SEC-271: Moved spring security namespaces cnfig code to sandbox

This commit is contained in:
Vishal Puri 2007-05-25 03:17:12 +00:00
parent a8b402462e
commit b30162191e
45 changed files with 37 additions and 2903 deletions

View File

@ -1,50 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.acegisecurity.ui.AccessDeniedHandler;
import org.acegisecurity.ui.ExceptionTranslationFilter;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.util.Assert;
/**
* @author vpuri
*
*/
public class AccessDeniedHandlerBeanDefinitionLocator implements BeanFactoryPostProcessor {
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
Map m = beanFactory.getBeansOfType(AccessDeniedHandler.class);
List l = new ArrayList(m.values());
if (m.size() > 1) {
throw new IllegalArgumentException(
"More than one AccessDeniedHandler beans detected please refer to the one using "
+ " [ accessDeniedBeanRef ] " + "attribute");
}
else if (m.size() == 1) {
// use this
String[] names = beanFactory.getBeanNamesForType(ExceptionTranslationFilter.class);
Assert.notEmpty(names, "No bean of type ExceptionTranslationFilter found in ApplicationContext");
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[0]);
Assert.isAssignable(AccessDeniedHandler.class, l.get(0).getClass());
definition.getPropertyValues().addPropertyValue("accessDeniedHandler", l.get(0));
}
else {
// use the default one for now
}
}
}

View File

@ -1,73 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.providers.ProviderManager;
import org.springframework.beans.factory.config.BeanDefinitionHolder;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.ManagedList;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
import org.springframework.beans.factory.xml.BeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
/**
* @author vpuri
*
*/
public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDefinitionParser implements
BeanDefinitionParser {
private static final String AUTHENTICATION_JDBC = "authentication-jdbc";
private static final String REF = "ref";
private boolean providerExists = false;
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
ManagedList providers = new ManagedList();
Assert.notNull(parserContext, "ParserContext must not be null");
RootBeanDefinition authMechanismBeanDef = new RootBeanDefinition(ProviderManager.class);
NodeList childNodes = element.getChildNodes();
for (int i = 0, n = childNodes.getLength(); i < n; i++) {
Node node = childNodes.item(i);
if (node.getNodeType() == Node.ELEMENT_NODE) {
Element childElement = (Element) node;
this.providerExists = true;
if (AUTHENTICATION_JDBC.equals(node.getLocalName())) {
String attribute = childElement.getAttribute(REF);
if (StringUtils.hasLength(attribute)) {
// create a beandefinition
providers.add(new RuntimeBeanReference(attribute));
}
}
// TODO:Add other providers here
}
authMechanismBeanDef.getPropertyValues().addPropertyValue("providers", providers);
}
if (!this.providerExists) {
RootBeanDefinition rootBeanDefinition = new RootBeanDefinition(AuthenticationProviderOrderResolver.class);
BeanDefinitionHolder beanDefinitionHolder = new BeanDefinitionHolder(rootBeanDefinition,
"providerOrderResolver");
registerBeanDefinition(beanDefinitionHolder, parserContext.getRegistry());
}
return authMechanismBeanDef;
}
}

View File

@ -1,58 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
import org.springframework.beans.factory.xml.BeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
/**
* @author vpuri
*
*/
public class AuthenticationProcessingFilterBeanDefinitionParser extends AbstractBeanDefinitionParser implements
BeanDefinitionParser {
// ~ Instance fields
// ================================================================================================
private static final String AUTHENTICATION_URL = "authenticationUrl";
private static final String ERROR_FORM_URL = "errorFormUrl";
private static final String DEFAULT_TARGET_URL = "defaultTargetUrl";
// ~ Methods
// ================================================================================================
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
RootBeanDefinition definition = new RootBeanDefinition(AuthenticationProcessingFilter.class);
setPropertyIfAvailable(element, AUTHENTICATION_URL, "filterProcessesUrl", definition);
setPropertyIfAvailable(element, ERROR_FORM_URL, "authenticationFailureUrl", definition);
setPropertyIfAvailable(element, DEFAULT_TARGET_URL, "defaultTargetUrl", definition);
// register BFPP to re-unite all other collaborators
RootBeanDefinition postProcessor = new RootBeanDefinition(
AuthenticationProcessingFilterDependenciesConfigurer.class);
parserContext.getReaderContext().registerWithGeneratedName(postProcessor);
return definition;
}
private void setPropertyIfAvailable(Element element, String attribute, String property,
RootBeanDefinition definition) {
String propertyValue = element.getAttribute(attribute);
if (StringUtils.hasText(propertyValue)) {
definition.getPropertyValues().addPropertyValue(property, propertyValue);
}
}
}

View File

@ -1,43 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.AuthenticationManager;
import org.acegisecurity.ui.rememberme.RememberMeServices;
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.support.RootBeanDefinition;
/**
* @author vpuri
*
*/
public class AuthenticationProcessingFilterDependenciesConfigurer implements BeanFactoryPostProcessor {
// ~ Methods
// ================================================================================================
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
String [] authenticationProcessingFilter = beanFactory.getBeanNamesForType(AuthenticationProcessingFilter.class);
RootBeanDefinition def = (RootBeanDefinition)beanFactory.getBeanDefinition(authenticationProcessingFilter[0]);
String[] remServiceNames = beanFactory.getBeanNamesForType(RememberMeServices.class);
RootBeanDefinition rememberMeServices = (RootBeanDefinition) beanFactory.getBeanDefinition(remServiceNames[0]);
if (remServiceNames.length > 0)
def.getPropertyValues()
.addPropertyValue("rememberMeServices", rememberMeServices);
String[] authManager = beanFactory.getBeanNamesForType(AuthenticationManager.class);
RootBeanDefinition authenticationManager = (RootBeanDefinition) beanFactory.getBeanDefinition(authManager[0]);
if (authManager.length > 0)
def.getPropertyValues().addPropertyValue("authenticationManager", authenticationManager);
}
}

View File

@ -1,46 +0,0 @@
package org.acegisecurity.config;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import org.acegisecurity.AuthenticationManager;
import org.acegisecurity.providers.AuthenticationProvider;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.support.ManagedList;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.core.OrderComparator;
public class AuthenticationProviderOrderResolver implements BeanFactoryPostProcessor {
/**
*
*/
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
// retrieve all the AuthenticationProvider instances
ManagedList providers = retrieveAllAuthenticationProviders(beanFactory);
String[] names = beanFactory.getBeanNamesForType(AuthenticationManager.class);
RootBeanDefinition definition = (RootBeanDefinition)beanFactory.getBeanDefinition(names[0]);
definition.getPropertyValues().addPropertyValue("providers",providers);
}
/**
*
* @param beanFactory
* @return
*/
private ManagedList retrieveAllAuthenticationProviders(ConfigurableListableBeanFactory beanFactory) {
String[] m = beanFactory.getBeanNamesForType(AuthenticationProvider.class);
ManagedList l = new ManagedList();
for(int i=0;i<m.length;i++){
RootBeanDefinition def = (RootBeanDefinition)beanFactory.getBeanDefinition(m[i]);
l.add(def);
}
Collections.sort(l, new OrderComparator());
return l;
}
}

View File

@ -1,196 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
import org.acegisecurity.providers.dao.salt.ReflectionSaltSource;
import org.acegisecurity.providers.dao.salt.SystemWideSaltSource;
import org.acegisecurity.providers.encoding.Md5PasswordEncoder;
import org.springframework.beans.factory.config.BeanDefinitionHolder;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.util.xml.DomUtils;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
/**
* @author vpuri
*
*/
public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser {
// ~ Instance fields
// ================================================================================================
private static final String REPOSITORY_BEAN_REF = "repositoryBeanRef";
private static final String USER_DETAILS_SERVICE = "userDetailsService";
private static final String SALT_SOURCE_ELEMENT = "salt-source";
private static final String SALT_SOURCE_REF = "saltSourceBeanRef";
private static final String SYSTEM_WIDE_SALT_SOURCE = "system-wide";
private static final String REFLECTION_SALT_SOURCE = "reflection";
private static final String PASSWORD_ENCODER_ELEMENT = "password-encoder";
private static final String PASSWORD_ENCODER_REF = "encoderBeanRef";
private static final String PASSWORD_ENCODER = "encoder";
// ~ Method
// ================================================================================================
/**
* TODO: Document Me !!!
*/
public AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
Assert.notNull(parserContext, "ParserContext must not be null");
RootBeanDefinition repositoryBeanDef = new RootBeanDefinition(DaoAuthenticationProvider.class);
// check if saltSource is defined
Element saltSourceEle = DomUtils.getChildElementByTagName(element, SALT_SOURCE_ELEMENT);
setSaltSourceProperty(repositoryBeanDef, saltSourceEle);
Element passwordEncoderEle = DomUtils.getChildElementByTagName(element, PASSWORD_ENCODER_ELEMENT);
setPasswordEncoderProperty(repositoryBeanDef, passwordEncoderEle);
// if repositoryBeanRef is specified use its referred bean
String userDetailsRef = element.getAttribute(REPOSITORY_BEAN_REF);
if (StringUtils.hasLength(userDetailsRef)) {
repositoryBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE,
new RuntimeBeanReference(userDetailsRef));
}
else {
// autodetect userDetailsService from App Context
RootBeanDefinition depConfigurer = new RootBeanDefinition(
AuthenticationRepositoryDependenciesConfigurer.class);
BeanDefinitionHolder holder = new BeanDefinitionHolder(depConfigurer, parserContext.getReaderContext().generateBeanName(depConfigurer));
registerBeanDefinition(holder, parserContext.getRegistry());
}
return repositoryBeanDef;
}
/**
*
* @param repositoryBeanDef
* @param element
*/
private void setSaltSourceProperty(RootBeanDefinition repositoryBeanDef, Element element) {
if (element != null) {
setBeanReferenceOrInnerBeanDefinitions(repositoryBeanDef, element, "saltSource", element
.getAttribute(SALT_SOURCE_REF));
}
}
/**
*
* @param repositoryBeanDef
* @param element
*/
private void setPasswordEncoderProperty(RootBeanDefinition repositoryBeanDef, Element element) {
if (element != null) {
setBeanReferenceOrInnerBeanDefinitions(repositoryBeanDef, element, "passwordEncoder", element
.getAttribute(PASSWORD_ENCODER_REF));
}
}
/**
*
* @param repositoryBeanDef
* @param element
* @param property
* @param reference
*/
private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition repositoryBeanDef, Element element,
String property, String reference) {
// check for encoderBeanRef attribute
if (StringUtils.hasLength(reference)) {
repositoryBeanDef.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(reference));
}
else {
doSetInnerBeanDefinitions(repositoryBeanDef, element, property);
}
}
/**
*
* @param repositoryBeanDef
* @param element
* @param property
*/
private void doSetInnerBeanDefinitions(RootBeanDefinition repositoryBeanDef, Element element, String property) {
NodeList children = element.getChildNodes();
for (int i = 0, n = children.getLength(); i < n; i++) {
Node node = children.item(i);
if (node.getNodeType() == Node.ELEMENT_NODE) {
Element childElement = (Element) node;
RootBeanDefinition innerBeanDefinition = null;
if (SYSTEM_WIDE_SALT_SOURCE.equals(node.getLocalName())) {
innerBeanDefinition = createSystemWideSaltSource(childElement);
repositoryBeanDef.getPropertyValues().addPropertyValue(property, innerBeanDefinition);
}
else if (REFLECTION_SALT_SOURCE.equals(node.getLocalName())) {
innerBeanDefinition = createReflectionSaltSource(childElement);
repositoryBeanDef.getPropertyValues().addPropertyValue(property, innerBeanDefinition);
}
if (PASSWORD_ENCODER.equals(node.getLocalName())) {
RootBeanDefinition passwordEncoderInnerBeanDefinition = createPasswordEncoder(childElement);
repositoryBeanDef.getPropertyValues()
.addPropertyValue(property, passwordEncoderInnerBeanDefinition);
}
}
}
}
/**
*
* @param childElement
* @return
*/
private RootBeanDefinition createPasswordEncoder(Element childElement) {
String attributeValue = childElement.getAttribute("method");
RootBeanDefinition definition = null;
// TODO: add other encoders support
if (attributeValue.equals("md5")) {
definition = new RootBeanDefinition(Md5PasswordEncoder.class);
}
return definition;
}
/**
*
* @param saltSourceTypeElement
* @return
*/
private RootBeanDefinition createReflectionSaltSource(Element saltSourceTypeElement) {
RootBeanDefinition definition = new RootBeanDefinition(ReflectionSaltSource.class);
definition.getPropertyValues().addPropertyValue("userPropertyToUse",
saltSourceTypeElement.getAttribute("userPropertyToUse"));
return definition;
}
/**
*
* @param saltSourceTypeElement
* @return
*/
private RootBeanDefinition createSystemWideSaltSource(Element saltSourceTypeElement) {
RootBeanDefinition definition = new RootBeanDefinition(SystemWideSaltSource.class);
definition.getPropertyValues().addPropertyValue("systemWideSalt",
saltSourceTypeElement.getAttribute("systemWideSalt"));
return definition;
}
}

