SEC-271: Moved spring security namespaces cnfig code to sandbox
This commit is contained in:
parent
a8b402462e
commit
b30162191e
|
@ -1,50 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
import org.acegisecurity.ui.AccessDeniedHandler;
|
|
||||||
import org.acegisecurity.ui.ExceptionTranslationFilter;
|
|
||||||
import org.springframework.beans.BeansException;
|
|
||||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.util.Assert;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class AccessDeniedHandlerBeanDefinitionLocator implements BeanFactoryPostProcessor {
|
|
||||||
|
|
||||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
|
|
||||||
|
|
||||||
Map m = beanFactory.getBeansOfType(AccessDeniedHandler.class);
|
|
||||||
|
|
||||||
List l = new ArrayList(m.values());
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if (m.size() > 1) {
|
|
||||||
throw new IllegalArgumentException(
|
|
||||||
"More than one AccessDeniedHandler beans detected please refer to the one using "
|
|
||||||
+ " [ accessDeniedBeanRef ] " + "attribute");
|
|
||||||
}
|
|
||||||
else if (m.size() == 1) {
|
|
||||||
// use this
|
|
||||||
String[] names = beanFactory.getBeanNamesForType(ExceptionTranslationFilter.class);
|
|
||||||
Assert.notEmpty(names, "No bean of type ExceptionTranslationFilter found in ApplicationContext");
|
|
||||||
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[0]);
|
|
||||||
Assert.isAssignable(AccessDeniedHandler.class, l.get(0).getClass());
|
|
||||||
definition.getPropertyValues().addPropertyValue("accessDeniedHandler", l.get(0));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
// use the default one for now
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,73 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.providers.ProviderManager;
|
|
||||||
import org.springframework.beans.factory.config.BeanDefinitionHolder;
|
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
|
||||||
import org.springframework.beans.factory.support.AbstractBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.support.ManagedList;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
|
||||||
import org.springframework.util.Assert;
|
|
||||||
import org.springframework.util.StringUtils;
|
|
||||||
import org.w3c.dom.Element;
|
|
||||||
import org.w3c.dom.Node;
|
|
||||||
import org.w3c.dom.NodeList;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDefinitionParser implements
|
|
||||||
BeanDefinitionParser {
|
|
||||||
|
|
||||||
private static final String AUTHENTICATION_JDBC = "authentication-jdbc";
|
|
||||||
|
|
||||||
private static final String REF = "ref";
|
|
||||||
|
|
||||||
private boolean providerExists = false;
|
|
||||||
|
|
||||||
|
|
||||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
|
|
||||||
|
|
||||||
ManagedList providers = new ManagedList();
|
|
||||||
Assert.notNull(parserContext, "ParserContext must not be null");
|
|
||||||
RootBeanDefinition authMechanismBeanDef = new RootBeanDefinition(ProviderManager.class);
|
|
||||||
NodeList childNodes = element.getChildNodes();
|
|
||||||
|
|
||||||
for (int i = 0, n = childNodes.getLength(); i < n; i++) {
|
|
||||||
Node node = childNodes.item(i);
|
|
||||||
|
|
||||||
if (node.getNodeType() == Node.ELEMENT_NODE) {
|
|
||||||
Element childElement = (Element) node;
|
|
||||||
this.providerExists = true;
|
|
||||||
|
|
||||||
if (AUTHENTICATION_JDBC.equals(node.getLocalName())) {
|
|
||||||
String attribute = childElement.getAttribute(REF);
|
|
||||||
if (StringUtils.hasLength(attribute)) {
|
|
||||||
// create a beandefinition
|
|
||||||
providers.add(new RuntimeBeanReference(attribute));
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
// TODO:Add other providers here
|
|
||||||
}
|
|
||||||
authMechanismBeanDef.getPropertyValues().addPropertyValue("providers", providers);
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!this.providerExists) {
|
|
||||||
RootBeanDefinition rootBeanDefinition = new RootBeanDefinition(AuthenticationProviderOrderResolver.class);
|
|
||||||
