Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Expand Contacts sample application to use Hessian and Burlap remoting.

This commit is contained in:
Ben Alex 2004-04-11 12:15:00 +00:00
parent f1abf780b5
commit 66e8d741ca
16 changed files with 549 additions and 127 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.classpath
View File

@ -19,5 +19,6 @@
<classpathentry kind="lib" path="lib/extracted/resin/resin-extracted.jar"/> <classpathentry kind="lib" path="lib/extracted/resin/resin-extracted.jar"/>
<classpathentry kind="lib" path="integration-test/lib/httpunit.jar"/> <classpathentry kind="lib" path="integration-test/lib/httpunit.jar"/>
<classpathentry kind="lib" path="lib/regexp/jakarta-oro.jar"/> <classpathentry kind="lib" path="lib/regexp/jakarta-oro.jar"/>
<classpathentry kind="lib" path="lib/jakarta-commons/commons-codec.jar"/>
<classpathentry kind="output" path="target/eclipseclasses"/> <classpathentry kind="output" path="target/eclipseclasses"/>
</classpath> </classpath>

16
integration-test/build.xml
View File

@ -21,6 +21,7 @@
<fileset dir="${httpunit.lib.dir}"> <fileset dir="${httpunit.lib.dir}">
<include name="**/*.jar"/> <include name="**/*.jar"/>
</fileset> </fileset>
<fileset file="${contacts.client.jar}"/>
</path> </path>
<path id="antcontrib-classpath"> <path id="antcontrib-classpath">
@ -49,6 +50,7 @@ Among the available targets are:
clean --> deletes output directories clean --> deletes output directories
unzip --> unzips each container into file system unzip --> unzips each container into file system
tests --> unzips each container and runs all tests tests --> unzips each container and runs all tests
tests-all --> runs all tests (does not unzip each container)
tests-jetty --> runs the integration tests with Jetty tests-jetty --> runs the integration tests with Jetty
tests-jboss --> runs the integration tests with JBoss tests-jboss --> runs the integration tests with JBoss
tests-catalina --> runs the integration tests with Catalina tests-catalina --> runs the integration tests with Catalina
@ -94,7 +96,10 @@ Each tests-xxxx target assumes the container is unzipped
</jalopy> </jalopy>
</target> </target>
<target name="tests" depends="clean,unzip,tests-jetty,tests-catalina,tests-jboss" <target name="tests" depends="clean,unzip,tests-all">
</target>
<target name="tests-all" depends="tests-jetty,tests-catalina,tests-jboss"
description="Run all integration tests"> description="Run all integration tests">
<condition property="anyerrors" value="true"> <condition property="anyerrors" value="true">
<or> <or>
@ -217,6 +222,9 @@ Tomcat ${tomcat-5.version}:&#9;Run: ${jakarta-tomcat-5.run}&#9;Errored: ${jakart
<copy file="${dist.lib.dir}/acegi-security-jetty-ext.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/> <copy file="${dist.lib.dir}/acegi-security-jetty-ext.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
<copy file="${lib.dir}/aop-alliance/aopalliance.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/> <copy file="${lib.dir}/aop-alliance/aopalliance.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
<copy file="${lib.dir}/jakarta-commons/commons-logging.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/> <copy file="${lib.dir}/jakarta-commons/commons-logging.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
<copy file="${lib.dir}/jakarta-commons/commons-codec.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
<copy file="${lib.dir}/caucho/burlap.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
<copy file="${lib.dir}/caucho/hessian.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
<copy file="${lib.dir}/spring/spring.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/> <copy file="${lib.dir}/spring/spring.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