View File

@ -1,37 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
import org.acegisecurity.userdetails.UserDetailsService;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.RootBeanDefinition;
/**
* @author vpuri
*
*/
public class AuthenticationRepositoryDependenciesConfigurer implements BeanFactoryPostProcessor {
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
System.out.println("whyyyy??????");
String[] userDetailServices = beanFactory.getBeanNamesForType(UserDetailsService.class);
String[] authenticationProvider = beanFactory.getBeanNamesForType(DaoAuthenticationProvider.class);
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(authenticationProvider[0]);
// there should be only one principal-repository defined, pick the first
// one
if (userDetailServices.length != 0) {
definition.getPropertyValues().addPropertyValue("userDetailsService",
new RuntimeBeanReference(userDetailServices[0]));
}
}
}

View File

@ -1,78 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.context.HttpSessionContextIntegrationFilter;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.core.Conventions;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
/**
*
* @author vpuri
*
*/
public class ContextIntegrationBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
private static final String HTTP_SESSION_CONTEXT_INTEGRATION = "session-context-integration";
private static final String SESSION_CREATION = "sessionCreation";
private static final String IF_REQUIRED = "ifRequired";
private static final String ALWAYS = "always";
private static final String NEVER = "never";
protected Class getBeanClass(Element element) {
return HttpSessionContextIntegrationFilter.class;
}
protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
NamedNodeMap attributes = element.getAttributes();
for (int x = 0; x < attributes.getLength(); x++) {
Attr attribute = (Attr) attributes.item(x);
String attributeName = attribute.getLocalName();
if ( !ID_ATTRIBUTE.equals(attributeName)) {
if (attributeName.equals(SESSION_CREATION)) {
String sessionCreation = element.getAttribute(SESSION_CREATION);
if(sessionCreation.equals(IF_REQUIRED)) {
builder.addPropertyValue("allowSessionCreation", Boolean.TRUE);
}
if(sessionCreation.equals(ALWAYS)) {
builder.addPropertyValue("allowSessionCreation", Boolean.TRUE);
}
if(sessionCreation.equals(NEVER)) {
builder.addPropertyValue("allowSessionCreation", Boolean.FALSE);
}
}
else{
String propertyName = Conventions.attributeNameToPropertyName(attributeName);
Assert.state(StringUtils.hasText(propertyName),
"Illegal property name returned from 'extractPropertyName(String)': cannot be null or empty.");
builder.addPropertyValue(propertyName, attribute.getValue());
}
}
}
}
}

View File

@ -1,121 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.ui.AccessDeniedHandlerImpl;
import org.acegisecurity.ui.ExceptionTranslationFilter;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.util.StringUtils;
import org.springframework.util.xml.DomUtils;
import org.w3c.dom.Element;
/**
* Basically accessDeniedUrl is optional, we if unspecified impl will
* auto-detect any AccessDeniedHandler in ctx and use it; alternately if there
* are > 1 such handlers, we can nominate the one to use via
* accessDeniedBeanRef;
*
* @author vpuri
* @since
*/
public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBeanDefinitionParser {
private static final String ACCESS_DENIED = "access-denied";
private static final String ACCESS_DENIED_REF = "accessDeniedBeanRef";
private static final String ACCESS_DENIED_URL = "accessDeniedUrl";
private static final String ENTRY_POINT = "entry-point";
private static final String ENTRY_POINT_REF ="entryPointBeanRef";
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
RootBeanDefinition exceptionFilterDef = new RootBeanDefinition(ExceptionTranslationFilter.class);
// add handler
Element accessDeniedElement = DomUtils.getChildElementByTagName(element, ACCESS_DENIED);
setAccessDeniedHandlerProperty(parserContext, exceptionFilterDef, accessDeniedElement);
Element entryPointElement = DomUtils.getChildElementByTagName(element, ENTRY_POINT);
setEntryPointProperty(exceptionFilterDef, entryPointElement);
return exceptionFilterDef;
}
private void setEntryPointProperty(RootBeanDefinition exceptionFilterDef, Element entryPointElement) {
if (entryPointElement != null) {
setBeanReferenceOrInnerBeanDefinitions(exceptionFilterDef, entryPointElement, "authenticationEntryPoint",
entryPointElement.getAttribute(ENTRY_POINT_REF));
}
}
/**
*
* @param parserContext
* @param repositoryBeanDef
* @param element
*/
private void setAccessDeniedHandlerProperty(ParserContext parserContext, RootBeanDefinition exceptionFilterDef,
Element accessDeniedElement) {
if (accessDeniedElement != null) {
setBeanReferenceOrInnerBeanDefinitions(exceptionFilterDef, accessDeniedElement, "accessDeniedHandler",
accessDeniedElement.getAttribute(ACCESS_DENIED_REF));
}
else {
// register BFPP to check if handler exist in application context,
// if > 1 throw error saying ref should be specified as there are
// more than one
RootBeanDefinition accessDeniedHandlerLocatorBeanDef = new RootBeanDefinition(
AccessDeniedHandlerBeanDefinitionLocator.class);
parserContext.getReaderContext().registerWithGeneratedName(accessDeniedHandlerLocatorBeanDef);
}
}
/**
*
* @param repositoryBeanDef
* @param element
* @param property
* @param reference
*/
private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef,
Element element, String property, String beanRef) {
// check for encoderBeanRef attribute
if (StringUtils.hasLength(beanRef)) {
exceptionFilterDef.getPropertyValues().addPropertyValue(property,
new RuntimeBeanReference(beanRef));
}
else {
doSetInnerBeanDefinitions(exceptionFilterDef, element, property);
}
}
/**
*
* @param repositoryBeanDef
* @param element
* @param property
*/
private void doSetInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef, Element accessDeniedElement,
String property) {
RootBeanDefinition accessDeniedHandlerBeanDef = new RootBeanDefinition(AccessDeniedHandlerImpl.class);
setPropertyIfAvailable(accessDeniedElement, ACCESS_DENIED_URL, "errorPage", accessDeniedHandlerBeanDef);
exceptionFilterDef.getPropertyValues().addPropertyValue(property, accessDeniedHandlerBeanDef);
}
private void setPropertyIfAvailable(Element element, String attribute, String property,
RootBeanDefinition definition) {
String propertyValue = element.getAttribute(attribute);
if (StringUtils.hasText(propertyValue)) {
definition.getPropertyValues().addPropertyValue(property, propertyValue);
}
}
}

View File

@ -1,64 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.ui.logout.LogoutFilter;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
/**
* @author vpuri
* @since
*/
public class LogoutFilterBeanDefinitionParser extends AbstractBeanDefinitionParser {
// ~ Instance fields
// ================================================================================================
private static final String REDIRECT_AFTER_LOGOUT_URL = "redirectAfterLogoutUrl";
private static final String LOGOUT_URL = "logoutUrl";
// ~ Methods
// ================================================================================================
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
// add the properties
RootBeanDefinition definition = new RootBeanDefinition(LogoutFilter.class);
setConstructorArgumentIfAvailable(0, element, REDIRECT_AFTER_LOGOUT_URL, "logoutSuccessUrl", definition);
setPropertyIfAvailable(element, LOGOUT_URL, "filterProcessesUrl", definition);
// register BFPP to check if LogoutFilter does not have setHandlers
// populated, introspect app ctx for LogoutHandlers, using Ordered (if
// present, otherwise assume Integer.MAX_VALUE)
RootBeanDefinition bfpp = new RootBeanDefinition(LogoutHandlerOrderResolver.class);
parserContext.getReaderContext().registerWithGeneratedName(bfpp);
return definition;
}
private void setConstructorArgumentIfAvailable(int index, Element element, String attribute, String property,
RootBeanDefinition definition) {
String propertyValue = element.getAttribute(attribute);
if (StringUtils.hasText(propertyValue)) {
definition.getConstructorArgumentValues().addIndexedArgumentValue(index, propertyValue);
}
}
private void setPropertyIfAvailable(Element element, String attribute, String property,
RootBeanDefinition definition) {
String propertyValue = element.getAttribute(attribute);
if (StringUtils.hasText(propertyValue)) {
definition.getPropertyValues().addPropertyValue(property, propertyValue);
}
}
//
}