BeanDefinitionHolder beanDefinitionHolder = new BeanDefinitionHolder(rootBeanDefinition,
|
|
||||||
"providerOrderResolver");
|
|
||||||
registerBeanDefinition(beanDefinitionHolder, parserContext.getRegistry());
|
|
||||||
}
|
|
||||||
|
|
||||||
return authMechanismBeanDef;
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,58 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
|
|
||||||
import org.springframework.beans.factory.support.AbstractBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
|
||||||
import org.springframework.util.StringUtils;
|
|
||||||
import org.w3c.dom.Element;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class AuthenticationProcessingFilterBeanDefinitionParser extends AbstractBeanDefinitionParser implements
|
|
||||||
BeanDefinitionParser {
|
|
||||||
|
|
||||||
// ~ Instance fields
|
|
||||||
// ================================================================================================
|
|
||||||
|
|
||||||
private static final String AUTHENTICATION_URL = "authenticationUrl";
|
|
||||||
|
|
||||||
private static final String ERROR_FORM_URL = "errorFormUrl";
|
|
||||||
|
|
||||||
private static final String DEFAULT_TARGET_URL = "defaultTargetUrl";
|
|
||||||
|
|
||||||
// ~ Methods
|
|
||||||
// ================================================================================================
|
|
||||||
|
|
||||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
|
|
||||||
|
|
||||||
RootBeanDefinition definition = new RootBeanDefinition(AuthenticationProcessingFilter.class);
|
|
||||||
|
|
||||||
setPropertyIfAvailable(element, AUTHENTICATION_URL, "filterProcessesUrl", definition);
|
|
||||||
setPropertyIfAvailable(element, ERROR_FORM_URL, "authenticationFailureUrl", definition);
|
|
||||||
setPropertyIfAvailable(element, DEFAULT_TARGET_URL, "defaultTargetUrl", definition);
|
|
||||||
|
|
||||||
// register BFPP to re-unite all other collaborators
|
|
||||||
RootBeanDefinition postProcessor = new RootBeanDefinition(
|
|
||||||
AuthenticationProcessingFilterDependenciesConfigurer.class);
|
|
||||||
parserContext.getReaderContext().registerWithGeneratedName(postProcessor);
|
|
||||||
|
|
||||||
return definition;
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setPropertyIfAvailable(Element element, String attribute, String property,
|
|
||||||
RootBeanDefinition definition) {
|
|
||||||
String propertyValue = element.getAttribute(attribute);
|
|
||||||
if (StringUtils.hasText(propertyValue)) {
|
|
||||||
definition.getPropertyValues().addPropertyValue(property, propertyValue);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,43 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.AuthenticationManager;
|
|
||||||
import org.acegisecurity.ui.rememberme.RememberMeServices;
|
|
||||||
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
|
|
||||||
import org.springframework.beans.BeansException;
|
|
||||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class AuthenticationProcessingFilterDependenciesConfigurer implements BeanFactoryPostProcessor {
|
|
||||||
|
|
||||||
// ~ Methods
|
|
||||||
// ================================================================================================
|
|
||||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
|
|
||||||
|
|
||||||
String [] authenticationProcessingFilter = beanFactory.getBeanNamesForType(AuthenticationProcessingFilter.class);
|
|
||||||
|
|
||||||
RootBeanDefinition def = (RootBeanDefinition)beanFactory.getBeanDefinition(authenticationProcessingFilter[0]);
|
|
||||||
|
|
||||||
String[] remServiceNames = beanFactory.getBeanNamesForType(RememberMeServices.class);
|
|
||||||
|
|
||||||
RootBeanDefinition rememberMeServices = (RootBeanDefinition) beanFactory.getBeanDefinition(remServiceNames[0]);
|
|
||||||
|
|
||||||
if (remServiceNames.length > 0)
|
|
||||||
def.getPropertyValues()
|
|
||||||
.addPropertyValue("rememberMeServices", rememberMeServices);
|
|
||||||
|
|
||||||
String[] authManager = beanFactory.getBeanNamesForType(AuthenticationManager.class);
|
|
||||||
|
|
||||||