<copy file="${contacts.ca.war}" todir="${tmp.dir}/jetty-${jetty.version}/webapps" overwrite="true"/> <copy file="${contacts.ca.war}" todir="${tmp.dir}/jetty-${jetty.version}/webapps" overwrite="true"/>
<antcallback target="-perform-test-jetty" return="jetty-${jetty.version}.errored, jetty-${jetty.version}.failed"> <antcallback target="-perform-test-jetty" return="jetty-${jetty.version}.errored, jetty-${jetty.version}.failed">
@ -287,6 +295,9 @@ Tomcat ${tomcat-5.version}:&#9;Run: ${jakarta-tomcat-5.run}&#9;Errored: ${jakart
<copy file="${dist.lib.dir}/acegi-security-catalina-common.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/> <copy file="${dist.lib.dir}/acegi-security-catalina-common.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
<copy file="${lib.dir}/aop-alliance/aopalliance.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/> <copy file="${lib.dir}/aop-alliance/aopalliance.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
<copy file="${lib.dir}/spring/spring.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/> <copy file="${lib.dir}/spring/spring.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
<copy file="${lib.dir}/jakarta-commons/commons-codec.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
<copy file="${lib.dir}/caucho/burlap.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
<copy file="${lib.dir}/caucho/hessian.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
<copy file="${contacts.ca.war}" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/webapps" overwrite="true"/> <copy file="${contacts.ca.war}" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/webapps" overwrite="true"/>
<delete dir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/webapps/contacts-container-adapter"/> <delete dir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/webapps/contacts-container-adapter"/>
<antcallback target="-perform-test-catalina" return="jakarta-tomcat-${tomcat.version}.errored, jakarta-tomcat-${tomcat.version}.failed"> <antcallback target="-perform-test-catalina" return="jakarta-tomcat-${tomcat.version}.errored, jakarta-tomcat-${tomcat.version}.failed">
@ -349,6 +360,9 @@ Tomcat ${tomcat-5.version}:&#9;Run: ${jakarta-tomcat-5.run}&#9;Errored: ${jakart
<copy file="${dist.lib.dir}/acegi-security-jboss-lib.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/> <copy file="${dist.lib.dir}/acegi-security-jboss-lib.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
<copy file="${lib.dir}/aop-alliance/aopalliance.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/> <copy file="${lib.dir}/aop-alliance/aopalliance.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
<copy file="${lib.dir}/spring/spring.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/> <copy file="${lib.dir}/spring/spring.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
<copy file="${lib.dir}/jakarta-commons/commons-codec.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
<copy file="${lib.dir}/caucho/burlap.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
<copy file="${lib.dir}/caucho/hessian.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
<copy file="${contacts.ca.war}" todir="${tmp.dir}/jboss-${jboss.version}/server/default/deploy" overwrite="true"/> <copy file="${contacts.ca.war}" todir="${tmp.dir}/jboss-${jboss.version}/server/default/deploy" overwrite="true"/>
<antcallback target="-perform-test-jboss" return="jboss-${jboss.version}.errored, jboss-${jboss.version}.failed"> <antcallback target="-perform-test-jboss" return="jboss-${jboss.version}.errored, jboss-${jboss.version}.failed">
<param name="test.includes" value="**/ContainerAdapterContactsTests.class"/> <param name="test.includes" value="**/ContainerAdapterContactsTests.class"/>