View File

@ -1,95 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import java.util.Collections;
import java.util.List;
import org.acegisecurity.ui.logout.LogoutFilter;
import org.acegisecurity.ui.logout.LogoutHandler;
import org.acegisecurity.ui.logout.SecurityContextLogoutHandler;
import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.ConstructorArgumentValues.ValueHolder;
import org.springframework.beans.factory.support.ManagedList;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.core.OrderComparator;
import org.springframework.core.Ordered;
/**
* @author vpuri
* @since
*/
public class LogoutHandlerOrderResolver implements BeanFactoryPostProcessor {
// ~ Methods
// ================================================================================================
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
// If LogoutFilter does not have setHandlers populated, introspect app
// ctx for LogoutHandlers, using Ordered (if present, otherwise assume
// Integer.MAX_VALUE)
String[] names = beanFactory.getBeanNamesForType(LogoutFilter.class);
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[0]);
ValueHolder holder = getHandlersIfConfigured(beanFactory, definition);
if (holder == null) {
// intropect the appcontext for registerd LogoutHandler
List logoutHandlers = retrieveAllLogoutHandlers(beanFactory);
definition.getConstructorArgumentValues().addIndexedArgumentValue(1, logoutHandlers);
}
}
/**
*
* @param beanFactory
* @param definition
* @return
*/
private ValueHolder getHandlersIfConfigured(ConfigurableListableBeanFactory beanFactory,
RootBeanDefinition definition) {
// there should be only one LogoutFilter
return definition.getConstructorArgumentValues().getArgumentValue(1, null);
}
/**
*
* @param beanFactory
* @return
*/
private List retrieveAllLogoutHandlers(ConfigurableListableBeanFactory beanFactory) {
String[] names = beanFactory.getBeanNamesForType(LogoutHandler.class);
ManagedList list = new ManagedList();
for (int i = 0, n = names.length; i < n; i++) {
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[i]);
if (definition.hasBeanClass()) {
if (Ordered.class.isAssignableFrom(definition.getBeanClass())) {
definition.getPropertyValues().addPropertyValue("order",
new Integer(getOrder(definition.getBeanClass())));
}
else {
definition.getPropertyValues().addPropertyValue("order", new Integer(Integer.MAX_VALUE));
}
}
list.add(definition);
}
Collections.sort(list, new OrderComparator());
return list;
}
private int getOrder(Class clazz) {
if (clazz.getName().equals(TokenBasedRememberMeServices.class.getName())) {
return 100;
}
if (clazz.getName().equals(SecurityContextLogoutHandler.class.getName())) {
return 200;
}
return Integer.MAX_VALUE;
}
}

View File

@ -1,235 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import java.util.Properties;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.userdetails.User;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.jdbc.JdbcDaoImpl;
import org.acegisecurity.userdetails.memory.InMemoryDaoImpl;
import org.acegisecurity.userdetails.memory.UserAttribute;
import org.acegisecurity.userdetails.memory.UserMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.config.PropertiesFactoryBean;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.support.ManagedList;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
import org.springframework.beans.factory.xml.BeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
/**
* @author vpuri
*
*/
public class PrincipalRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser implements
BeanDefinitionParser {
// ~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(PrincipalRepositoryBeanDefinitionParser.class);
// ~ Instance fields
// ================================================================================================
private static final String JDBC = "jdbc";
private static final String DATASOURCE_REF = "dataSourceBeanRef";
private static final String DATASOURCE = "dataSource";
private static final String JDBCTEMPLATE_REF = "jdbcTemplateBeanRef";
private static final String JDBCTEMPLATE = "jdbcTemplate";
private static final String AUTHORITIES_BY_USERNAME_QUERY = "authoritiesByUsernameQuery";
private static final String ROLE_PREFIX = "rolePrefix";
private static final String USERNAME_BASED_PRIMARY_KEY = "usernameBasedPrimaryKey";
private static final String PROPERTIES = "properties";
private static final String RESOURCE = "resource";
private static final String USER_PROPERTIES = "userProperties";
private static final String USER_DEFINITION = "user-definition";
private static final Object GRANTED_AUTHORITY = "granted-authority";
private static final String USERNAME = "username";
private static final String PASSWORD = "password";
private static final String ENABLED = "enabled";
private static final String GRANTED_AUTHORITY_REF = "granted-authority-ref";
private static final String AUTHORITY = "authority";
private static final String AUTHORITY_BEAN_REF="authorityBeanRef";
// ~ Method
// ================================================================================================
/**
*
*/
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
NodeList userDetailsServiceChildren = element.getChildNodes();
RootBeanDefinition userDetailsServiceDefinition = null;
for (int i = 0, n = userDetailsServiceChildren.getLength(); i < n; i++) {
Node userDetailsService = userDetailsServiceChildren.item(i);
if (JDBC.equals(userDetailsService.getLocalName()) && userDetailsService.getNodeType() == Node.ELEMENT_NODE) {
Element ele = (Element) userDetailsService;
userDetailsServiceDefinition = parseUserDetailsServiceJdbcDefinition(ele);
userDetailsServiceDefinition.setSource(parserContext.extractSource(element));
parserContext.getReaderContext().registerWithGeneratedName(userDetailsServiceDefinition);
}
if (PROPERTIES.equals(userDetailsService.getLocalName())
&& userDetailsService.getNodeType() == Node.ELEMENT_NODE) {
Element ele = (Element) userDetailsService;
userDetailsServiceDefinition = new RootBeanDefinition(InMemoryDaoImpl.class);
userDetailsServiceDefinition.getPropertyValues().addPropertyValue(USER_PROPERTIES,
new RuntimeBeanReference(createPropertiesBeanDefinition(ele, parserContext)));
userDetailsServiceDefinition.setSource(parserContext.extractSource(element));
parserContext.getReaderContext().registerWithGeneratedName(userDetailsServiceDefinition);
}
if (USER_DEFINITION.equals(userDetailsService.getLocalName())
&& userDetailsService.getNodeType() == Node.ELEMENT_NODE) {
Element ele = (Element) userDetailsService;
// create a UserMap which interns uses UserMapEditor
userDetailsServiceDefinition = createUserDefinition(ele, parserContext);
}
}
return userDetailsServiceDefinition;
}
private RootBeanDefinition createUserDefinition(Element ele, ParserContext parserContext) {
RootBeanDefinition definition = new RootBeanDefinition(InMemoryDaoImpl.class);
UserAttribute userAttribute = new UserAttribute();
UserMap userMap = new UserMap();
setPassword(ele, userAttribute);
setEnabled(ele, userAttribute);
setAuthorities(ele, userAttribute);
UserDetails user = new User(ele.getAttribute(USERNAME), userAttribute.getPassword(), userAttribute.isEnabled(),
true, true, true, userAttribute.getAuthorities());
userMap.addUser(user);
definition.getPropertyValues().addPropertyValue("userMap", userMap);
return definition;
}
private String createPropertiesBeanDefinition(Element ele, ParserContext parserContext) {
// properties element
RootBeanDefinition defintion = new RootBeanDefinition(PropertiesFactoryBean.class);
String propertyValue = ele.getAttribute(RESOURCE);
defintion.getPropertyValues().addPropertyValue("location", propertyValue);
defintion.setSource(parserContext.extractSource(ele));
return parserContext.getReaderContext().registerWithGeneratedName(defintion);
}
/**
*
* @param elementToParse
* @return
*/
private RootBeanDefinition parseUserDetailsServiceJdbcDefinition(Element elementToParse) {
// parse attributes
RootBeanDefinition definition = new RootBeanDefinition(JdbcDaoImpl.class);
setPropertyIfAvailable(elementToParse, DATASOURCE_REF, DATASOURCE, definition);
setPropertyIfAvailable(elementToParse, JDBCTEMPLATE_REF, JDBCTEMPLATE, definition);
setPropertyIfAvailable(elementToParse, AUTHORITIES_BY_USERNAME_QUERY, AUTHORITIES_BY_USERNAME_QUERY, definition);
setPropertyIfAvailable(elementToParse, ROLE_PREFIX, ROLE_PREFIX, definition);
setPropertyIfAvailable(elementToParse, USERNAME_BASED_PRIMARY_KEY, USERNAME_BASED_PRIMARY_KEY, definition);
return definition;
}
protected void doParseProperties(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
Properties parsedProps = parserContext.getDelegate().parsePropsElement(element);
builder.addPropertyValue(PROPERTIES, parsedProps);
}
/**
*
* @param element
* @param attribute
* @param property
* @param definition
*/
private void setPropertyIfAvailable(Element element, String attribute, String property,
RootBeanDefinition definition) {
String propertyValue = element.getAttribute(attribute);
if (StringUtils.hasText(propertyValue)) {
if (propertyValue.equals(DATASOURCE_REF) || propertyValue.equals(JDBCTEMPLATE_REF)) {
definition.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(propertyValue));
}
else {
definition.getPropertyValues().addPropertyValue(property, propertyValue);
}
}
}
private void setPassword(Element element, UserAttribute userAttribute) {
String propertyValue = element.getAttribute(PASSWORD);
if (StringUtils.hasText(propertyValue)) {
userAttribute.setPassword(propertyValue);
}
}
private void setEnabled(Element element, UserAttribute userAttribute) {
String propertyValue = element.getAttribute(ENABLED);
if (StringUtils.hasText(propertyValue)) {
if (propertyValue.equals("true")) {
userAttribute.setEnabled(true);
}
else {
userAttribute.setEnabled(false);
}
}
}
private void setAuthorities(Element ele, UserAttribute userAttribute) {
// get authorities
NodeList childNodes = ele.getChildNodes();
ManagedList authorities = new ManagedList();
for (int i = 0, n = childNodes.getLength(); i < n; i++) {
Node authorityNode = childNodes.item(i);
if (GRANTED_AUTHORITY.equals(authorityNode.getLocalName())
&& authorityNode.getNodeType() == Element.ELEMENT_NODE) {
Element propertyValue = (Element) authorityNode;
authorities.add(new GrantedAuthorityImpl(propertyValue.getAttribute(AUTHORITY)));
}
if (GRANTED_AUTHORITY_REF.equals(authorityNode.getLocalName())
&& authorityNode.getNodeType() == Element.ELEMENT_NODE) {
Element propertyValue = (Element) authorityNode;
String attribute = propertyValue.getAttribute(AUTHORITY_BEAN_REF);
if (StringUtils.hasLength(attribute)) {
authorities.add(new RuntimeBeanReference(attribute));
}
}
}
userAttribute.setAuthorities(authorities);
}
}

