SEC-1253: Decouple spring-security-config module from spring-security-web. Added ClassUtils.isPresent() check for FilterChainProxy before attempting to register web-related parsers and decorators. Added use of namespace to dms sample for testing.
This commit is contained in:
parent
4d8956a227
commit
5546698fef
|
@ -19,6 +19,7 @@
|
||||||
<groupId>org.springframework.security</groupId>
|
<groupId>org.springframework.security</groupId>
|
||||||
<artifactId>spring-security-web</artifactId>
|
<artifactId>spring-security-web</artifactId>
|
||||||
<version>${project.version}</version>
|
<version>${project.version}</version>
|
||||||
|
<optional>true</optional>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.springframework.security</groupId>
|
<groupId>org.springframework.security</groupId>
|
||||||
|
|
|
@ -13,6 +13,7 @@ import org.springframework.security.config.ldap.LdapServerBeanDefinitionParser;
|
||||||
import org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser;
|
import org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser;
|
||||||
import org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser;
|
import org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser;
|
||||||
import org.springframework.security.config.method.InterceptMethodsBeanDefinitionDecorator;
|
import org.springframework.security.config.method.InterceptMethodsBeanDefinitionDecorator;
|
||||||
|
import org.springframework.util.ClassUtils;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Registers the bean definition parsers for the "security" namespace (http://www.springframework.org/schema/security).
|
* Registers the bean definition parsers for the "security" namespace (http://www.springframework.org/schema/security).
|
||||||
|
@ -30,17 +31,20 @@ public class SecurityNamespaceHandler extends NamespaceHandlerSupport {
|
||||||
registerBeanDefinitionParser(Elements.LDAP_PROVIDER, new LdapProviderBeanDefinitionParser());
|
registerBeanDefinitionParser(Elements.LDAP_PROVIDER, new LdapProviderBeanDefinitionParser());
|
||||||
registerBeanDefinitionParser(Elements.LDAP_SERVER, new LdapServerBeanDefinitionParser());
|
registerBeanDefinitionParser(Elements.LDAP_SERVER, new LdapServerBeanDefinitionParser());
|
||||||
registerBeanDefinitionParser(Elements.LDAP_USER_SERVICE, new LdapUserServiceBeanDefinitionParser());
|
registerBeanDefinitionParser(Elements.LDAP_USER_SERVICE, new LdapUserServiceBeanDefinitionParser());
|
||||||
registerBeanDefinitionParser(Elements.HTTP, new HttpSecurityBeanDefinitionParser());
|
|
||||||
registerBeanDefinitionParser(Elements.USER_SERVICE, new UserServiceBeanDefinitionParser());
|
registerBeanDefinitionParser(Elements.USER_SERVICE, new UserServiceBeanDefinitionParser());
|
||||||
registerBeanDefinitionParser(Elements.JDBC_USER_SERVICE, new JdbcUserServiceBeanDefinitionParser());
|
registerBeanDefinitionParser(Elements.JDBC_USER_SERVICE, new JdbcUserServiceBeanDefinitionParser());
|
||||||
registerBeanDefinitionParser(Elements.AUTHENTICATION_PROVIDER, new AuthenticationProviderBeanDefinitionParser());
|
registerBeanDefinitionParser(Elements.AUTHENTICATION_PROVIDER, new AuthenticationProviderBeanDefinitionParser());
|
||||||
registerBeanDefinitionParser(Elements.GLOBAL_METHOD_SECURITY, new GlobalMethodSecurityBeanDefinitionParser());
|
registerBeanDefinitionParser(Elements.GLOBAL_METHOD_SECURITY, new GlobalMethodSecurityBeanDefinitionParser());
|
||||||
registerBeanDefinitionParser(Elements.AUTHENTICATION_MANAGER, new AuthenticationManagerBeanDefinitionParser());
|
registerBeanDefinitionParser(Elements.AUTHENTICATION_MANAGER, new AuthenticationManagerBeanDefinitionParser());
|
||||||
|
registerBeanDefinitionDecorator(Elements.INTERCEPT_METHODS, new InterceptMethodsBeanDefinitionDecorator());
|
||||||
|
|
||||||
|
// Web-namespace stuff
|
||||||
|
if (ClassUtils.isPresent("org.springframework.security.web.FilterChainProxy", ClassUtils.getDefaultClassLoader())) {
|
||||||
|
registerBeanDefinitionParser(Elements.HTTP, new HttpSecurityBeanDefinitionParser());
|
||||||
|
registerBeanDefinitionDecorator(Elements.FILTER_CHAIN_MAP, new FilterChainMapBeanDefinitionDecorator());
|
||||||
registerBeanDefinitionParser(Elements.FILTER_INVOCATION_DEFINITION_SOURCE, new FilterInvocationSecurityMetadataSourceParser());
|
registerBeanDefinitionParser(Elements.FILTER_INVOCATION_DEFINITION_SOURCE, new FilterInvocationSecurityMetadataSourceParser());