1
integration-test/project.properties
View File

@ -16,6 +16,7 @@ lib.dir=${basedir}/../lib
dist.lib.dir=${basedir}/../dist dist.lib.dir=${basedir}/../dist
contacts.ca.war=${basedir}/../samples/contacts/dist/contacts-container-adapter.war contacts.ca.war=${basedir}/../samples/contacts/dist/contacts-container-adapter.war
contacts.filter.war=${basedir}/../samples/contacts/dist/contacts.war contacts.filter.war=${basedir}/../samples/contacts/dist/contacts.war
contacts.client.jar=${basedir}/../samples/contacts/client/contacts.jar
acegisecurity.xml=../src/net/sf/acegisecurity/adapters/acegisecurity.xml acegisecurity.xml=../src/net/sf/acegisecurity/adapters/acegisecurity.xml
jalopy.xml=${basedir}/../jalopy.xml jalopy.xml=${basedir}/../jalopy.xml

57
integration-test/src/net/sf/acegisecurity/integrationtests/web/AbstractContactsTests.java
View File

@ -24,8 +24,17 @@ import com.meterware.httpunit.WebResponse;
import junit.framework.TestCase; import junit.framework.TestCase;
import org.springframework.beans.factory.support.DefaultListableBeanFactory;
import org.springframework.beans.factory.support.PropertiesBeanDefinitionReader;
import org.springframework.remoting.RemoteAccessException;
import sample.contact.ContactManager;
import java.net.URL; import java.net.URL;
import java.util.Properties;
/** /**
* Tests the Contacts sample application from a HTTP user's perspective. * Tests the Contacts sample application from a HTTP user's perspective.
@ -63,6 +72,54 @@ public abstract class AbstractContactsTests extends TestCase {
assertTrue(response.getText().lastIndexOf("sample.contact.Contact@") != -1); assertTrue(response.getText().lastIndexOf("sample.contact.Contact@") != -1);
} }
public void testHessianFailsWithIncorrectCredentials() {
String PREFIX = "beans.";
DefaultListableBeanFactory lbf = new DefaultListableBeanFactory();
Properties p = new Properties();
p.setProperty(PREFIX + "hessianProxy.class",
"org.springframework.remoting.caucho.HessianProxyFactoryBean");
p.setProperty(PREFIX + "hessianProxy.serviceInterface",
"sample.contact.ContactManager");
p.setProperty(PREFIX + "hessianProxy.serviceUrl",
getBaseUrl() + "/caucho/ContactManager-hessian");
p.setProperty(PREFIX + "hessianProxy.username", "marissa");
p.setProperty(PREFIX + "hessianProxy.password", "WRONG_PASSWORD");
(new PropertiesBeanDefinitionReader(lbf)).registerBeanDefinitions(p,
PREFIX);
ContactManager contactManager = (ContactManager) lbf.getBean(
"hessianProxy");
try {
contactManager.getRandomContact();
fail("Should have thrown RemoteAccessException");
} catch (RemoteAccessException exception) {
assertTrue(true);
}
}
public void testHessianOperational() {
String PREFIX = "beans.";
DefaultListableBeanFactory lbf = new DefaultListableBeanFactory();
Properties p = new Properties();
p.setProperty(PREFIX + "hessianProxy.class",
"org.springframework.remoting.caucho.HessianProxyFactoryBean");
p.setProperty(PREFIX + "hessianProxy.serviceInterface",
"sample.contact.ContactManager");
p.setProperty(PREFIX + "hessianProxy.serviceUrl",
getBaseUrl() + "/caucho/ContactManager-hessian");
p.setProperty(PREFIX + "hessianProxy.username", "marissa");
p.setProperty(PREFIX + "hessianProxy.password", "koala");
(new PropertiesBeanDefinitionReader(lbf)).registerBeanDefinitions(p,
PREFIX);
ContactManager contactManager = (ContactManager) lbf.getBean(
"hessianProxy");
assertTrue(contactManager.getRandomContact() != null);
}
public void testLoginNameCaseSensitive() throws Exception { public void testLoginNameCaseSensitive() throws Exception {
WebConversation conversation = new WebConversation(); WebConversation conversation = new WebConversation();
WebRequest request = new GetMethodWebRequest(getBaseUrl()); WebRequest request = new GetMethodWebRequest(getBaseUrl());

14
samples/contacts/build.xml
View File

@ -74,11 +74,14 @@
<classpath refid="qa-portalpath"/> <classpath refid="qa-portalpath"/>
</javac> </javac>
<copy todir="${build.dir}"> <jar jarfile="${client.dir}/contacts.jar">
<fileset dir="${src.dir}"> <fileset dir="${build.dir}">
<include name="*.properties"/> <include name="sample/contact/Contact.class"/>
<include name="sample/contact/ContactManager.class"/>
<include name="sample/contact/ClientApplication.class"/>
</fileset> </fileset>
</copy> </jar>
</target> </target>
<target name="format" description="Formats all project source code"> <target name="format" description="Formats all project source code">
@ -147,6 +150,8 @@
<lib dir="${lib.dir}/aop-alliance" includes="aopalliance.jar"/> <lib dir="${lib.dir}/aop-alliance" includes="aopalliance.jar"/>
<lib dir="${lib.dir}/regexp" includes="jakarta-oro.jar"/> <lib dir="${lib.dir}/regexp" includes="jakarta-oro.jar"/>
<lib dir="${lib.dir}/j2ee" includes="jstl.jar"/> <lib dir="${lib.dir}/j2ee" includes="jstl.jar"/>
<lib dir="${lib.dir}/caucho" includes="*.jar"/>
<lib dir="${lib.dir}/jakarta-commons" includes="commons-codec.jar"/>
<lib dir="${dist.lib.dir}" includes="acegi-security-taglib.jar"/> <lib dir="${dist.lib.dir}" includes="acegi-security-taglib.jar"/>
<lib dir="${dist.lib.dir}" includes="acegi-security.jar"/> <lib dir="${dist.lib.dir}" includes="acegi-security.jar"/>
</war> </war>
@ -175,6 +180,7 @@
<include name="jboss-web.xml"/> <include name="jboss-web.xml"/>
<include name="resin-web.xml"/> <include name="resin-web.xml"/>
<include name="web.xml"/> <include name="web.xml"/>
<include name="applicationContext.xml"/>
</fileset> </fileset>
</copy> </copy>
<war warfile="${dist.dir}/${name.ca}.war" webxml="${tmp.dir}/${name.ca}/WEB-INF/web.xml"> <war warfile="${dist.dir}/${name.ca}.war" webxml="${tmp.dir}/${name.ca}/WEB-INF/web.xml">