View File

@ -1,35 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.ui.rememberme.RememberMeServices;
import org.acegisecurity.userdetails.UserDetailsService;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.RootBeanDefinition;
/**
* @author vpuri
*
*/
public class RemeberMeServicesDependenciesConfigurer implements BeanFactoryPostProcessor {
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
String [] userDetailServices = beanFactory.getBeanNamesForType(UserDetailsService.class);
String [] rememberMeService = beanFactory.getBeanNamesForType(RememberMeServices.class);
RootBeanDefinition definition=(RootBeanDefinition) beanFactory.getBeanDefinition(rememberMeService[0]);
// there should be only one principal-repository defined, pick the first one
if(userDetailServices.length!=0) {
definition.getPropertyValues().addPropertyValue("userDetailsService", new RuntimeBeanReference(userDetailServices[0]));
}
}
}

View File

@ -1,49 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.ui.rememberme.RememberMeProcessingFilter;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
/**
* @author vpuri
*
*@since
*/
public class RememberMeFilterBeanDefinitionParser extends AbstractBeanDefinitionParser {
private static final String REMEMBER_ME_SERVICES_REF = "rememberMeServicesBeanRef";
private static final String REMEMBER_ME_SERVICES = "rememberMeServices";
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
Assert.notNull(parserContext, "ParserContext must not be null");
RootBeanDefinition rememberMeFilterBeanDef = new RootBeanDefinition(RememberMeProcessingFilter.class);
// detect all the required dependencies and autowire them by type
rememberMeFilterBeanDef.setAutowireMode(AbstractBeanDefinition.AUTOWIRE_AUTODETECT);
// check if rememberMeServicesBeanRef is defined and if it's specified use its referred bean
String rememberMeServicesRef = element.getAttribute(REMEMBER_ME_SERVICES_REF);
if (StringUtils.hasLength(rememberMeServicesRef)) {
rememberMeFilterBeanDef.getPropertyValues().addPropertyValue(REMEMBER_ME_SERVICES,
new RuntimeBeanReference(rememberMeServicesRef));
}
return rememberMeFilterBeanDef;
}
}

View File

@ -1,62 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
import org.springframework.beans.factory.xml.BeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
/**
* @author vpuri
*
*/
public class RememberMeServicesBeanDefinitionParser extends AbstractBeanDefinitionParser implements
BeanDefinitionParser {
private static final String PRINCIPAL_REPOSITORY_BEAN_REF = "principalRepositoryBeanRef";
private static final String USER_DETAILS_SERVICE_PROPERTY = "userDetailsService";
/*
* key is optional; if unspecified, pick a rnd int and use for all unspecified key properties for acegi beans
*/
private static final String KEY = "key";
/**
*
*/
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
Assert.notNull(parserContext, "ParserContext must not be null");
RootBeanDefinition rememberMeServicesBeanDef = new RootBeanDefinition(TokenBasedRememberMeServices.class);
String keyValue = element.getAttribute(KEY);
if (StringUtils.hasLength(keyValue)) {
rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(KEY,keyValue);
} else {
// pick a rnd int
}
// check if rememberMeServicesBeanRef is defined and if it's specified use its referred bean
String rememberMeServicesRef = element.getAttribute(PRINCIPAL_REPOSITORY_BEAN_REF);
if (StringUtils.hasLength(rememberMeServicesRef)) {
rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE_PROPERTY,
new RuntimeBeanReference(rememberMeServicesRef));
}
else {
// register a bean definition parse
RootBeanDefinition configurer = new RootBeanDefinition(RemeberMeServicesDependenciesConfigurer.class);
parserContext.getReaderContext().registerWithGeneratedName(configurer);
}
return rememberMeServicesBeanDef;
}
}

View File

@ -1,33 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.springframework.beans.factory.xml.BeanDefinitionParser;
import org.springframework.beans.factory.xml.NamespaceHandlerSupport;
/**
* {@link org.springframework.beans.factory.xml.NamespaceHandler} for the '<code>security</code>' namespace.
* @author vpuri
*
* @since
*/
public class SecurityNamespaceHandler extends NamespaceHandlerSupport {
/**
* Register the {@link BeanDefinitionParser BeanDefinitionParsers} for the
* '<code>context-integration</code>', ' and '<code></code>' elements.
*/
public void init() {
registerBeanDefinitionParser("principal-repository", new PrincipalRepositoryBeanDefinitionParser());
registerBeanDefinitionParser("session-context-integration", new ContextIntegrationBeanDefinitionParser());
registerBeanDefinitionParser("authentication-repository", new AuthenticationRepositoryBeanDefinitionParser());
registerBeanDefinitionParser("authentication-mechanism", new AuthenticationMechanismBeanDefinitionParser());
registerBeanDefinitionParser("authentication-remember-me-services", new RememberMeServicesBeanDefinitionParser());
registerBeanDefinitionParser("authentication-remember-me-filter", new RememberMeFilterBeanDefinitionParser());
registerBeanDefinitionParser("logout-support", new LogoutFilterBeanDefinitionParser());
registerBeanDefinitionParser("exception-translation", new ExceptionTranslationFilterBeanDefinitionParser());
registerBeanDefinitionParser("authentication-form", new AuthenticationProcessingFilterBeanDefinitionParser());
}
}

View File

@ -39,6 +39,7 @@ import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.Ordered;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -72,7 +73,7 @@ import org.springframework.util.Assert;
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
*/ */
public class BasicProcessingFilter implements Filter, InitializingBean { public class BasicProcessingFilter implements Filter, InitializingBean, Ordered {
//~ Static fields/initializers ===================================================================================== //~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(BasicProcessingFilter.class); private static final Log logger = LogFactory.getLog(BasicProcessingFilter.class);
@ -84,6 +85,7 @@ public class BasicProcessingFilter implements Filter, InitializingBean {
private AuthenticationManager authenticationManager; private AuthenticationManager authenticationManager;
private RememberMeServices rememberMeServices; private RememberMeServices rememberMeServices;
private boolean ignoreFailure = false; private boolean ignoreFailure = false;
private int order;
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
@ -226,4 +228,12 @@ public class BasicProcessingFilter implements Filter, InitializingBean {
public void setRememberMeServices(RememberMeServices rememberMeServices) { public void setRememberMeServices(RememberMeServices rememberMeServices) {
this.rememberMeServices = rememberMeServices; this.rememberMeServices = rememberMeServices;
} }
public int getOrder() {
return order;
}
public void setOrder(int order) {
this.order = order;
}
} }

View File

@ -16,6 +16,7 @@
package org.acegisecurity.ui.basicauth; package org.acegisecurity.ui.basicauth;
import java.io.IOException; import java.io.IOException;
import java.util.Map;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.ServletRequest; import javax.servlet.ServletRequest;
@ -24,8 +25,12 @@ import javax.servlet.http.HttpServletResponse;
import org.acegisecurity.AuthenticationException; import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.AuthenticationEntryPoint; import org.acegisecurity.ui.AuthenticationEntryPoint;
import org.acegisecurity.util.OrderedUtils;
import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.core.Ordered; import org.springframework.core.Ordered;
import org.springframework.util.Assert;
/** /**
@ -38,11 +43,13 @@ import org.springframework.core.Ordered;
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
*/ */
public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered { public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered, ApplicationContextAware {
//~ Instance fields ================================================================================================ //~ Instance fields ================================================================================================
private static final int DEFAULT_ORDER = Integer.MAX_VALUE;
private String realmName; private String realmName;
private int order = Integer.MAX_VALUE; // ~ default private int order = DEFAULT_ORDER;
private ApplicationContext applicationContext;
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
@ -55,8 +62,9 @@ public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint
} }
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
if ((realmName == null) || "".equals(realmName)) { Assert.hasText(realmName, "realmName must be specified");
throw new IllegalArgumentException("realmName must be specified"); if (order == DEFAULT_ORDER) {
OrderedUtils.copyOrderFromOtherClass(BasicProcessingFilter.class, applicationContext, this, true);
} }
} }
@ -74,4 +82,8 @@ public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint
public void setRealmName(String realmName) { public void setRealmName(String realmName) {
this.realmName = realmName; this.realmName = realmName;
} }
public void setApplicationContext(ApplicationContext applicationContext) {
this.applicationContext = applicationContext;
}
} }