RootBeanDefinition authenticationManager = (RootBeanDefinition) beanFactory.getBeanDefinition(authManager[0]);
|
|
||||||
|
|
||||||
if (authManager.length > 0)
|
|
||||||
def.getPropertyValues().addPropertyValue("authenticationManager", authenticationManager);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,46 +0,0 @@
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.Arrays;
|
|
||||||
import java.util.Collections;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
import org.acegisecurity.AuthenticationManager;
|
|
||||||
import org.acegisecurity.providers.AuthenticationProvider;
|
|
||||||
import org.springframework.beans.BeansException;
|
|
||||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.beans.factory.support.ManagedList;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.core.OrderComparator;
|
|
||||||
|
|
||||||
public class AuthenticationProviderOrderResolver implements BeanFactoryPostProcessor {
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
|
|
||||||
// retrieve all the AuthenticationProvider instances
|
|
||||||
ManagedList providers = retrieveAllAuthenticationProviders(beanFactory);
|
|
||||||
String[] names = beanFactory.getBeanNamesForType(AuthenticationManager.class);
|
|
||||||
RootBeanDefinition definition = (RootBeanDefinition)beanFactory.getBeanDefinition(names[0]);
|
|
||||||
definition.getPropertyValues().addPropertyValue("providers",providers);
|
|
||||||
}
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param beanFactory
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
private ManagedList retrieveAllAuthenticationProviders(ConfigurableListableBeanFactory beanFactory) {
|
|
||||||
String[] m = beanFactory.getBeanNamesForType(AuthenticationProvider.class);
|
|
||||||
ManagedList l = new ManagedList();
|
|
||||||
for(int i=0;i<m.length;i++){
|
|
||||||
RootBeanDefinition def = (RootBeanDefinition)beanFactory.getBeanDefinition(m[i]);
|
|
||||||
l.add(def);
|
|
||||||
}
|
|
||||||
Collections.sort(l, new OrderComparator());
|
|
||||||
return l;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,196 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
|
|
||||||
import org.acegisecurity.providers.dao.salt.ReflectionSaltSource;
|
|
||||||
import org.acegisecurity.providers.dao.salt.SystemWideSaltSource;
|
|
||||||
import org.acegisecurity.providers.encoding.Md5PasswordEncoder;
|
|
||||||
import org.springframework.beans.factory.config.BeanDefinitionHolder;
|
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
|
||||||
import org.springframework.beans.factory.support.AbstractBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
|
||||||
import org.springframework.util.Assert;
|
|
||||||
import org.springframework.util.StringUtils;
|
|
||||||
import org.springframework.util.xml.DomUtils;
|
|
||||||
import org.w3c.dom.Element;
|
|
||||||
import org.w3c.dom.Node;
|
|
||||||
import org.w3c.dom.NodeList;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser {
|
|
||||||
|
|
||||||
// ~ Instance fields
|
|
||||||
// ================================================================================================
|
|
||||||
|
|
||||||
private static final String REPOSITORY_BEAN_REF = "repositoryBeanRef";
|
|
||||||
|
|
||||||
private static final String USER_DETAILS_SERVICE = "userDetailsService";
|
|
||||||
|
|
||||||
private static final String SALT_SOURCE_ELEMENT = "salt-source";
|
|
||||||
|
|
||||||
private static final String SALT_SOURCE_REF = "saltSourceBeanRef";
|
|
||||||
|
|
||||||
private static final String SYSTEM_WIDE_SALT_SOURCE = "system-wide";
|
|
||||||
|
|
||||||
private static final String REFLECTION_SALT_SOURCE = "reflection";
|
|
||||||
|
|
||||||
private static final String PASSWORD_ENCODER_ELEMENT = "password-encoder";
|
|
||||||
|
|
||||||
private static final String PASSWORD_ENCODER_REF = "encoderBeanRef";
|
|
||||||
|
|
||||||
private static final String PASSWORD_ENCODER = "encoder";
|
|
||||||
|
|
||||||
// ~ Method
|
|
||||||
// ================================================================================================
|
|
||||||
/**
|
|
||||||
* TODO: Document Me !!!