1
samples/contacts/client/client.bat Normal file
View File

@ -0,0 +1 @@
%JAVA_HOME%/bin/java -cp ../../../lib/aop-alliance/aopalliance.jar;../../../lib/caucho/hessian.jar;../../../lib/caucho/burlap.jar;../../../lib/jakarta-commons/commons-collections.jar;../../../lib/jakarta-commons/commons-logging.jar;../../../lib/spring/spring.jar;contacts.jar sample.contact.ClientApplication %1 %2 %3

10
samples/contacts/client/client.properties Normal file
View File

@ -0,0 +1,10 @@
# Properties file with server URL settings for remote access.
# Applied by PropertyPlaceholderConfigurer from "clientContext.xml".
#
# $Id$
serverName=localhost
httpPort=8080
contextPath=/contacts
username=marissa
password=koala

43
samples/contacts/client/clientContext.xml Normal file
View File

@ -0,0 +1,43 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Contacts web application
- Client application context
- $Id$
-->
<beans>
<!-- Resolves ${...} placeholders from client.properties -->
<bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="location"><value>client.properties</value></property>
</bean>
<!-- Proxy for the Hessian-exported ContactManager -->
<!-- Hessian is a slim binary HTTP remoting protocol -->
<bean id="hessianProxy" class="org.springframework.remoting.caucho.HessianProxyFactoryBean">
<property name="serviceInterface">
<value>sample.contact.ContactManager</value>
</property>
<property name="serviceUrl">
<value>http://${serverName}:${httpPort}${contextPath}/caucho/ContactManager-hessian</value>
</property>
<property name="username"><value>${username}</value></property>
<property name="password"><value>${password}</value></property>
</bean>
<!-- Proxy for the Burlap-exported ContactManager -->
<!-- Burlap is a slim XML-based HTTP remoting protocol -->
<bean id="burlapProxy" class="org.springframework.remoting.caucho.BurlapProxyFactoryBean">
<property name="serviceInterface">
<value>sample.contact.ContactManager</value>
</property>
<property name="serviceUrl">
<value>http://${serverName}:${httpPort}${contextPath}/caucho/ContactManager-burlap</value>
</property>
<property name="username"><value>${username}</value></property>
<property name="password"><value>${password}</value></property>
</bean>
</beans>