View File

@ -1,444 +0,0 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<xsd:schema xmlns="http://www.springframework.org/schema/security"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
targetNamespace="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
elementFormDefault="qualified" attributeFormDefault="unqualified">
<xsd:import namespace="http://www.springframework.org/schema/util" />
<xsd:element name="session-context-integration">
<xsd:complexType>
<xsd:attribute name="id" type="xsd:ID">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The unique identifier for a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="sessionCreation"
default="ifRequired">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
Indicates if this filter can create a HttpSession if
needed (sessions are always created sparingly, but setting this value to
false will prohibit sessions from ever being created).
Defaults to true. Do not set to false if
you have set forceEagerSessionCreation to true ,
as the properties would be in conflict.
]]>
</xsd:documentation>
</xsd:annotation>
<xsd:simpleType>
<xsd:restriction base="xsd:string">
<xsd:enumeration value="ifRequired" />
<xsd:enumeration value="never" />
<xsd:enumeration value="always" />
</xsd:restriction>
</xsd:simpleType>
</xsd:attribute>
<xsd:attribute name="forceEagerSessionCreation"
default="false" type="defaultable-boolean" use="optional">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
Indicates if this filter is required to create a <code>HttpSession</code>
for every request before proceeding through the filter chain, even if the
<code>HttpSession</code> would not ordinarily have been created. By
default this is <code>false</code>, which is entirely appropriate for
most circumstances as you do not want a <code>HttpSession</code>
created unless the filter actually needs one. It is envisaged the main
situation in which this property would be set to <code>true</code> is
if using other filters that depend on a <code>HttpSession</code>
already existing, such as those which need to obtain a session ID. This
is only required in specialised cases, so leave it set to
<code>false</code> unless you have an actual requirement and are
conscious of the session creation overhead.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="cloneFromHttpSession" default="false"
type="defaultable-boolean" use="optional">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
Indicates whether the <code>SecurityContext</code> will be cloned from
the <code>HttpSession</code>. The default is to simply reference (ie
the default is <code>false</code>). The default may cause issues if
concurrent threads need to have a different security identity from other
threads being concurrently processed that share the same
<code>HttpSession</code>. In most normal environments this does not
represent an issue, as changes to the security identity in one thread is
allowed to affect the security identitiy in other threads associated with
the same <code>HttpSession</code>. For unusual cases where this is not
permitted, change this value to <code>true</code> and ensure the
{@link #context} is set to a <code>SecurityContext</code> that
implements {@link Cloneable} and overrides the <code>clone()</code>
method.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
</xsd:complexType>
</xsd:element>
<xsd:element name="authentication-remember-me-filter"
type="RememberMeFilter" />
<xsd:complexType name="RememberMeFilter">
<xsd:attribute name="id" type="xsd:ID">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The unique identifier for a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="rememberMeServicesBeanRef"
type="xsd:string" use="optional" />
</xsd:complexType>
<xsd:element name="authentication-remember-me-services"
type="RememberMeServices" />
<xsd:complexType name="RememberMeServices">
<xsd:attribute name="id" type="xsd:ID">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The unique identifier for a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="key" type="xsd:string" use="optional" />
<xsd:attribute name="principalRepositoryBeanRef"
type="xsd:string" use="optional" />
</xsd:complexType>
<!-- Logout Filter -->
<xsd:element name="logout-support">
<xsd:complexType>
<!-- Write other attributes -->
<xsd:attribute name="id" type="xsd:ID">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The unique identifier for a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="redirectAfterLogoutUrl"
type="xsd:string" default="/" />
<xsd:attribute name="logoutUrl" type="xsd:string"
default="/logout" />
<xsd:anyAttribute namespace="##other" processContents="lax"/>
</xsd:complexType>
</xsd:element>
<!-- Exception Translation Filter -->
<xsd:element name="exception-translation"
type="ExceptionTranslation" />
<xsd:complexType name="ExceptionTranslation">
<xsd:all>
<xsd:element ref="entry-point" maxOccurs="1" />
<xsd:element ref="access-denied" maxOccurs="1"
minOccurs="0" />
</xsd:all>
<xsd:attribute name="id" type="xsd:ID">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The unique identifier for a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
</xsd:complexType>
<xsd:element name="entry-point">
<xsd:complexType>
<xsd:attribute name="entryPointBeanRef" type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="access-denied">
<xsd:complexType>
<xsd:attribute name="accessDeniedUrl" type="xsd:string"
use="optional" />
<xsd:attribute name="accessDeniedBeanRef" type="xsd:string"
use="optional" />
</xsd:complexType>
</xsd:element>
<!-- AuthenticationProcessigFilter -->
<xsd:element name="authentication-form"
type="AuthenticationProcessingFilter" />
<xsd:complexType name="AuthenticationProcessingFilter">
<xsd:attribute name="id" type="xsd:ID">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The unique identifier for a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="authenticationUrl" type="xsd:string"
use="required">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The URL destination that this filter intercepts and processes (usually something like
/login)
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="defaultTargetUrl" type="xsd:string"
use="required">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
Where to redirect the browser to if authentication is successful but ACEGI_SAVED_REQUEST_KEY is
null
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="errorFormUrl" type="xsd:string"
use="required">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
Where to redirect the browser to if authentication fails.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
</xsd:complexType>
<xsd:element name="authentication-mechanism"
type="AuthenticationManager" />
<xsd:complexType name="AuthenticationManager">
<xsd:sequence>
<xsd:element ref="authentication-jdbc" minOccurs="0"
maxOccurs="1" />
<xsd:element ref="authentication-ldap" minOccurs="0"
maxOccurs="1" />
</xsd:sequence>
<xsd:attribute name="id" type="xsd:ID">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The unique identifier for a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
</xsd:complexType>
<xsd:element name="authentication-jdbc">
<xsd:complexType>
<xsd:attribute name="ref" type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="authentication-ldap">
<xsd:complexType>
<xsd:attribute name="ref" type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="principal-repository" type="PrincipalRepository" />
<xsd:complexType name="PrincipalRepository">
<xsd:choice>
<xsd:element ref="jdbc" minOccurs="0" maxOccurs="1" />
<xsd:element ref="ldap" minOccurs="0" maxOccurs="1" />
<xsd:element ref="properties" minOccurs="0" maxOccurs="1" />
<xsd:element ref="user-definition" minOccurs="0"
maxOccurs="unbounded" />
</xsd:choice>
<xsd:attribute name="id" type="xsd:ID">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The unique identifier for a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
</xsd:complexType>
<xsd:element name="jdbc">
<xsd:complexType>
<xsd:attribute name="dataSourceBeanRef" type="xsd:string" />
<xsd:attribute name="authoritiesByUsernameQuery"
type="xsd:string" use="optional" />
<xsd:attribute name="jdbcTemplateBeanRef" type="xsd:string"
use="optional" />
<xsd:attribute name="rolePrefix" type="xsd:string"
use="optional" />
<xsd:attribute name="usernameBasedPrimaryKey"
type="xsd:boolean" use="optional" />
<xsd:attribute name="usersByUsernameQuery" type="xsd:string"
use="optional" />
</xsd:complexType>
</xsd:element>
<xsd:element name="ldap">
<xsd:complexType>
<xsd:attribute name="not-yet-defined" type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="properties">
<xsd:complexType>
<xsd:attribute name="resource" type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="user-definition">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="granted-authority" minOccurs="0"
maxOccurs="unbounded">
<xsd:complexType>
<xsd:attribute name="authority"
type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
<xsd:element name="granted-authority-ref" minOccurs="0"
maxOccurs="unbounded">
<xsd:complexType>
<xsd:attribute name="authorityBeanRef"
type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
</xsd:sequence>
<xsd:attribute name="username" type="xsd:string"
use="required" />
<xsd:attribute name="password" type="xsd:string" />
<xsd:attribute name="enabled" type="xsd:boolean" />
<xsd:anyAttribute namespace="##local"
processContents="strict" />
</xsd:complexType>
</xsd:element>
<xsd:element name="authentication-repository"
type="AuthenticationRepositoryType" />
<xsd:complexType name="AuthenticationRepositoryType">
<xsd:sequence>
<xsd:element name="salt-source" type="SaltSource"
minOccurs="0" maxOccurs="1" />
<xsd:element name="password-encoder" type="PasswordEncoder"
minOccurs="0" maxOccurs="1" />
</xsd:sequence>
<xsd:attributeGroup ref="AuthenticationRepositoryAttributes" />
</xsd:complexType>
<!-- <security:salt-source source="systemwide|reflection" salt="salt"/> -->
<xsd:complexType name="SaltSource">
<xsd:sequence>
<xsd:choice minOccurs="0" maxOccurs="1">
<xsd:element name="system-wide">
<xsd:complexType>
<xsd:attribute name="systemWideSalt"
type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="reflection">
<xsd:complexType>
<xsd:attribute name="userPropertyToUse"
type="xsd:string" />
</xsd:complexType>
</xsd:element>
</xsd:choice>
</xsd:sequence>
<xsd:attribute name="saltSourceBeanRef" type="xsd:string"
use="optional" />
</xsd:complexType>
<xsd:complexType name="PasswordEncoder">
<xsd:sequence>
<xsd:choice minOccurs="0" maxOccurs="1">
<xsd:element name="encoder">
<xsd:complexType>
<xsd:attribute name="method" type="encoders" />
</xsd:complexType>
</xsd:element>
</xsd:choice>
</xsd:sequence>
<xsd:attribute name="encoderBeanRef" type="xsd:string"
use="optional" />
</xsd:complexType>
<xsd:attributeGroup name="AuthenticationRepositoryAttributes">
<xsd:attribute name="id" type="xsd:ID">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The unique identifier for a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="repositoryBeanRef" type="xsd:string">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
Reference of a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
</xsd:attributeGroup>
<!-- simple internal types -->
<xsd:simpleType name="defaultable-boolean">
<xsd:restriction base="xsd:NMTOKEN">
<xsd:enumeration value="true" />
<xsd:enumeration value="false" />
</xsd:restriction>
</xsd:simpleType>
<xsd:simpleType name="encoders">
<xsd:restriction base="xsd:NMTOKEN">
<xsd:enumeration value="md5" />
<xsd:enumeration value="md5Hex" />
<xsd:enumeration value="sha" />
<xsd:enumeration value="shaHex" />
<xsd:enumeration value="custom" />
</xsd:restriction>
</xsd:simpleType>
</xsd:schema>

View File

@ -1,25 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import junit.framework.TestCase;
/**
* @author vpuri
*
*/
public class AuthenticationProcessingFilterNamespaceTests extends TestCase {
public void testAuthenticationFilterBeanDefinition() {
ApplicationContext context = new ClassPathXmlApplicationContext(
"org/acegisecurity/config/authentication-form-filter.xml");
ConfigurableListableBeanFactory factory = (ConfigurableListableBeanFactory) context
.getAutowireCapableBeanFactory();
}
}