|
||||||
registerBeanDefinitionParser(Elements.FILTER_SECURITY_METADATA_SOURCE, new FilterInvocationSecurityMetadataSourceParser());
|
registerBeanDefinitionParser(Elements.FILTER_SECURITY_METADATA_SOURCE, new FilterInvocationSecurityMetadataSourceParser());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Decorators
|
|
||||||
registerBeanDefinitionDecorator(Elements.INTERCEPT_METHODS, new InterceptMethodsBeanDefinitionDecorator());
|
|
||||||
registerBeanDefinitionDecorator(Elements.FILTER_CHAIN_MAP, new FilterChainMapBeanDefinitionDecorator());
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,6 +18,11 @@
|
||||||
<artifactId>spring-security-acl</artifactId>
|
<artifactId>spring-security-acl</artifactId>
|
||||||
<version>${project.version}</version>
|
<version>${project.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.security</groupId>
|
||||||
|
<artifactId>spring-security-config</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.springframework</groupId>
|
<groupId>org.springframework</groupId>
|
||||||
<artifactId>spring-jdbc</artifactId>
|
<artifactId>spring-jdbc</artifactId>
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
|
|
||||||
|
|
||||||
<!--
|
<!--
|
||||||
- Application context representing the application WITH security services.
|
- Application context representing the application WITH security services.
|
||||||
|
@ -7,7 +6,12 @@
|
||||||
- $Id$
|
- $Id$
|
||||||
-->
|
-->
|
||||||
|
|
||||||
<beans>
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||||
|
xmlns:s="http://www.springframework.org/schema/security"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
||||||
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
|
||||||
|
|
||||||
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
|
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
|
||||||
<property name="dataSource" ref="dataSource"/>
|
<property name="dataSource" ref="dataSource"/>
|
||||||
</bean>
|
</bean>
|
||||||
|
@ -49,13 +53,10 @@
|
||||||
|
|
||||||
<!-- ======================== AUTHENTICATION (note there is no UI and this is for integration tests only) ======================= -->
|
<!-- ======================== AUTHENTICATION (note there is no UI and this is for integration tests only) ======================= -->
|
||||||
|
|
||||||
<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
|
<s:authentication-manager alias="authenticationManager">
|
||||||
<property name="providers">
|
<s:authentication-provider ref="daoAuthenticationProvider"/>
|
||||||
<list>
|
</s:authentication-manager>
|
||||||
<ref local="daoAuthenticationProvider"/>
|
|
||||||
</list>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="jdbcDaoImpl" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
|
<bean id="jdbcDaoImpl" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
|
||||||
<property name="dataSource" ref="dataSource"/>
|
<property name="dataSource" ref="dataSource"/>
|
||||||
|
@ -82,20 +83,7 @@
|
||||||
|
|
||||||
<!-- Automatically receives AuthenticationEvent messages -->
|
<!-- Automatically receives AuthenticationEvent messages -->
|
||||||
<bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/>
|
<bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/>
|
||||||
<!--
|
|
||||||
<bean id="anonymousAuthenticationProvider" class="org.springframework.security.authentication.anonymous.AnonymousAuthenticationProvider">
|
|
||||||
<property name="key" value="foobar"/>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices">
|
|
||||||
<property name="userDetailsService" ref="jdbcDaoImpl"/>
|
|
||||||
<property name="key" value="springRocks"/>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="rememberMeAuthenticationProvider" class="org.springframework.security.authentication.rememberme.RememberMeAuthenticationProvider">
|
|
||||||
<property name="key" value="springRocks"/>
|
|
||||||
</bean>
|
|
||||||
-->
|
|
||||||
<!-- ========================= "BEFORE INVOCATION" AUTHORIZATION DEFINITIONS ============================== -->
|
<!-- ========================= "BEFORE INVOCATION" AUTHORIZATION DEFINITIONS ============================== -->
|
||||||
|
|
||||||
<!-- ACL permission masks used by this application -->
|
<!-- ACL permission masks used by this application -->
|
||||||
|
|
Loading…
Reference in New Issue