133
samples/contacts/etc/ca/applicationContext.xml Normal file
View File

@ -0,0 +1,133 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Application context loaded by ContextLoaderListener if using container adapters
- $Id$
-->
<beans>
<!-- =================== SECURITY SYSTEM DEFINITIONS ================== -->
<!-- RunAsManager -->
<bean id="runAsManager" class="net.sf.acegisecurity.runas.RunAsManagerImpl">
<property name="key"><value>my_run_as_password</value></property>
</bean>
<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHENTICATION DEFINITIONS ~~~~~~~~~~~~~~~~~~ -->
<bean id="runAsAuthenticationProvider" class="net.sf.acegisecurity.runas.RunAsImplAuthenticationProvider">
<property name="key"><value>my_run_as_password</value></property>
</bean>
<bean id="authByAdapterProvider" class="net.sf.acegisecurity.adapters.AuthByAdapterProvider">
<property name="key"><value>my_password</value></property>
</bean>
<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="runAsAuthenticationProvider"/>
<ref bean="authByAdapterProvider"/>
<ref bean="daoAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="inMemoryDaoImpl" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
<property name="userMap">
<value>
marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
dianne=emu,ROLE_TELLER
scott=wombat,ROLE_TELLER
peter=opal,disabled,ROLE_TELLER
</value>
</property>
</bean>
<bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="authenticationDao"><ref bean="inMemoryDaoImpl"/></property>
<property name="ignorePasswordCase"><value>false</value></property>
<property name="ignoreUsernameCase"><value>true</value></property>
</bean>
<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~~~~ -->
<!-- An access decision voter that reads ROLE_* configuaration settings -->
<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
<!-- An access decision voter that reads CONTACT_OWNED_BY_CURRENT_USER configuaration settings -->
<bean id="contactSecurityVoter" class="sample.contact.ContactSecurityVoter"/>
<!-- An access decision manager used by the business objects -->
<bean id="businessAccessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
<property name="decisionVoters">
<list>
<ref bean="roleVoter"/>
<ref bean="contactSecurityVoter"/>
</list>
</property>
</bean>
<!-- ===================== SECURITY DEFINITIONS ======================= -->
<bean id="publicContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref bean="businessAccessDecisionManager"/></property>
<property name="runAsManager"><ref bean="runAsManager"/></property>
<property name="objectDefinitionSource">
<value>
sample.contact.ContactManager.delete=ROLE_SUPERVISOR,RUN_AS_SERVER
sample.contact.ContactManager.getAllByOwner=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
sample.contact.ContactManager.save=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
sample.contact.ContactManager.getById=ROLE_TELLER,RUN_AS_SERVER
</value>
</property>
</bean>
<!-- We expect all callers of the backend object to hold the role ROLE_RUN_AS_SERVER -->
<bean id="backendContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref bean="businessAccessDecisionManager"/></property>
<property name="runAsManager"><ref bean="runAsManager"/></property>
<property name="objectDefinitionSource">
<value>
sample.contact.ContactManager.delete=ROLE_RUN_AS_SERVER
sample.contact.ContactManager.getAllByOwner=ROLE_RUN_AS_SERVER
sample.contact.ContactManager.save=ROLE_RUN_AS_SERVER
sample.contact.ContactManager.getById=ROLE_RUN_AS_SERVER
</value>
</property>
</bean>
<!-- ======================= BUSINESS DEFINITIONS ===================== -->
<bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
<property name="interceptorNames">
<list>
<value>publicContactManagerSecurity</value>
<value>publicContactManagerTarget</value>
</list>
</property>
</bean>
<bean id="publicContactManagerTarget" class="sample.contact.ContactManagerFacade">
<property name="backend"><ref bean="backendContactManager"/></property>
</bean>
<bean id="backendContactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
<property name="interceptorNames">
<list>
<value>backendContactManagerSecurity</value>
<value>backendContactManagerTarget</value>
</list>
</property>
</bean>
<bean id="backendContactManagerTarget" class="sample.contact.ContactManagerBackend"/>
</beans>

44
samples/contacts/etc/ca/web.xml
View File

@ -15,16 +15,45 @@
Example of an application secured using Acegi Security System for Spring. Example of an application secured using Acegi Security System for Spring.
</description> </description>
<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml</param-value>
</context-param>
<filter>
<filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
<filter-class>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</filter-class>
</filter>
<filter> <filter>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name> <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<filter-class>net.sf.acegisecurity.ui.AutoIntegrationFilter</filter-class> <filter-class>net.sf.acegisecurity.ui.AutoIntegrationFilter</filter-class>
</filter> </filter>
<filter-mapping>
<filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping> <filter-mapping>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name> <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<url-pattern>/*</url-pattern> <url-pattern>/*</url-pattern>
</filter-mapping> </filter-mapping>
<!--
- Loads the root application context of this web app at startup,
- by default from "/WEB-INF/applicationContext.xml".
- Use WebApplicationContextUtils.getWebApplicationContext(servletContext)
- to access it anywhere in the web application, outside of the framework.
-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- <!--
- Servlet that dispatches request to registered handlers (Controller implementations). - Servlet that dispatches request to registered handlers (Controller implementations).
- Has its own application context, by default defined in "{servlet-name}-servlet.xml", - Has its own application context, by default defined in "{servlet-name}-servlet.xml",
@ -40,6 +69,12 @@
<load-on-startup>1</load-on-startup> <load-on-startup>1</load-on-startup>
</servlet> </servlet>
<servlet>
<servlet-name>caucho</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<!-- <!--
- Maps the contacts dispatcher to /*. - Maps the contacts dispatcher to /*.
- -
@ -49,6 +84,15 @@
<url-pattern>*.htm</url-pattern> <url-pattern>*.htm</url-pattern>
</servlet-mapping> </servlet-mapping>
<!--
- Dispatcher servlet mapping for HTTP remoting via the Caucho protocols,
- i.e. Hessian and Burlap (see caucho-servlet.xml for the controllers).
-->
<servlet-mapping>
<servlet-name>caucho</servlet-name>
<url-pattern>/caucho/*</url-pattern>
</servlet-mapping>
<welcome-file-list> <welcome-file-list>
<welcome-file>index.jsp</welcome-file> <welcome-file>index.jsp</welcome-file>
</welcome-file-list> </welcome-file-list>