View File

@ -1,120 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import junit.framework.TestCase;
import org.acegisecurity.providers.AuthenticationProvider;
import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
import org.acegisecurity.providers.dao.SaltSource;
import org.acegisecurity.providers.encoding.Md5PasswordEncoder;
import org.acegisecurity.providers.encoding.PasswordEncoder;
import org.acegisecurity.providers.encoding.PlaintextPasswordEncoder;
import org.acegisecurity.userdetails.jdbc.JdbcDaoImpl;
import org.springframework.beans.PropertyValue;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.util.Assert;
/**
* @author vpuri
*
*/
public class AuthenticationRepositoryParserTest extends TestCase {
public void testAuthenticationRepositoryDefaultWithAutoUserdetails() {
ApplicationContext context = new ClassPathXmlApplicationContext(
"org/acegisecurity/config/authentication-dao-defaults.xml");
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
.getAutowireCapableBeanFactory();
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class);
assertEquals(1, names.length);
// check bean class
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass());
DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository");
Assert.isAssignable(JdbcDaoImpl.class, provider.getUserDetailsService().getClass());
}
public void testCollaboratorsAsInnerBeans() {
ApplicationContext context = new ClassPathXmlApplicationContext(
"org/acegisecurity/config/authentication-innerbeans.xml");
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
.getAutowireCapableBeanFactory();
// get the main bean definition, there should be only one
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class);
assertEquals(1, names.length);
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass());
// get the 2 inner beans
PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource");
assertEquals("saltSource", saltSourceBean.getName());
// get the BeanDefinition
RootBeanDefinition saltsourceDef = (RootBeanDefinition) saltSourceBean.getValue();
Assert.isAssignable(SaltSource.class, saltsourceDef.getBeanClass());
PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder");
assertEquals("passwordEncoder", encoder.getName());
// get the BeanDefinition
RootBeanDefinition encoderDef = (RootBeanDefinition) encoder.getValue();
Assert.isAssignable(PasswordEncoder.class, encoderDef.getBeanClass());
assertEquals("incorrect bean class name", encoderDef.getBeanClassName(), Md5PasswordEncoder.class.getName());
}
public void testCollaboratorsAsBeanRef() {
ApplicationContext context = new ClassPathXmlApplicationContext(
"org/acegisecurity/config/authentication-beanRef-attributes.xml");
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
.getAutowireCapableBeanFactory();
// get the main bean definition, there should be only one
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class);
assertEquals(1, names.length);
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass());
// get the referred collaborators
PropertyValue userDetailsBean = definition.getPropertyValues().getPropertyValue("userDetailsService");
assertEquals("userDetailsService", userDetailsBean.getName());
PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource");
assertEquals("saltSource", saltSourceBean.getName());
// get the BeanDefinition
RuntimeBeanReference saltsourceDef = (RuntimeBeanReference) saltSourceBean.getValue();
assertEquals("refToSaltSource", saltsourceDef.getBeanName());
PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder");
assertEquals("passwordEncoder", encoder.getName());
// get the BeanDefinition
RuntimeBeanReference encoderDef = (RuntimeBeanReference) encoder.getValue();
assertEquals("refToPasswordEncoder", encoderDef.getBeanName());
DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository");
assertTrue(provider.getPasswordEncoder() instanceof PasswordEncoder);
assertEquals(Md5PasswordEncoder.class, provider.getPasswordEncoder().getClass());
}
public void testAutodetectionOfUserDetailsService() {
ApplicationContext context = new ClassPathXmlApplicationContext(
"org/acegisecurity/config/authentication-defaults.xml");
DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository");
assertNotNull(provider.getUserDetailsService());
assertNull(provider.getSaltSource());
assertEquals(PlaintextPasswordEncoder.class, provider.getPasswordEncoder().getClass());
}
}

View File

@ -1,47 +0,0 @@
package org.acegisecurity.config;
import javax.servlet.Filter;
import junit.framework.TestCase;
import org.acegisecurity.ui.ExceptionTranslationFilter;
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint;
import org.springframework.beans.PropertyValue;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
public class ExceptionTranslationParserTests extends TestCase {
public void testParsingBeanReferences() {
ApplicationContext context = new ClassPathXmlApplicationContext(
"org/acegisecurity/config/exception-translation-beanref.xml");
ConfigurableListableBeanFactory factory = (ConfigurableListableBeanFactory) context
.getAutowireCapableBeanFactory();
String[] beanNames = factory.getBeanNamesForType(Filter.class);
assertEquals(1, beanNames.length);
RootBeanDefinition def = (RootBeanDefinition) factory.getBeanDefinition(beanNames[0]);
assertEquals(ExceptionTranslationFilter.class.getName(), def.getBeanClassName());
// check collaborators
PropertyValue accessDeniedHandler = def.getPropertyValues().getPropertyValue("accessDeniedHandler");
assertNotNull(accessDeniedHandler);
assertEquals(accessDeniedHandler.getValue(), new RuntimeBeanReference("theBeanToUse"));
PropertyValue entryPoint = def.getPropertyValues().getPropertyValue("authenticationEntryPoint");
assertNotNull(entryPoint);
assertEquals(entryPoint.getValue(), new RuntimeBeanReference("authenticationProcessingFilterEntryPoint"));
}
public void testRuntimeBeanDependencies() {
ApplicationContext context = new ClassPathXmlApplicationContext(
"org/acegisecurity/config/exception-translation-beanref.xml");
ExceptionTranslationFilter filter = (ExceptionTranslationFilter) context.getBean("exceptionTranslationFilter");
AuthenticationProcessingFilterEntryPoint entryPoint = (AuthenticationProcessingFilterEntryPoint) filter
.getAuthenticationEntryPoint();
assertEquals("/acegilogin.jsp", entryPoint.getLoginFormUrl());
assertFalse(entryPoint.getForceHttps());
}
}

View File

@ -1,44 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import javax.servlet.Filter;
import org.acegisecurity.context.HttpSessionContextIntegrationFilter;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import junit.framework.TestCase;
/**
* @author vpuri
*
*/
public class HttpSessionContextIntegrationParserTest extends TestCase {
public void testApplicationContext() {
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/session-context-integration-defaults.xml");
ConfigurableListableBeanFactory clbf =
(ConfigurableListableBeanFactory)context.getAutowireCapableBeanFactory();
String[] names = clbf.getBeanNamesForType(Filter.class);
assertEquals(1, names.length);
// check bean name
RootBeanDefinition definition = (RootBeanDefinition)clbf.getBeanDefinition(names[0]);
assertEquals(HttpSessionContextIntegrationFilter.class, definition.getBeanClass());
// check properties
//get the bean
HttpSessionContextIntegrationFilter filter = (HttpSessionContextIntegrationFilter)context.getBean("httpSessionContextIntegrationFilter");
assertFalse(filter.isAllowSessionCreation());
assertNotNull(definition.getPropertyValues().getPropertyValue("allowSessionCreation"));
assertFalse(filter.isForceEagerSessionCreation());
assertFalse(filter.isCloneFromHttpSession());
}
}

View File

@ -1,29 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import java.util.Map;
import junit.framework.TestCase;
import org.acegisecurity.ui.logout.LogoutHandler;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
/**
* @author vpuri
*
*/
public class LogoutFilterBeanDefinitionParserTests extends TestCase {
public void testLogoutFilter() {
ApplicationContext context = new ClassPathXmlApplicationContext(
"org/acegisecurity/config/logout-filter-with-handlers.xml");
ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory();
Map m = bf.getBeansOfType(LogoutHandler.class);
assertEquals(2, m.size());
}
}

View File

@ -1,66 +0,0 @@
/**
*
*/
package org.acegisecurity.config;
import junit.framework.TestCase;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.userdetails.User;
import org.acegisecurity.userdetails.UserDetailsService;
import org.acegisecurity.userdetails.memory.InMemoryDaoImpl;
import org.acegisecurity.userdetails.memory.UserMap;
import org.springframework.beans.PropertyValue;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
/**
* @author vpuri
*
*/
public class PrincipalRepositoryNamespaceTests extends TestCase {
public void testParserWithUserDefinition() {
ApplicationContext context = new ClassPathXmlApplicationContext(
"org/acegisecurity/config/principal-repository-user-map.xml");
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
.getAutowireCapableBeanFactory();
String[] names = clbf.getBeanNamesForType(UserDetailsService.class);
assertEquals(1, names.length);
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
assertEquals(InMemoryDaoImpl.class, definition.getBeanClass());
UserMap map = new UserMap();
GrantedAuthority[] authotities = { new GrantedAuthorityImpl("ROLE_YO"), new GrantedAuthorityImpl("ROLE_YOYO") };
User user = new User("vishal", "nottellingya", true, true, true, true, authotities);
map.addUser(user);
assertPropertyValues(map, definition, "userMap");
}
private void assertPropertyValues(UserMap assertionValue, RootBeanDefinition definition, String property) {
PropertyValue propertyValue = definition.getPropertyValues().getPropertyValue(property);
assertNotNull(propertyValue);
assertTrue(propertyValue.getValue() instanceof UserMap);
UserMap users = (UserMap) propertyValue.getValue();
assertTrue(assertionValue.getUserCount() == users.getUserCount());
assertEquals(assertionValue.getUser("vishal"), users.getUser("vishal"));
assertTrue(users.getUser("vishal").isEnabled());
assertTrue(users.getUser("vishal").isAccountNonExpired());
assertTrue(users.getUser("vishal").isAccountNonLocked());
assertTrue(users.getUser("vishal").isCredentialsNonExpired());
assertEquals(2, users.getUser("vishal").getAuthorities().length);
assertEquals(new GrantedAuthorityImpl("ROLE_YO"), users.getUser("vishal").getAuthorities()[0]);
assertEquals(new GrantedAuthorityImpl("ROLE_YOYO"), users.getUser("vishal").getAuthorities()[1]);
}
}

View File

@ -1,16 +0,0 @@
package org.acegisecurity.config;
import junit.framework.TestCase;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
public class RememberMeBeanDefinitionParserTest extends TestCase {
public void testParserDefaults() {
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/principal-repository-properties.xml");
}
}

View File

@ -19,6 +19,7 @@ import junit.framework.TestCase;
import org.acegisecurity.DisabledException; import org.acegisecurity.DisabledException;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpServletResponse;
@ -69,6 +70,7 @@ public class BasicProcessingFilterEntryPointTests extends TestCase {
public void testNormalOperation() throws Exception { public void testNormalOperation() throws Exception {
BasicProcessingFilterEntryPoint ep = new BasicProcessingFilterEntryPoint(); BasicProcessingFilterEntryPoint ep = new BasicProcessingFilterEntryPoint();
ep.setRealmName("hello"); ep.setRealmName("hello");
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest();
@ -76,7 +78,7 @@ public class BasicProcessingFilterEntryPointTests extends TestCase {
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
ep.afterPropertiesSet(); //ep.afterPropertiesSet();
String msg = "These are the jokes kid"; String msg = "These are the jokes kid";
ep.commence(request, response, new DisabledException(msg)); ep.commence(request, response, new DisabledException(msg));

View File

@ -1,21 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- AuthenticationEntryPoints handled across the system via Ordered interface; every Acegi entry point has an order; the highest order wins and
is used as the entry point by ExceptionTranslationFilter; for things like BasicAuthenticationfilter, they're smart enough to know they need a
BasicAuthenticationProcessingFilterEntryPoint, so they use that one; here we have an entryPointOrder to say when we make the BasicEntryPoint,
we will call setOrder(2) such that this app effectively will use somehing with a higher order as the app-wide default -->
<security:authentication-basic id="id"
realmName="Spring Security Application" entryPointOrder="2" />
</beans>

