From 7eefbd3bb20c69dff85ca281a1f7f16283ef48df Mon Sep 17 00:00:00 2001 From: Ben Alex Date: Fri, 9 Apr 2004 05:41:42 +0000 Subject: [PATCH] Update to use contextConfigLocation. --- .../AuthenticationProcessingFilter.java | 8 +- .../web/SecurityEnforcementFilterTests.java | 14 ++-- .../AuthenticationProcessingFilterTests.java | 30 +++---- docs/reference/src/index.xml | 83 +++++++++++-------- 4 files changed, 73 insertions(+), 62 deletions(-) diff --git a/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java b/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java index ba08b40d3e..cb343faba3 100644 --- a/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java +++ b/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java @@ -76,7 +76,7 @@ import javax.servlet.http.HttpServletResponse; * WebApplicationContextUtils#getWebApplicationContext(ServletContext sc)} * method to obtain an ApplicationContext instance, inside which must be a * configured AuthenticationManager instance. In the case where it is - * desireable for this filter to instantiate its own ApplicationContext + * desirable for this filter to instantiate its own ApplicationContext * instance from which to obtain the AuthenticationManager, the location of * the config for this context may be specified with the optional * appContextLocation init param. @@ -105,7 +105,7 @@ import javax.servlet.http.HttpServletResponse; * /j_acegi_security_check. * *
  • - * appContextLocation (optional, normally not used), indicates the + * contextConfigLocation (optional, normally not used), indicates the * path to an application context that contains an {@link * AuthenticationManager} which should be used to process each authentication * request. If not specified, {@link @@ -116,7 +116,7 @@ import javax.servlet.http.HttpServletResponse; * * * @author Ben Alex - * @author colin sampaleanu + * @author Colin Sampaleanu * @version $Id$ */ public class AuthenticationProcessingFilter implements Filter { @@ -126,7 +126,7 @@ public class AuthenticationProcessingFilter implements Filter { * Name of (optional) servlet filter parameter that can specify the config * location for a new ApplicationContext used to config this filter. */ - public static final String CONFIG_LOCATION_PARAM = "appContextLocation"; + public static final String CONFIG_LOCATION_PARAM = "contextConfigLocation"; public static final String ACEGI_SECURITY_TARGET_URL_KEY = "ACEGI_SECURITY_TARGET_URL"; public static final String ACEGI_SECURITY_FORM_USERNAME_KEY = "j_username"; public static final String ACEGI_SECURITY_FORM_PASSWORD_KEY = "j_password"; diff --git a/core/src/test/java/org/acegisecurity/intercept/web/SecurityEnforcementFilterTests.java b/core/src/test/java/org/acegisecurity/intercept/web/SecurityEnforcementFilterTests.java index 1aacc9364a..0c4c3a258c 100644 --- a/core/src/test/java/org/acegisecurity/intercept/web/SecurityEnforcementFilterTests.java +++ b/core/src/test/java/org/acegisecurity/intercept/web/SecurityEnforcementFilterTests.java @@ -132,11 +132,11 @@ public class SecurityEnforcementFilterTests extends TestCase { request.getSession().getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY)); } - public void testStartupDetectsInvalidAppContextLocation() + public void testStartupDetectsInvalidcontextConfigLocation() throws Exception { MockFilterConfig config = new MockFilterConfig(); config.setInitParmeter("loginFormUrl", "/login.jsp"); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/intercept/web/securityfiltertest-invalid.xml"); SecurityEnforcementFilter filter = new SecurityEnforcementFilter(); @@ -163,7 +163,7 @@ public class SecurityEnforcementFilterTests extends TestCase { assertTrue(expected.getMessage().startsWith("Error obtaining/creating ApplicationContext for config.")); } - config.setInitParmeter("appContextLocation", ""); + config.setInitParmeter("contextConfigLocation", ""); try { filter.init(config); @@ -173,11 +173,11 @@ public class SecurityEnforcementFilterTests extends TestCase { } } - public void testStartupDetectsMissingInvalidAppContextLocation() + public void testStartupDetectsMissingInvalidcontextConfigLocation() throws Exception { MockFilterConfig config = new MockFilterConfig(); config.setInitParmeter("loginFormUrl", "/login.jsp"); - config.setInitParmeter("appContextLocation", "DOES_NOT_EXIST"); + config.setInitParmeter("contextConfigLocation", "DOES_NOT_EXIST"); SecurityEnforcementFilter filter = new SecurityEnforcementFilter(); @@ -192,7 +192,7 @@ public class SecurityEnforcementFilterTests extends TestCase { public void testStartupDetectsMissingLoginFormUrl() throws Exception { MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/intercept/web/securityfiltertest-valid.xml"); SecurityEnforcementFilter filter = new SecurityEnforcementFilter(); @@ -237,7 +237,7 @@ public class SecurityEnforcementFilterTests extends TestCase { public void testSuccessfulStartupAndShutdownDown() throws Exception { MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/intercept/web/securityfiltertest-valid.xml"); config.setInitParmeter("loginFormUrl", "/login.jsp"); diff --git