73
samples/contacts/etc/filter/applicationContext.xml
View File

@ -52,6 +52,79 @@
<!-- An access decision voter that reads ROLE_* configuaration settings --> <!-- An access decision voter that reads ROLE_* configuaration settings -->
<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/> <bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
<!-- An access decision voter that reads CONTACT_OWNED_BY_CURRENT_USER configuaration settings -->
<bean id="contactSecurityVoter" class="sample.contact.ContactSecurityVoter"/>
<!-- An access decision manager used by the business objects -->
<bean id="businessAccessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
<property name="decisionVoters">
<list>
<ref bean="roleVoter"/>
<ref bean="contactSecurityVoter"/>
</list>
</property>
</bean>
<!-- ===================== SECURITY DEFINITIONS ======================= -->
<bean id="publicContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref bean="businessAccessDecisionManager"/></property>
<property name="runAsManager"><ref bean="runAsManager"/></property>
<property name="objectDefinitionSource">
<value>
sample.contact.ContactManager.delete=ROLE_SUPERVISOR,RUN_AS_SERVER
sample.contact.ContactManager.getAllByOwner=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
sample.contact.ContactManager.save=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
sample.contact.ContactManager.getById=ROLE_TELLER,RUN_AS_SERVER
</value>
</property>
</bean>
<!-- We expect all callers of the backend object to hold the role ROLE_RUN_AS_SERVER -->
<bean id="backendContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref bean="businessAccessDecisionManager"/></property>
<property name="runAsManager"><ref bean="runAsManager"/></property>
<property name="objectDefinitionSource">
<value>
sample.contact.ContactManager.delete=ROLE_RUN_AS_SERVER
sample.contact.ContactManager.getAllByOwner=ROLE_RUN_AS_SERVER
sample.contact.ContactManager.save=ROLE_RUN_AS_SERVER
sample.contact.ContactManager.getById=ROLE_RUN_AS_SERVER
</value>
</property>
</bean>
<!-- ======================= BUSINESS DEFINITIONS ===================== -->
<bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
<property name="interceptorNames">
<list>
<value>publicContactManagerSecurity</value>
<value>publicContactManagerTarget</value>
</list>
</property>
</bean>
<bean id="publicContactManagerTarget" class="sample.contact.ContactManagerFacade">
<property name="backend"><ref bean="backendContactManager"/></property>
</bean>
<bean id="backendContactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
<property name="interceptorNames">
<list>
<value>backendContactManagerSecurity</value>
<value>backendContactManagerTarget</value>
</list>
</property>
</bean>
<bean id="backendContactManagerTarget" class="sample.contact.ContactManagerBackend"/>
<!-- ===================== HTTP REQUEST SECURITY ==================== --> <!-- ===================== HTTP REQUEST SECURITY ==================== -->
<bean id="httpRequestAccessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased"> <bean id="httpRequestAccessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">

25
samples/contacts/etc/filter/web.xml
View File

@ -41,6 +41,11 @@
</init-param> </init-param>
</filter> </filter>
<filter>
<filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
<filter-class>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</filter-class>
</filter>
<filter> <filter>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name> <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<filter-class>net.sf.acegisecurity.ui.AutoIntegrationFilter</filter-class> <filter-class>net.sf.acegisecurity.ui.AutoIntegrationFilter</filter-class>
@ -60,6 +65,11 @@
<url-pattern>/*</url-pattern> <url-pattern>/*</url-pattern>
</filter-mapping> </filter-mapping>
<filter-mapping>
<filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping> <filter-mapping>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name> <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<url-pattern>/*</url-pattern> <url-pattern>/*</url-pattern>
@ -95,6 +105,12 @@
<load-on-startup>1</load-on-startup> <load-on-startup>1</load-on-startup>
</servlet> </servlet>
<servlet>
<servlet-name>caucho</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<!-- <!--
- Maps the contacts dispatcher to /*. - Maps the contacts dispatcher to /*.
- -
@ -104,6 +120,15 @@
<url-pattern>*.htm</url-pattern> <url-pattern>*.htm</url-pattern>
</servlet-mapping> </servlet-mapping>
<!--
- Dispatcher servlet mapping for HTTP remoting via the Caucho protocols,
- i.e. Hessian and Burlap (see caucho-servlet.xml for the controllers).
-->
<servlet-mapping>
<servlet-name>caucho</servlet-name>
<url-pattern>/caucho/*</url-pattern>
</servlet-mapping>
<welcome-file-list> <welcome-file-list>
<welcome-file>index.jsp</welcome-file> <welcome-file>index.jsp</welcome-file>
</welcome-file-list> </welcome-file-list>