View File

@ -1,53 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<security:authentication-repository id="authenticationRepository" repositoryBeanRef="refToUserDetailsService">
<security:salt-source saltSourceBeanRef="refToSaltSource"/>
<security:password-encoder encoderBeanRef="refToPasswordEncoder"/>
</security:authentication-repository>
<bean id="refToUserDetailsService"
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource">
<ref bean="dataSource" />
</property>
</bean>
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName">
<value>org.hsqldb.jdbcDriver</value>
</property>
<property name="url">
<value>jdbc:hsqldb:mem:test</value>
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
</property>
<property name="username">
<value>sa</value>
</property>
<property name="password">
<value></value>
</property>
</bean>
<bean id="refToSaltSource"
class="org.acegisecurity.providers.dao.salt.SystemWideSaltSource">
<property name="systemWideSalt">
<value>12345</value>
</property>
</bean>
<bean id="refToPasswordEncoder"
class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" />
</beans>

View File

@ -1,54 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- Case 1: defaults (userDetailsService mandatory)-->
<!-- autocreate userDetailsService with dataSource(search in ctx) injected -->
<security:authentication-repository id="authenticationRepository">
<security:password-encoder encoderBeanRef="passwordEncoder" />
</security:authentication-repository>
<bean id="userDetailsService"
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource">
<ref bean="dataSource" />
</property>
</bean>
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName">
<value>org.hsqldb.jdbcDriver</value>
</property>
<property name="url">
<value>jdbc:hsqldb:mem:test</value>
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
</property>
<property name="username">
<value>sa</value>
</property>
<property name="password">
<value></value>
</property>
</bean>
<bean id="saltSource"
class="org.acegisecurity.providers.dao.salt.SystemWideSaltSource">
<property name="systemWideSalt">
<value>12345</value>
</property>
</bean>
<bean id="passwordEncoder"
class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" />
</beans>

View File

@ -1,40 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<security:authentication-repository id="authenticationRepository"/>
<bean id="userDetailsService"
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource">
<ref bean="dataSource" />
</property>
</bean>
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName">
<value>org.hsqldb.jdbcDriver</value>
</property>
<property name="url">
<value>jdbc:hsqldb:mem:test</value>
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
</property>
<property name="username">
<value>sa</value>
</property>
<property name="password">
<value></value>
</property>
</bean>
</beans>

View File

@ -1,57 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- the URLs are all mandatory and have no defaults (well, except authenticationUrl) -->
<security:authentication-form id="authenticationProcessinFilter"
authenticationUrl="/login" defaultTargetUrl="/login.html"
errorFormUrl="error.html" />
<!-- make it optional, if not supplied autodetect all auth-providers from app ctx, using Ordered to resolve their order -->
<security:authentication-mechanism id="authenticationManager">
<security:authentication-jdbc ref="authenticationRepository"/>
</security:authentication-mechanism>
<!-- dao authentication provider -->
<security:authentication-repository id="authenticationRepository" repositoryBeanRef="userDetailsService"/>
<security:authentication-remember-me-services
id="rememberMeServices" key="someValue" />
<bean id="userDetailsService"
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource">
<ref bean="dataSource" />
</property>
</bean>
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName">
<value>org.hsqldb.jdbcDriver</value>
</property>
<property name="url">
<value>jdbc:hsqldb:mem:test</value>
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
</property>
<property name="username">
<value>sa</value>
</property>
<property name="password">
<value></value>
</property>
</bean>
</beans>

View File

@ -1,50 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- Case 1: defaults (userDetailsService mandatory)-->
<!-- autocreate userDetailsService with dataSource(search in ctx) injected -->
<security:authentication-repository id="authenticationRepository">
<security:salt-source>
<security:system-wide systemWideSalt="12345" />
</security:salt-source>
<security:password-encoder>
<security:encoder method="md5" />
</security:password-encoder>
</security:authentication-repository>
<bean id="AnyBeanIdAsThisBeanWillBeAutoDetectedAndInjectedInauthenticationRepositoryUsingAutoWireByType"
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource">
<ref bean="dataSource" />
</property>
</bean>
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName">
<value>org.hsqldb.jdbcDriver</value>
</property>
<property name="url">
<value>jdbc:hsqldb:mem:test</value>
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
</property>
<property name="username">
<value>sa</value>
</property>
<property name="password">
<value></value>
</property>
</bean>
</beans>

View File

@ -1,37 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it;
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for
other props; i do not mind if you move the access denied stuff to a sub-element -->
<security:exception-translation id="exceptionTranslationFilter">
<security:entry-point
entryPointBeanRef="authenticationProcessingFilterEntryPoint" />
</security:exception-translation>
<bean id="theBeanToUse"
class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
<property name="errorPage" value="/accessDenied.jsp" />
</bean>
<bean id="authenticationProcessingFilterEntryPoint"
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl">
<value>/acegilogin.jsp</value>
</property>
<property name="forceHttps">
<value>false</value>
</property>
</bean>
</beans>

View File

@ -1,38 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it;
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for
other props; i do not mind if you move the access denied stuff to a sub-element -->
<security:exception-translation id="exceptionTranslationFilter">
<security:access-denied accessDeniedBeanRef="theBeanToUse" />
<security:entry-point
entryPointBeanRef="authenticationProcessingFilterEntryPoint" />
</security:exception-translation>
<bean id="theBeanToUse"
class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
<property name="errorPage" value="/accessDenied.jsp" />
</bean>
<bean id="authenticationProcessingFilterEntryPoint"
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl">
<value>/acegilogin.jsp</value>
</property>
<property name="forceHttps">
<value>false</value>
</property>
</bean>
</beans>

View File

@ -1,34 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) -->
<!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown -->
<security:logout-support id="logoutFilter" logoutUrl="/logout" redirectAfterLogoutUrl="/"/>
<security:authentication-remember-me-services
id="rememberMeServices" key="someValue" />
<bean id="SecurityContextLogoutHandler"
class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" />
<security:principal-repository id="userDetailsService">
<security:user-definition username="vishal"
password="nottellingya" enabled="true">
<security:granted-authority authority="ROLE_YO" />
<security:granted-authority authority="ROLE_YOYO" />
<!-- TODO: <security:granted-authority-ref authorityBeanRef="fooBarAuthority"/>-->
</security:user-definition>
</security:principal-repository>
</beans>

View File

@ -1,44 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- userDetailsService, This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly.
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds -->
<!--<security:security-autoconfig/> -->
<security:principal-repository id="userDetailsService">
<security:jdbc dataSourceBeanRef="dataSource"/>
</security:principal-repository>
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName">
<value>org.hsqldb.jdbcDriver</value>
</property>
<property name="url">
<value>jdbc:hsqldb:mem:test</value>
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
</property>
<property name="username">
<value>sa</value>
</property>
<property name="password">
<value></value>
</property>
</bean>
<!--<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="dataSource"></property>
</bean>-->
</beans>

View File

@ -1,22 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- userDetailsService, This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly.
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds -->
<security:principal-repository id="userDetailsService">
<security:properties resource="classpath:org/acegisecurity/config/user.properties"/>
</security:principal-repository>
</beans>

View File

@ -1,28 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- userDetailsService, This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly.
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds -->
<security:principal-repository id="userDetailsService">
<security:user-definition username="vishal" password="nottellingya" enabled="true">
<security:granted-authority authority="ROLE_YO"/>
<security:granted-authority authority="ROLE_YOYO"/>
<!-- TODO: <security:granted-authority-ref authorityBeanRef="fooBarAuthority"/>-->
</security:user-definition>
</security:principal-repository>
<!-- TODO: <security:granted-authority id="fooBarAuthority" authority="ROLE_FOOBAR"/> -->
</beans>

View File

@ -1,76 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- ======================== AUTHENTICATION ======================= -->
<!-- makes the filter, but does little else, as it auto-detects everything -->
<security:authentication-remember-me-filter id="rememberMeFilter" rememberMeServicesBeanRef="rememberMeServices" />
<!-- services should auto-detect UserDetails from app ctx if principalRepository was not specified; -->
<!-- key is optional; if unspecified, in the NamespaceHandler pick a rnd int and use for all unspecified key properties for acegi beans -->
<security:authentication-remember-me-services
id="rememberMeServices" key="someValue"
principalRepositoryBeanRef="userDetailsService" />
<!-- The rules are:
AuthenticationManager interface is implemented by ProviderManager
So if you have any auto-detection, create a ProviderManager definition
If ProviderManager.setProvider(List) is never called, auto-detect all AuthenticationProviders from app ctx, using Ordered to resolve their order
Every authentication mechanism OR provider must start with security:authentication-something
Use appropriate attrs and elements depending on provider or mechanism
-->
<!-- make it optional, if not supplied autodetect all auth-providers from app ctx, using Ordered to resolve their order -->
<security:authentication-mechanism id="authenticationManager">
<security:authentication-jdbc ref="authenticationRepository"/>
</security:authentication-mechanism>
<!--<bean id="authenticationManager"
class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="authenticationRepository" />
</list>
</property>
</bean>-->
<!-- dao authentication provider -->
<security:authentication-repository id="authenticationRepository" />
<bean id="userDetailsService"
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource">
<ref bean="dataSource" />
</property>
</bean>
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName">
<value>org.hsqldb.jdbcDriver</value>
</property>
<property name="url">
<value>jdbc:hsqldb:mem:test</value>
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
</property>
<property name="username">
<value>sa</value>
</property>
<property name="password">
<value></value>
</property>
</bean>
</beans>

View File

@ -1,21 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- introspect all bean definitions for an explicit object of a "required" type, and if not found, add it. You can turn OFF ones you dont want added via attributes -->
<security:security-autoconfig exceptionTranslation="disable"
sessionContextIntegration="disable" logoutSupport="disable"
filterChain="disable" servletRequestEmulation="disabled"
anonyomousRoleGranter="disabled" />
</beans>