|
|
||||||
*/
|
|
||||||
public AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
|
|
||||||
Assert.notNull(parserContext, "ParserContext must not be null");
|
|
||||||
|
|
||||||
RootBeanDefinition repositoryBeanDef = new RootBeanDefinition(DaoAuthenticationProvider.class);
|
|
||||||
|
|
||||||
// check if saltSource is defined
|
|
||||||
Element saltSourceEle = DomUtils.getChildElementByTagName(element, SALT_SOURCE_ELEMENT);
|
|
||||||
setSaltSourceProperty(repositoryBeanDef, saltSourceEle);
|
|
||||||
|
|
||||||
Element passwordEncoderEle = DomUtils.getChildElementByTagName(element, PASSWORD_ENCODER_ELEMENT);
|
|
||||||
setPasswordEncoderProperty(repositoryBeanDef, passwordEncoderEle);
|
|
||||||
|
|
||||||
// if repositoryBeanRef is specified use its referred bean
|
|
||||||
String userDetailsRef = element.getAttribute(REPOSITORY_BEAN_REF);
|
|
||||||
if (StringUtils.hasLength(userDetailsRef)) {
|
|
||||||
repositoryBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE,
|
|
||||||
new RuntimeBeanReference(userDetailsRef));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
// autodetect userDetailsService from App Context
|
|
||||||
RootBeanDefinition depConfigurer = new RootBeanDefinition(
|
|
||||||
AuthenticationRepositoryDependenciesConfigurer.class);
|
|
||||||
BeanDefinitionHolder holder = new BeanDefinitionHolder(depConfigurer, parserContext.getReaderContext().generateBeanName(depConfigurer));
|
|
||||||
registerBeanDefinition(holder, parserContext.getRegistry());
|
|
||||||
}
|
|
||||||
return repositoryBeanDef;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param repositoryBeanDef
|
|
||||||
* @param element
|
|
||||||
*/
|
|
||||||
private void setSaltSourceProperty(RootBeanDefinition repositoryBeanDef, Element element) {
|
|
||||||
if (element != null) {
|
|
||||||
setBeanReferenceOrInnerBeanDefinitions(repositoryBeanDef, element, "saltSource", element
|
|
||||||
.getAttribute(SALT_SOURCE_REF));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param repositoryBeanDef
|
|
||||||
* @param element
|
|
||||||
*/
|
|
||||||
private void setPasswordEncoderProperty(RootBeanDefinition repositoryBeanDef, Element element) {
|
|
||||||
if (element != null) {
|
|
||||||
setBeanReferenceOrInnerBeanDefinitions(repositoryBeanDef, element, "passwordEncoder", element
|
|
||||||
.getAttribute(PASSWORD_ENCODER_REF));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param repositoryBeanDef
|
|
||||||
* @param element
|
|
||||||
* @param property
|
|
||||||
* @param reference
|
|
||||||
*/
|
|
||||||
private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition repositoryBeanDef, Element element,
|
|
||||||
String property, String reference) {
|
|
||||||
// check for encoderBeanRef attribute
|
|
||||||
if (StringUtils.hasLength(reference)) {
|
|
||||||
repositoryBeanDef.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(reference));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
doSetInnerBeanDefinitions(repositoryBeanDef, element, property);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param repositoryBeanDef
|
|
||||||
* @param element
|
|
||||||
* @param property
|
|
||||||
*/
|
|
||||||
private void doSetInnerBeanDefinitions(RootBeanDefinition repositoryBeanDef, Element element, String property) {
|
|
||||||
NodeList children = element.getChildNodes();
|
|
||||||
for (int i = 0, n = children.getLength(); i < n; i++) {
|
|
||||||
Node node = children.item(i);
|
|
||||||
|
|
||||||
if (node.getNodeType() == Node.ELEMENT_NODE) {
|
|
||||||
Element childElement = (Element) node;
|
|
||||||
RootBeanDefinition innerBeanDefinition = null;
|
|
||||||
|
|
||||||
if (SYSTEM_WIDE_SALT_SOURCE.equals(node.getLocalName())) {
|
|
||||||
innerBeanDefinition = createSystemWideSaltSource(childElement);
|
|
||||||
repositoryBeanDef.getPropertyValues().addPropertyValue(property, innerBeanDefinition);
|
|
||||||
}
|
|
||||||
else if (REFLECTION_SALT_SOURCE.equals(node.getLocalName())) {
