diff --git a/src/site/apt/namespaces.apt b/src/site/apt/namespaces.apt new file mode 100644 index 0000000000..0003845aa7 --- /dev/null +++ b/src/site/apt/namespaces.apt @@ -0,0 +1,159 @@ + ---------------------------------------- + Security Namespace Configuration + ---------------------------------------- + ------------------------ + (2007-11-7 draft) + ------------------------ + + +Overview + + +* Summary + + Spring Security will make use of Spring 2.0 namespace-based configuration features to allow much more concise + configuration. This document outlines the current state of development and the features that have been + implemented so far and raises points for discussion. The features are still largely experimental and subject to + change. + + The {{{http://acegisecurity.svn.sourceforge.net/svnroot/acegisecurity/spring-security/trunk/core/src/main/resources/org/springframework/security/config/}schema files}} + can be found in the core package. + + For simplicity, a relax NG compact schema (the rnc file) has been used as it is easier to work with. + This is then coverted into a W3C schema using trang. + +* Design + + The initial aim is to provide a relatively small set of namespace configuration options which capture the most + common uses of framework, especially for inexperienced users who don't require much in the way of customization. + The focus should be mainly on providing high-level components which logically match the different aspects of + securing an application. While it is also useful to have namespace options for simplifying the configuration of + existing framework beans, this is a somewhat orthogonal requirement, with different target users, and will be dealt + with separately. Only the most obvious customizations will be implemented to start with. + + With these aims in mind, the design is largely based around the large-scale dependencies within the framework. + It can be divided up into the following areas: + + * <> - this is by far the largest and most complex area, consisting of + + * Filter chain proxy + + * HttpSessionContextIntegrationFilter - special filter which is of key importance. + + * The filters which are responsible for most of Spring Security's web application features. + + * ExceptionTranslationFilter and FilterSecurityInterceptor - other special filters. + + * Authentication entry point(s). + + * Concurrent session support (optional). + + * Remember-me service (optional). + + The only inward dependency here is that the AuthenticationManager must be made aware of the + ConcurrentSessionController (if configured). Apart from this, the other areas of the framework are unaware of + web-related functionality. + + * <> - This is currently implemented using a bean decorator within the + business object bean, which is a relatively simple syntax. + + * <> - this is the main dependency of other parts of the framework. The namespace + configuration creates an instance of ProviderManager as required and registers it under a known name. It assumes + that this will be used by all the configured beans. This currently happens automatically. It might be worth + introducing a + +--- + +--- + + element just to allow users to explicitly configure an authentication manager which they can use in other beans. + The additional name could be registered as an alias. + + * <> - The security interceptors (both for method and http security) require access to + an access decision manager. At the moment a default one is created and used by both, but they should additionally + support the use of an independently configured access manager, based on Id. The standard bean syntax should be + sufficient for the moment. + + * <> - these can be created individually and register themselves with the authentication + manager. Current namespace options are limited but each provider should be pretty much self-contained and hence + relatively simple to implement. There may be multiple providers within an application so some means of ordering will + be required. + + * <> - Closely related to the authentication providers, but often also required by other beans. + Again the implementations should be relatively straightforward. There may be multiple implementations within the + application. + + +* Http Security + + Probably the best starting point here is to look at the namespace configuration which is currently in use in the + sample application: + ++-------------------------------------------------------------------------------------------------------------------- + + + + + + + + + + + + + + + + + + + + + + + + + + + ++-------------------------------------------------------------------------------------------------------------------- + +** \ + + This element groups the other http-specific elements together and has attributes which allow the + session creation strategy to be set. It also allows you to specify the type of pattern that will be used for URL + definitions within the block. This defaults to ``ant'' since this is what users almost always use in practice. + + The {{{./spring-security-core/xref/org/springframework/security/config/HttpSecurityBeanDefinitionParser.html}HttpSecurityBeanDefinitionParser}} + class is responsible for handling the contents. It creates a FilterChainProxy + instance, HttpSessionContextIntegrationFilter, FilterSecurityInterceptor and ExceptionTranslationFilter and parses + the child intercept-url elements (see below). It then delegates to separate parsers to handle the contents of other + child elements. These encapsulate the functionality of separate web application concerns which are implemented + by Spring Security and will typically each create a filter and possibly one or more other beans. + + Finally a post processor (HttpSecurityConfigPostProcessor) is registered to handle issues which can't be done + until the application context has been completed. This includes assembling and ordering the filter chain. The core + filters now implement Ordered and a standard ordering has been established for them. Other filters in the + context must also implement Ordered to be considered, so it may be necessary to provide an element which can be + used to decorate filter beans to achieve this, if the user can't (or doesn't want to) make their code implement + Ordered explicitly. + + +** \ + + In a traditional, bean-configured setup, there are several beans which require the use of URL patterns - + FilterChainProxy, FilterSecurityInterceptor and ChannelProcessingFilter. These can now be specified using a + single construct and the appropriate beans created and assembled by the parser. This allows options to be combined + in a more logical fashion without duplication. The user picks the important URLs for their application, defines the + patterns for them and then specifies which filters should be used, what access configuration attributes + the FilterSecurityInterceptor should enforce and if any channel restrictions apply. Only the access decision part + has been implemented. The only option for filters is currently "none", which will omit the URL from the security + filter chain entirely. It's not clear how or if additional filter order customization should be implemented (other + than by allowing Ids to be set on the various child elements). Channel security should be straightforward. + +