Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-26 13:53:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enhance tutorial to also demonstrate Spring Security method

Browse Source 
authorization, and add a services layer accordingly.
This commit is contained in:
Ben Alex 2007-12-14 02:26:27 +00:00
parent fa510b3187
commit 77d286c36f
4 changed files with 46 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
samples/tutorial/pom.xml
View File

@ -11,15 +11,25 @@
<name>Spring Security - Tutorial sample</name> <name>Spring Security - Tutorial sample</name>
<packaging>war</packaging> <packaging>war</packaging>
<dependencies> <dependencies>
<dependency> <dependency>
<groupId>org.springframework.security</groupId> <groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId> <artifactId>spring-security-core</artifactId>
<version>${project.version}</version> <version>${project.version}</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework</groupId> <groupId>org.springframework.security</groupId>
<artifactId>spring-web</artifactId> <artifactId>spring-security-core-tiger</artifactId>
</dependency> <version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency> <dependency>
<groupId>org.springframework</groupId> <groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId> <artifactId>spring-jdbc</artifactId>

10
samples/tutorial/src/main/webapp/WEB-INF/applicationContext-security-ns.xml
View File

@ -12,9 +12,15 @@
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<annotation-driven/>
<http auto-config="true"> <http auto-config="true">
<intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/> <intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
<intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_REMEMBERED" /> <intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_REMEMBERED" />
<!-- Disable web URI authorization, as we're using <annotation-driven> and have @Secured the services layer instead
<intercept-url pattern="/listAccounts.html" access="IS_AUTHENTICATED_REMEMBERED" />
<intercept-url pattern="/post.html" access="ROLE_TELLER" />
-->
<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<!-- All of this is unnecessary if auto-config="true" <!-- All of this is unnecessary if auto-config="true"
@ -32,8 +38,8 @@
<repository> <repository>
<user-service hash="md5-hex"> <user-service hash="md5-hex">
<user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR,ROLE_USER" /> <!-- koala --> <user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR,ROLE_USER,ROLE_TELLER" /> <!-- koala -->
<user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER" /> <!-- emu --> <user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" /> <!-- emu -->
<user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" /> <!-- wombat --> <user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" /> <!-- wombat -->
<user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" /> <!-- opal --> <user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" /> <!-- opal -->
</user-service> </user-service>

17
samples/tutorial/src/main/webapp/WEB-INF/web.xml
View File

@ -11,7 +11,7 @@
<web-app> <web-app>
<display-name>Acegi Security Tutorial Application</display-name> <display-name>Spring Security Tutorial Application</display-name>
<!-- <!--
- Location of the XML file that defines the root application context - Location of the XML file that defines the root application context
@ -20,6 +20,7 @@
<context-param> <context-param>
<param-name>contextConfigLocation</param-name> <param-name>contextConfigLocation</param-name>
<param-value> <param-value>
classpath:applicationContext-business.xml
/WEB-INF/applicationContext-security-ns.xml /WEB-INF/applicationContext-security-ns.xml
</param-value> </param-value>
</context-param> </context-param>
@ -50,6 +51,20 @@
<listener> <listener>
<listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class> <listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>
</listener> </listener>
<!--
- Provides core MVC application controller. See contacts-servlet.xml.
-->
<servlet>
<servlet-name>bank</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>bank</servlet-name>
<url-pattern>*.html</url-pattern>
</servlet-mapping>
<welcome-file-list> <welcome-file-list>
<welcome-file>index.jsp</welcome-file> <welcome-file>index.jsp</welcome-file>

3
samples/tutorial/src/main/webapp/index.jsp
View File

@ -3,6 +3,9 @@
<h1>Home Page</h1> <h1>Home Page</h1>
Anyone can view this page.<br><br> Anyone can view this page.<br><br>
If you're logged in, you can <a href="listAccounts.html">list accounts</a>.<br><br>
Your principal object is....: <%= request.getUserPrincipal() %><br><br> Your principal object is....: <%= request.getUserPrincipal() %><br><br>
<p><a href="secure/index.jsp">Secure page</a> <p><a href="secure/index.jsp">Secure page</a>