|
|
||||||
innerBeanDefinition = createReflectionSaltSource(childElement);
|
|
||||||
repositoryBeanDef.getPropertyValues().addPropertyValue(property, innerBeanDefinition);
|
|
||||||
}
|
|
||||||
if (PASSWORD_ENCODER.equals(node.getLocalName())) {
|
|
||||||
RootBeanDefinition passwordEncoderInnerBeanDefinition = createPasswordEncoder(childElement);
|
|
||||||
repositoryBeanDef.getPropertyValues()
|
|
||||||
.addPropertyValue(property, passwordEncoderInnerBeanDefinition);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param childElement
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
private RootBeanDefinition createPasswordEncoder(Element childElement) {
|
|
||||||
String attributeValue = childElement.getAttribute("method");
|
|
||||||
RootBeanDefinition definition = null;
|
|
||||||
// TODO: add other encoders support
|
|
||||||
if (attributeValue.equals("md5")) {
|
|
||||||
definition = new RootBeanDefinition(Md5PasswordEncoder.class);
|
|
||||||
}
|
|
||||||
return definition;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param saltSourceTypeElement
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
private RootBeanDefinition createReflectionSaltSource(Element saltSourceTypeElement) {
|
|
||||||
RootBeanDefinition definition = new RootBeanDefinition(ReflectionSaltSource.class);
|
|
||||||
definition.getPropertyValues().addPropertyValue("userPropertyToUse",
|
|
||||||
saltSourceTypeElement.getAttribute("userPropertyToUse"));
|
|
||||||
return definition;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param saltSourceTypeElement
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
private RootBeanDefinition createSystemWideSaltSource(Element saltSourceTypeElement) {
|
|
||||||
RootBeanDefinition definition = new RootBeanDefinition(SystemWideSaltSource.class);
|
|
||||||
definition.getPropertyValues().addPropertyValue("systemWideSalt",
|
|
||||||
saltSourceTypeElement.getAttribute("systemWideSalt"));
|
|
||||||
return definition;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,37 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
|
|
||||||
import org.acegisecurity.userdetails.UserDetailsService;
|
|
||||||
import org.springframework.beans.BeansException;
|
|
||||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class AuthenticationRepositoryDependenciesConfigurer implements BeanFactoryPostProcessor {
|
|
||||||
|
|
||||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
|
|
||||||
System.out.println("whyyyy??????");
|
|
||||||
String[] userDetailServices = beanFactory.getBeanNamesForType(UserDetailsService.class);
|
|
||||||
|
|
||||||
String[] authenticationProvider = beanFactory.getBeanNamesForType(DaoAuthenticationProvider.class);
|
|
||||||
|
|
||||||
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(authenticationProvider[0]);
|
|
||||||
|
|
||||||
// there should be only one principal-repository defined, pick the first
|
|
||||||
// one
|
|
||||||
if (userDetailServices.length != 0) {
|
|
||||||
definition.getPropertyValues().addPropertyValue("userDetailsService",
|
|
||||||
new RuntimeBeanReference(userDetailServices[0]));
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,78 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.context.HttpSessionContextIntegrationFilter;
|
|
||||||
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
|
||||||
import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
|
||||||
import org.springframework.core.Conventions;
|
|
||||||
import org.springframework.util.Assert;
|
|
||||||
import org.springframework.util.StringUtils;
|
|
||||||
import org.w3c.dom.Attr;
|
|
||||||
import org.w3c.dom.Element;
|
|
||||||
import org.w3c.dom.NamedNodeMap;
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class ContextIntegrationBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
|
|
||||||
|
|
||||||
private static final String HTTP_SESSION_CONTEXT_INTEGRATION = "session-context-integration";
|
|
||||||
|
|
||||||