1
samples/contacts/project.properties
View File

@ -13,3 +13,4 @@ javadocs.dir=api
jalopy.xml=${basedir}/../../jalopy.xml jalopy.xml=${basedir}/../../jalopy.xml
tmp.dir=temporary tmp.dir=temporary
etc.dir=etc etc.dir=etc
client.dir=client

107
samples/contacts/src/main/java/sample/contact/ClientApplication.java Normal file
View File

@ -0,0 +1,107 @@
/* Copyright 2004 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package sample.contact;
import org.springframework.beans.factory.ListableBeanFactory;
import org.springframework.context.support.FileSystemXmlApplicationContext;
import org.springframework.util.StopWatch;
import java.util.Iterator;
import java.util.Map;
/**
* Demonstrates accessing the {@link ContactManager} via remoting protocols.
*
* <P>
* Based on Spring's JPetStore sample, written by Juergen Hoeller.
* </p>
*
* @author Ben Alex
*/
public class ClientApplication {
//~ Instance fields ========================================================
private final ListableBeanFactory beanFactory;
//~ Constructors ===========================================================
public ClientApplication(ListableBeanFactory beanFactory) {
this.beanFactory = beanFactory;
}
//~ Methods ================================================================
public void invokeContactManager(String username, int nrOfCalls) {
StopWatch stopWatch = new StopWatch(nrOfCalls
+ " ContactManager call(s)");
Map orderServices = this.beanFactory.getBeansOfType(ContactManager.class,
true, true);
for (Iterator it = orderServices.keySet().iterator(); it.hasNext();) {
String beanName = (String) it.next();
ContactManager remoteContactManager = (ContactManager) orderServices
.get(beanName);
System.out.println("Calling ContactManager '" + beanName
+ "' for owner " + username);
stopWatch.start(beanName);
Contact[] contacts = null;
for (int i = 0; i < nrOfCalls; i++) {
contacts = remoteContactManager.getAllByOwner(username);
}
stopWatch.stop();
if (contacts.length != 0) {
for (int i = 0; i < contacts.length; i++) {
System.out.println("Contact " + i + ": "
+ contacts[i].toString());
}
} else {
System.out.println("No contacts found belonging to owner");
}
System.out.println();
}
System.out.println(stopWatch.prettyPrint());
}
public static void main(String[] args) {
if ((args.length == 0) || "".equals(args[0])) {
System.out.println(
"You need to specify a user ID and optionally a number of calls, e.g. for user marissa: "
+ "'client marissa' for a single call per service or 'client marissa 10' for 10 calls each");
} else {
String username = args[0];
int nrOfCalls = 1;
if ((args.length > 1) && !"".equals(args[1])) {
nrOfCalls = Integer.parseInt(args[1]);
}
ListableBeanFactory beanFactory = new FileSystemXmlApplicationContext(
"clientContext.xml");
ClientApplication client = new ClientApplication(beanFactory);
client.invokeContactManager(username, nrOfCalls);
}
}
}

28
samples/contacts/war/WEB-INF/caucho-servlet.xml Normal file
View File

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Contacts web application
- $Id$
-->
<beans>
<!-- Hessian exporter for the ContactManager -->
<!-- Hessian is a slim binary HTTP remoting protocol -->
<bean name="/ContactManager-hessian" class="org.springframework.remoting.caucho.HessianServiceExporter">
<property name="service"><ref bean="contactManager"/></property>
<property name="serviceInterface">
<value>sample.contact.ContactManager</value>
</property>
</bean>
<!-- Burlap exporter for the ContactManager -->
<!-- Burlap is a slim XML-based HTTP remoting protocol -->
<bean name="/ContactManager-burlap" class="org.springframework.remoting.caucho.BurlapServiceExporter">
<property name="service"><ref bean="contactManager"/></property>
<property name="serviceInterface">
<value>sample.contact.ContactManager</value>
</property>
</bean>
</beans>