a/core/src/test/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterTests.java b/core/src/test/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterTests.java index 0992b664cc..430998c6a2 100644 --- a/core/src/test/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterTests.java +++ b/core/src/test/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterTests.java @@ -102,7 +102,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { // Setup our filter configuration MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-valid.xml"); config.setInitParmeter("defaultTargetUrl", "/"); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); @@ -133,7 +133,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { // Setup our filter configuration MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-valid.xml"); config.setInitParmeter("defaultTargetUrl", "/"); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); @@ -163,7 +163,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { // Setup our filter configuration MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-valid.xml"); config.setInitParmeter("defaultTargetUrl", "/"); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); @@ -190,7 +190,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { // Setup our filter configuration MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-valid.xml"); config.setInitParmeter("defaultTargetUrl", "/"); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); @@ -222,7 +222,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { // Setup our filter configuration MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-valid.xml"); config.setInitParmeter("defaultTargetUrl", "/"); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); @@ -251,7 +251,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { // Setup our filter configuration MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-valid.xml"); config.setInitParmeter("defaultTargetUrl", "/"); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); @@ -268,12 +268,12 @@ public class AuthenticationProcessingFilterTests extends TestCase { assertTrue(request.getSession().getAttribute(HttpSessionIntegrationFilter.ACEGI_SECURITY_AUTHENTICATION_KEY) == null); } - public void testStartupDetectsInvalidAppContextLocation() + public void testStartupDetectsInvalidcontextConfigLocation() throws Exception { MockFilterConfig config = new MockFilterConfig(); config.setInitParmeter("defaultTargetUrl", "/"); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-invalid.xml"); AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter(); @@ -301,7 +301,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { assertTrue(expected.getMessage().startsWith("Error obtaining/creating ApplicationContext for config.")); } - config.setInitParmeter("appContextLocation", ""); + config.setInitParmeter("contextConfigLocation", ""); try { filter.init(config); @@ -314,7 +314,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { public void testStartupDetectsMissingAuthenticationFailureUrl() throws Exception { MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-valid.xml"); config.setInitParmeter("defaultTargetUrl", "/"); @@ -343,7 +343,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { throws Exception { MockFilterConfig config = new MockFilterConfig(); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-valid.xml"); AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter(); @@ -367,12 +367,12 @@ public class AuthenticationProcessingFilterTests extends TestCase { } } - public void testStartupDetectsMissingInvalidAppContextLocation() + public void testStartupDetectsMissingInvalidcontextConfigLocation() throws Exception { MockFilterConfig config = new MockFilterConfig(); config.setInitParmeter("defaultTargetUrl", "/"); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); - config.setInitParmeter("appContextLocation", "DOES_NOT_EXIST"); + config.setInitParmeter("contextConfigLocation", "DOES_NOT_EXIST"); AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter(); @@ -397,7 +397,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { // Setup our filter configuration MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-valid.xml"); config.setInitParmeter("defaultTargetUrl", "/"); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); @@ -442,7 +442,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { // Setup our filter configuration MockFilterConfig config = new MockFilterConfig(); - config.setInitParmeter("appContextLocation", + config.setInitParmeter("contextConfigLocation", "net/sf/acegisecurity/ui/webapp/filtertest-valid.xml"); config.setInitParmeter("defaultTargetUrl", "/"); config.setInitParmeter("authenticationFailureUrl", "/failed.jsp"); diff --git a/docs/reference/src/index.xml b/docs/reference/src/index.xml index 4670ac8156..8212fdc816 100644 --- a/docs/reference/src/index.xml +++ b/docs/reference/src/index.xml @@ -7,7 +7,7 @@ Reference Documentation - 0.4 + 0.5 @@ -368,7 +368,7 @@ Whilst this may seem quite involved, don't worry. Developers interact with the security process by simply implementing basic interfaces (such as AccessDecisionManager), which - are fully documented below. + are fully documented below. The AbstractSecurityInterceptor handles the majority of the flow listed above. Each secure object has its own @@ -517,10 +517,6 @@ provided below: <filter> <filter-name>Acegi HTTP Request Security Filter</filter-name> <filter-class>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</filter-class> - <init-param> - <param-name>appContextLocation</param-name> - <param-value>web-filters-acegisecurity.xml</param-value> - </init-param> <init-param> <param-name>loginFormUrl</param-name> <param-value>/acegilogin.jsp</param-value> @@ -532,22 +528,31 @@ <url-pattern>/*</url-pattern> </filter-mapping> - As shown above, an appContextLocation - indicates the location of a Spring XML application context. In the - example above, this file should be placed at the root of the web - application's classpath (in the WEB-INF/classes - directory). The loginFormUrl is where the filter - will redirect the user's browser if they request a secure HTTP - resource but they are not authenticated. If the user is authenticated, - a "403 Forbidden" response will be returned to the browser. All paths - are relative to the web application root. + The loginFormUrl is where the filter will + redirect the user's browser if they request a secure HTTP resource but + they are not authenticated. If the user is authenticated, a "403 + Forbidden" response will be returned to the browser. All paths are + relative to the web application root. - The SecurityEnforcementFilter will load the - Spring XML application context expressed in the - appContextLocation. It will expect to find in this - application context a properly configured - FilterSecurityInterceptor. The configuration of the - FilterSecurityInterceptor is very similar to the + To perform its function, the + SecurityEnforcementFilter will need to delegate to + a properly configured FilterSecurityInterceptor. To + do this it requires access to a Spring application context, which is + usually obtained from + WebApplicationContextUtils.getWebApplicationContext(ServletContext). + This is usually made available by using Spring's + ContextLoaderListener in + web.xml. Alternatively, the + web.xml can be used to define a filter + <init-param> named + contextConfigLocation. This initialization + parameter will represent a path to a Spring XML application context + that the SecurityEnforcementFilter will load during + startup. + + The configuration of the + FilterSecurityInterceptor in the Spring application + context is very similar to the MethodSecurityInterceptor: <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor"> @@ -1470,10 +1475,6 @@ public boolean supports(Class clazz); <filter> <filter-name>Acegi Authentication Processing Filter</filter-name> <filter-class>net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter</filter-class> - <init-param> - <param-name>appContextLocation</param-name> - <param-value>web-filters-acegisecurity.xml</param-value> - </init-param> <init-param> <param-name>authenticationFailureUrl</param-name> <param-value>/acegilogin.jsp?login_error=1</param-value> @@ -1493,14 +1494,23 @@ public boolean supports(Class clazz); <url-pattern>/*</url-pattern> </filter-mapping> - The appContextLocation specifies the location - of a Spring XML application context. In the example above the root of - the classpath is used, so the XML file should be placed in - WEB-INF/classes. The - AuthenticationProcessingFilter will load this - application context, expecting to find a properly configured - AuthenticationManager. It will use this - AuthenticationManager to process each + To perform its function, the + AuthenticationProcessingFilter will need to + delegate to a properly configured + AuthenticationManager. To do this it requires + access to a Spring application context, which is usually obtained from + WebApplicationContextUtils.getWebApplicationContext(ServletContext). + This is usually made available by using Spring's + ContextLoaderListener in + web.xml. Alternatively, the + web.xml can be used to define a filter + <init-param> named + contextConfigLocation. This initialization + parameter will represent a path to a Spring XML application context + that the AuthenticationProcessingFilter will load + during startup. + + The AuthenticationManager processes each authentication request. If authentication fails, the browser will be redirected to the authenticationFailureUrl. The AuthenticationException will be placed into the @@ -1515,9 +1525,10 @@ public boolean supports(Class clazz); This becomes the "well-known location" from which the Authentication object is later extracted. - Once the HttpSession has been updated, the browser will need to - be redirected to the target URL. The target URL is usually indicated - by the HttpSession attribute specified by + Once the HttpSession has been updated, the + browser will need to be redirected to the target URL. The target URL + is usually indicated by the HttpSession attribute + specified by AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY. This attribute is automatically set by the SecurityEnforcementFilter when an