private static final String SESSION_CREATION = "sessionCreation";
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
private static final String IF_REQUIRED = "ifRequired";
|
|
||||||
|
|
||||||
private static final String ALWAYS = "always";
|
|
||||||
|
|
||||||
private static final String NEVER = "never";
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
protected Class getBeanClass(Element element) {
|
|
||||||
return HttpSessionContextIntegrationFilter.class;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
|
|
||||||
|
|
||||||
NamedNodeMap attributes = element.getAttributes();
|
|
||||||
|
|
||||||
for (int x = 0; x < attributes.getLength(); x++) {
|
|
||||||
Attr attribute = (Attr) attributes.item(x);
|
|
||||||
String attributeName = attribute.getLocalName();
|
|
||||||
if ( !ID_ATTRIBUTE.equals(attributeName)) {
|
|
||||||
if (attributeName.equals(SESSION_CREATION)) {
|
|
||||||
String sessionCreation = element.getAttribute(SESSION_CREATION);
|
|
||||||
|
|
||||||
if(sessionCreation.equals(IF_REQUIRED)) {
|
|
||||||
builder.addPropertyValue("allowSessionCreation", Boolean.TRUE);
|
|
||||||
}
|
|
||||||
|
|
||||||
if(sessionCreation.equals(ALWAYS)) {
|
|
||||||
builder.addPropertyValue("allowSessionCreation", Boolean.TRUE);
|
|
||||||
}
|
|
||||||
|
|
||||||
if(sessionCreation.equals(NEVER)) {
|
|
||||||
builder.addPropertyValue("allowSessionCreation", Boolean.FALSE);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else{
|
|
||||||
String propertyName = Conventions.attributeNameToPropertyName(attributeName);
|
|
||||||
Assert.state(StringUtils.hasText(propertyName),
|
|
||||||
"Illegal property name returned from 'extractPropertyName(String)': cannot be null or empty.");
|
|
||||||
builder.addPropertyValue(propertyName, attribute.getValue());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
|
@ -1,121 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.ui.AccessDeniedHandlerImpl;
|
|
||||||
import org.acegisecurity.ui.ExceptionTranslationFilter;
|
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
|
||||||
import org.springframework.beans.factory.support.AbstractBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
|
||||||
import org.springframework.util.StringUtils;
|
|
||||||
import org.springframework.util.xml.DomUtils;
|
|
||||||
import org.w3c.dom.Element;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Basically accessDeniedUrl is optional, we if unspecified impl will
|
|
||||||
* auto-detect any AccessDeniedHandler in ctx and use it; alternately if there
|
|
||||||
* are > 1 such handlers, we can nominate the one to use via
|
|
||||||
* accessDeniedBeanRef;
|
|
||||||
*
|
|
||||||
* @author vpuri
|
|
||||||
* @since
|
|
||||||
*/
|
|
||||||
public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBeanDefinitionParser {
|
|
||||||
|
|
||||||
private static final String ACCESS_DENIED = "access-denied";
|
|
||||||
|
|
||||||
private static final String ACCESS_DENIED_REF = "accessDeniedBeanRef";
|
|
||||||
|
|
||||||
private static final String ACCESS_DENIED_URL = "accessDeniedUrl";
|
|
||||||
|
|
||||||
private static final String ENTRY_POINT = "entry-point";
|
|
||||||
|
|
||||||
private static final String ENTRY_POINT_REF ="entryPointBeanRef";
|
|
||||||
|
|
||||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
|
|
||||||
|
|
||||||
RootBeanDefinition exceptionFilterDef = new RootBeanDefinition(ExceptionTranslationFilter.class);
|
|
||||||
|
|
||||||
// add handler
|
|
||||||
Element accessDeniedElement = DomUtils.getChildElementByTagName(element, ACCESS_DENIED);
|
|
||||||
setAccessDeniedHandlerProperty(parserContext, exceptionFilterDef, accessDeniedElement);
|
|
||||||
|
|
||||||
Element entryPointElement = DomUtils.getChildElementByTagName(element, ENTRY_POINT);
|
|
||||||
setEntryPointProperty(exceptionFilterDef, entryPointElement);
|
|
||||||
|
|
||||||
return exceptionFilterDef;
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setEntryPointProperty(RootBeanDefinition exceptionFilterDef, Element entryPointElement) {