122
samples/contacts/war/WEB-INF/contacts-servlet.xml
View File

@ -51,126 +51,4 @@
<property name="suffix"><value>.jsp</value></property> <property name="suffix"><value>.jsp</value></property>
</bean> </bean>
<!-- =================== SECURITY SYSTEM DEFINITIONS ================== -->
<!-- RunAsManager -->
<bean id="runAsManager" class="net.sf.acegisecurity.runas.RunAsManagerImpl">
<property name="key"><value>my_run_as_password</value></property>
</bean>
<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHENTICATION DEFINITIONS ~~~~~~~~~~~~~~~~~~ -->
<bean id="runAsAuthenticationProvider" class="net.sf.acegisecurity.runas.RunAsImplAuthenticationProvider">
<property name="key"><value>my_run_as_password</value></property>
</bean>
<bean id="authByAdapterProvider" class="net.sf.acegisecurity.adapters.AuthByAdapterProvider">
<property name="key"><value>my_password</value></property>
</bean>
<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="runAsAuthenticationProvider"/>
<ref bean="authByAdapterProvider"/>
<ref bean="daoAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="inMemoryDaoImpl" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
<property name="userMap">
<value>
marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
dianne=emu,ROLE_TELLER
scott=wombat,ROLE_TELLER
peter=opal,disabled,ROLE_TELLER
</value>
</property>
</bean>
<bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="authenticationDao"><ref bean="inMemoryDaoImpl"/></property>
<property name="ignorePasswordCase"><value>false</value></property>
<property name="ignoreUsernameCase"><value>true</value></property>
</bean>
<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~~~~ -->
<!-- An access decision voter that reads ROLE_* configuaration settings -->
<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
<!-- An access decision voter that reads CONTACT_OWNED_BY_CURRENT_USER configuaration settings -->
<bean id="contactSecurityVoter" class="sample.contact.ContactSecurityVoter"/>
<!-- An affirmative access decision manager -->
<bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
<property name="decisionVoters">
<list>
<ref bean="roleVoter"/>
<ref bean="contactSecurityVoter"/>
</list>
</property>
</bean>
<!-- ===================== SECURITY DEFINITIONS ======================= -->
<bean id="publicContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
<property name="runAsManager"><ref bean="runAsManager"/></property>
<property name="objectDefinitionSource">
<value>
sample.contact.ContactManager.delete=ROLE_SUPERVISOR,RUN_AS_SERVER
sample.contact.ContactManager.getAllByOwner=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
sample.contact.ContactManager.save=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
sample.contact.ContactManager.getById=ROLE_TELLER,RUN_AS_SERVER
</value>
</property>
</bean>
<!-- We expect all callers of the backend object to hold the role ROLE_RUN_AS_SERVER -->
<bean id="backendContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
<property name="runAsManager"><ref bean="runAsManager"/></property>
<property name="objectDefinitionSource">
<value>
sample.contact.ContactManager.delete=ROLE_RUN_AS_SERVER
sample.contact.ContactManager.getAllByOwner=ROLE_RUN_AS_SERVER
sample.contact.ContactManager.save=ROLE_RUN_AS_SERVER
sample.contact.ContactManager.getById=ROLE_RUN_AS_SERVER
</value>
</property>
</bean>
<!-- ======================= BUSINESS DEFINITIONS ===================== -->
<bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
<property name="interceptorNames">
<list>
<value>publicContactManagerSecurity</value>
<value>publicContactManagerTarget</value>
</list>
</property>
</bean>
<bean id="publicContactManagerTarget" class="sample.contact.ContactManagerFacade">
<property name="backend"><ref bean="backendContactManager"/></property>
</bean>
<bean id="backendContactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
<property name="interceptorNames">
<list>
<value>backendContactManagerSecurity</value>
<value>backendContactManagerTarget</value>
</list>
</property>
</bean>
<bean id="backendContactManagerTarget" class="sample.contact.ContactManagerBackend"/>
</beans> </beans>