUserService"/> -->
<!-- Uncomment to limit the number of sessions a user can have -->
<concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true" session-registry-ref='sessionRegistry'/>
<session-management>
<concurrency-control max-sessions="1" error-if-maximum-exceeded="true" session-registry-ref='sessionRegistry'/>
</session-management>
<!-- custom-filter position="AUTHENTICATION_PROCESSING_FILTER" ref="customAuthFilter" / -->
</http>
<authentication-manager alias="authenticationManager" />
<b:bean id='tokenRepo' class='org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl'/>
<!-- Traditional Session Control Beans -->
@ -71,14 +72,10 @@
<b:property name="sessionRegistry" ref='sessionRegistry'/>
</b:bean>
<b:bean id='sessionController' class="org.springframework.security.concurrent.ConcurrentSessionControllerImpl">
<b:property name='sessionRegistry' ref='sessionRegistry'/>
</b:bean>
-->
<b:bean id='sessionRegistry' class="org.springframework.security.authentication.concurrent.SessionRegistryImpl"/>
<b:bean id='sessionRegistry' class="org.springframework.security.core.session.SessionRegistryImpl"/>
<!--
<b:bean id="customAuthFilter" class="heavyduty.security.ui.HeavyDutyAuthenticationProcessingFilter">
<custom-filter position="AUTHENTICATION_PROCESSING_FILTER"/>
<b:property name="defaultTargetUrl" value="/"/>
<b:property name="authenticationManager" ref="authenticationManager"/>
</b:bean>
@ -93,20 +90,22 @@
<b:constructor-arg ref="customAuthFilter"/>
</b:bean>
-->
<authentication-manager alias="authenticationManager" >
<authentication-provider user-service-ref="daoUserService">
<password-encoder hash="md5" />
</authentication-provider>
<authentication-provider>
<password-encoder hash="md5"/>
<user-service>
<user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
<user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
<user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
<user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
<authentication-provider user-service-ref="daoUserService">
<password-encoder hash="md5" />
</authentication-provider>
<authentication-provider>
<password-encoder hash="md5"/>
<user-service>
<user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
<user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
<user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
<user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
<ldap-server id="ldapServer"/>
@ -126,5 +125,4 @@
<!-- b:property name="server" ref="mbeanServer"/-->
</b:bean>
</b:beans>

View File

@ -1,6 +1,6 @@
<%@page import="org.springframework.web.context.support.WebApplicationContextUtils"%>
<%@page import="org.springframework.security.providers.ldap.LdapAuthenticationProvider"%>
<%@page import="org.springframework.security.providers.ProviderManager"%>
<%@page import="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"%>
<%@page import="org.springframework.security.authentication.ProviderManager"%>
<html>
<body>
@ -19,11 +19,11 @@ Providers: <br />
<%=
((ProviderManager)WebApplicationContextUtils.getRequiredWebApplicationContext(
session.getServletContext()).getBean("_authenticationManager")).getProviders() %>
session.getServletContext()).getBean("org.springframework.security.authenticationManager")).getProviders() %>
</p>
<p><a href="/index.jsp">Home</a></p>
</body>
</html>
</html>

View File

@ -1,9 +1,7 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core_rt' %>
<%@ page import="org.springframework.security.ui.AbstractProcessingFilter" %>
<%@ page import="org.springframework.security.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="org.springframework.security.AuthenticationException" %>
<!-- Not used unless you declare a <form-login login-page="/login.jsp"/> element -->
<%@ page import="org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter" %>
<%@ page import="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter" %>
<%@ page import="org.springframework.security.core.AuthenticationException" %>
<html>
<head>
@ -13,35 +11,25 @@
<body onload="document.f.j_username.focus();">
<h1>CUSTOM SPRING SECURITY LOGIN</h1>
<P>Valid users:
<P>
<P>username <b>rod</b>, password <b>koala</b>
<br>username <b>dianne</b>, password <b>emu</b>
<br>username <b>scott</b>, password <b>wombat</b>
<br>username <b>peter</b>, password <b>opal</b>
<p>
<%-- this form-login-page form is also used as the
form-error-page to ask for a login again.
--%>
<% if (session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY) != null) { %>
<% if (session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY) != null) { %>
<font color="red">
Your login attempt was not successful, try again.<BR><BR>
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
Your login attempt was not successful, try again.<br/><br/>
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
</font>
<% } %>
<form name="f" action="<c:url value='j_spring_security_check'/>" method="POST">
<table>
<tr><td>User:</td><td><input type='text' name='j_username' <% if (session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) != null) { %>value='<%= session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'<% } %>></td></tr>
<tr><td>User:</td><td><input type='text' name='j_username' <% if (session.getAttribute(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY) != null) { %>value='<%= session.getAttribute(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'<% } %>></td></tr>
<tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
<tr><td><input type="checkbox" name="_spring_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>
<tr><td colspan='2'><input name="submit" type="submit"></td></tr>
<tr><td colspan='2'><input name="reset" type="reset"></td></tr>
</table>
</form>
</body>
</html>