View File

@ -1,183 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- introspect all bean definitions for an explicit object of a "required" type, and if not found, add it. You can turn OFF ones you dont want added via attributes -->
<security:security-autoconfig exceptionTranslation="disable"
sessionContextIntegration="disable" logoutSupport="disable"
filterChain="disable" servletRequestEmulation="disabled"
anonyomousRoleGranter="disabled" />
<!-- autodetect attribute is the default, and an exception is thrown if false, as the expectation is they will write their own legacy <beans> format
FilterChainProxy bean definition is dissatisfied with the auto approach. The auto approach simply creates a bean definition similar to that shown
below with the AUTODETECT_ALL_ORDERED_FILTERs. As suggested, this causes a runtime check of app ctx for all javax.servlet.Filter instances, and
for each that also implemented Ordered, these are automatically applied to the pattern shown (which is **/* in the case of autodetect=true).*-->
<security:filter-chain id="id" />
<bean id="dcdc" class="FilterChainProxy">
<property name="chainConfig">
<value>
**/*=AUTODETECT_ALL_ORDERED_FILTERS
**/*=filter1,filter2,filter3
</value>
</property>
</bean>
<!-- also provide an OrderedFilterAdapter, impls Filter and Ordered, and can be configured declaratively in Spring XML (eg SiteMesh), setOrder, setDelegate(Filter object) -->
<!-- creates a bean definition for an AccessDecisionManager; strategy defaults to AffirmativeBased;
superclass AbstractAccessDecisionManager requires refactoring so if no setProvider(List) given, it introspects app ctx for all AccessDecisionVoters
and uses their Ordered interface to apply them; if one doesn't implement Ordered, assume it is Integer.MAX_VALUE -->
<security:authorization-manager id="id"
strategy="consensus|unanimous|affirmative" />
<!-- ======================== AUTHENTICATION ======================= -->
<!-- sessionCreation defaults to ifRequired. -->
<security:session-context-integration
id="httpSessionContextIntegrationFilter"
sessionCreation="never|ifRequired|always" />
<!-- The rules are:
AuthenticationManager interface is implemented by ProviderManager
So if you have any auto-detection, create a ProviderManager definition
If ProviderManager.setProvider(List) is never called, auto-detect all AuthenticationProviders from app ctx, using Ordered to resolve their order
Every authentication mechanism OR provider must start with security:authentication-something
Use appropriate attrs and elements depending on provider or mechanism
-->
<security:authentication-repository id="id"
repositoryBeanRef="beanIdOfRepositoryIfUnspecifiedAutoDetectTheirUserDetailsInstance">
<security:salt-source
saltSourceBeanRef="beanRefOfAnExternalEncoder" />
<!-- or allow it to be written inline as an inner bean -->
<security:password-encoder
encoder="md5|md5Hex|sha|shaHex|custom"
encoderBeanRef="beanRefOfAnExternalEncoder" />
<!-- same story here, inner beans allowed -->
</security:authentication-repository>
<security:salt-source>
<security:system-wide systemWideSalt="12345" />
<security-reflection userPropertyToUse="sss" />
</security:salt-source>
<!-- the URLs are all mandatory and have no defaults (well, except authenticationUrl) -->
<security:authentication-form id="id" authenticationUrl="/login"
loginFormUrl="/login.html" errorFormUrl="error.html" />
<!-- AuthenticationEntryPoints handled across the system via Ordered interface; every Acegi entry point has an order; the highest order wins and
is used as the entry point by ExceptionTranslationFilter; for things like BasicAuthenticationfilter, they're smart enough to know they need a
BasicAuthenticationProcessingFilterEntryPoint, so they use that one; here we have an entryPointOrder to say when we make the BasicEntryPoint,
we will call setOrder(2) such that this app effectively will use somehing with a higher order as the app-wide default -->
<security:authentication-basic id="id"
realmName="Spring Security Application" entryPointOrder="2" />
<!-- This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly.
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds -->
<security:principal-repository id="id">
<security:ldap
x="you can do the attributes and suitable nested elements" />
<security:jdbc
x="you can do the attributes and suitable nested elements" />
<security:properties
location="resourceStringToPropertiesFile">
<!-- if they specify a resource attrib, that means throw exception if they nest some user-definition data) -->
<security:user-definition username="ben"
password="nottellingYou" enabled="true"
it="more stuff if you want">
<security:granted-authority authority="ROLE_ANONYMOUS" />
<ref bean="fooBarAuthority" />
</security:user-definition>
</security:properties>
</security:principal-repository>
<!-- makes the filter, but does little else, as it auto-detects everything -->
<security:authentication-remember-me-filter id="id"
rememberMeServicesBeanRef="theId" />
<!-- services should auto-detect UserDetails from app ctx if principalRepository was not specified; key is handled in same way as discussed earlier -->
<security:authentication-remember-me-services id="id"
key="someValue" principalRepositoryBeanRef="jdbcDaoImpl" />
<!-- key is optional; if unspecified, in the NamespaceHandler pick a rnd int and use for all unspecified key properties for acegi beans -->
<security:anonymous-role-granter id="id" key="someValue">
<security:granted-authority authority="ROLE_ANONYMOUS" />
<ref bean="fooBarAuthority" />
</security:anonymous-role-granter>
<security:granted-authority id="fooBarAuthority"
authority="ROLE_FOOBAR" />
<!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) -->
<!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown -->
<security:logout-support id="logoutFilter"
redirectAfterLogoutUrl="/" logoutUrl="/logout" />
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
<!-- channel security out of scope; they use existing bean definition format; the channel filter will auto-detect and use Ordered interface as discussed above -->
<!-- any kind of ACL support is out of scope; frankly it is too hard for 1.1.0 -->
<!-- ensure element name is not overlapping with portlet or spring web flow or tapestry URI patterns, as this filter is incompatible with them -->
<security:authorization-http-url>
<security:url-mapping
source="xml - the default and no other options"
sourceBeanId="referenceToTheirObjectDefinitionSource">
<!-- Specify security:uri-patterns in order of processing; each pattern must specify EITHER a regularExpression OR a path, but not both
and ALL patterns in the url-mapping MUST be of the SAME type (ie cannot mix a regular expression and Ant Path) - give exception if tried -->
<security:uri-pattern path="/index.jsp"
regularExpression="whatever">
<security:configuration-attribute attribute="ROLE_A" />
<ref
bean="someExternalConfigurationAttributeThatIsATopLevelBean" />
</security:uri-pattern>
<security:uri-pattern path="/**"
regularExperssion="whatever">
<security:configuration-attribute attribute="ROLE_A" />
<ref
bean="someExternalConfigurationAttributeThatIsATopLevelBean" />
</security:uri-pattern>
</security:url-mapping>
</security:authorization-http-url>
<!-- the source refers to use of the relevant concete ObjectDefinitionSource; user can alternately specify their own instance and refer to it
via the sourceBeanId property; in that case they must specify "custom"; if unspecified, it means it's described as nested elements using the
security:method-pattern element, and you will therefore create it via the MethodDefinitionSourceEditor (that is what the default source=xml means, too)
For aspectj and springAop, that means create a MethodSecurityInterceptor and AspectJSecurityInterceptor bean definition respectively (in the case of
springAop, also create a MethodDefinitionSourceAdvisor); defaults to springAop=true, aspectJ=false -->
<security:authorization-joinpoint aspectj="false|true"
springAop="true|false">
<security:url-mapping source="custom|xml|attributes|annotations"
sourceBeanId="referenceToTheirObjectDefinitionSource">
<security:method-pattern
type="com.foo.Bar.whateverMethodNamePattern">
<security:configuration-attribute attribute="ROLE_A" />
<ref
bean="someExternalConfigurationAttributeThatIsATopLevelBean" />
</security:method-pattern>
</security:url-mapping>
<!-- if get time, do a new security:pointcut-pattern -->
</security:authorization-joinpoint>
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it;
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for
other props; i do not mind if you move the access denied stuff to a sub-element -->
<security:exception-translation id="id"
accessDeniedUrl="/accessDenied.jsp"
accessDeniedBeanRef="theBeanToUse">
<security:entry-point path="/acegilogin.jsp" https="boolean" />
</security:exception-translation>
</beans>

View File

@ -1,63 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
<!-- ======================== AUTHENTICATION ======================= -->
<!-- sessionCreation defaults to ifRequired(true) always(true) never(false) . -->
<security:session-context-integration id="httpSessionContextIntegrationFilter" sessionCreation="never" />
<!-- The rules are:
AuthenticationManager interface is implemented by ProviderManager
So if you have any auto-detection, create a ProviderManager definition
If ProviderManager.setProvider(List) is never called, auto-detect all AuthenticationProviders from app ctx, using Ordered to resolve their order
Every authentication mechanism OR provider must start with security:authentication-something
Use appropriate attrs and elements depending on provider or mechanism
-->
<!-- Case 1
<security:authentication-repository id="id" repositoryBeanRef="userDetails">
<security:salt-source
saltSourceBeanRef="beanRefOfAnExternalEncoder" />
or allow it to be written inline as an inner bean
<security:password-encoder
encoder="md5|md5Hex|sha|shaHex|custom"
encoderBeanRef="beanRefOfAnExternalEncoder" />
same story here, inner beans allowed
</security:authentication-repository>
<bean id="userDetails" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource"><ref bean="dataSource"/></property>
</bean>
Case 2: autodetect userDetails
<security:authentication-repository id="id">
<security:salt-source
saltSourceBeanRef="beanRefOfAnExternalEncoder" />
or allow it to be written inline as an inner bean
<security:password-encoder
encoder="md5|md5Hex|sha|shaHex|custom"
encoderBeanRef="beanRefOfAnExternalEncoder" />
same story here, inner beans allowed
</security:authentication-repository>
Case 3: inner beans
<security:authentication-repository id="id"
ref="userDetails">
<security:salt-source propertyName="propertyValue" />
or allow it to be written inline as an inner bean
<security:password-encoder encoder="md5" />
same story here, inner beans allowed
</security:authentication-repository>
--></beans>

View File

@ -1,2 +0,0 @@
vishal=ity,ROLE_ADMIN
ity=vishal,ROLE_TELLER

View File

@ -1,7 +1,5 @@
<?xml version="1.0" encoding="ISO-8859-1"?> <?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<parent> <parent>
<groupId>org.acegisecurity</groupId> <groupId>org.acegisecurity</groupId>
@ -22,6 +20,7 @@
<module>webwork</module> <module>webwork</module>
<module>openid</module> <module>openid</module>
<module>other</module> <module>other</module>
<module>spring-security-config</module>
</modules> </modules>
<dependencies> <dependencies>