|
|
||||||
if (entryPointElement != null) {
|
|
||||||
setBeanReferenceOrInnerBeanDefinitions(exceptionFilterDef, entryPointElement, "authenticationEntryPoint",
|
|
||||||
entryPointElement.getAttribute(ENTRY_POINT_REF));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param parserContext
|
|
||||||
* @param repositoryBeanDef
|
|
||||||
* @param element
|
|
||||||
*/
|
|
||||||
private void setAccessDeniedHandlerProperty(ParserContext parserContext, RootBeanDefinition exceptionFilterDef,
|
|
||||||
Element accessDeniedElement) {
|
|
||||||
if (accessDeniedElement != null) {
|
|
||||||
setBeanReferenceOrInnerBeanDefinitions(exceptionFilterDef, accessDeniedElement, "accessDeniedHandler",
|
|
||||||
accessDeniedElement.getAttribute(ACCESS_DENIED_REF));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
// register BFPP to check if handler exist in application context,
|
|
||||||
// if > 1 throw error saying ref should be specified as there are
|
|
||||||
// more than one
|
|
||||||
RootBeanDefinition accessDeniedHandlerLocatorBeanDef = new RootBeanDefinition(
|
|
||||||
AccessDeniedHandlerBeanDefinitionLocator.class);
|
|
||||||
parserContext.getReaderContext().registerWithGeneratedName(accessDeniedHandlerLocatorBeanDef);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param repositoryBeanDef
|
|
||||||
* @param element
|
|
||||||
* @param property
|
|
||||||
* @param reference
|
|
||||||
*/
|
|
||||||
private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef,
|
|
||||||
Element element, String property, String beanRef) {
|
|
||||||
// check for encoderBeanRef attribute
|
|
||||||
if (StringUtils.hasLength(beanRef)) {
|
|
||||||
exceptionFilterDef.getPropertyValues().addPropertyValue(property,
|
|
||||||
new RuntimeBeanReference(beanRef));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
doSetInnerBeanDefinitions(exceptionFilterDef, element, property);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param repositoryBeanDef
|
|
||||||
* @param element
|
|
||||||
* @param property
|
|
||||||
*/
|
|
||||||
private void doSetInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef, Element accessDeniedElement,
|
|
||||||
String property) {
|
|
||||||
RootBeanDefinition accessDeniedHandlerBeanDef = new RootBeanDefinition(AccessDeniedHandlerImpl.class);
|
|
||||||
setPropertyIfAvailable(accessDeniedElement, ACCESS_DENIED_URL, "errorPage", accessDeniedHandlerBeanDef);
|
|
||||||
exceptionFilterDef.getPropertyValues().addPropertyValue(property, accessDeniedHandlerBeanDef);
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setPropertyIfAvailable(Element element, String attribute, String property,
|
|
||||||
RootBeanDefinition definition) {
|
|
||||||
String propertyValue = element.getAttribute(attribute);
|
|
||||||
if (StringUtils.hasText(propertyValue)) {
|
|
||||||
definition.getPropertyValues().addPropertyValue(property, propertyValue);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,64 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.ui.logout.LogoutFilter;
|
|
||||||
import org.springframework.beans.factory.support.AbstractBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
|
||||||
import org.springframework.util.StringUtils;
|
|
||||||
import org.w3c.dom.Element;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
* @since
|
|
||||||
*/
|
|
||||||
public class LogoutFilterBeanDefinitionParser extends AbstractBeanDefinitionParser {
|
|
||||||
|
|
||||||
// ~ Instance fields
|
|
||||||
// ================================================================================================
|
|
||||||
private static final String REDIRECT_AFTER_LOGOUT_URL = "redirectAfterLogoutUrl";
|
|
||||||
|
|
||||||
private static final String LOGOUT_URL = "logoutUrl";
|
|
||||||
|
|
||||||
// ~ Methods
|
|
||||||
// ================================================================================================
|
|
||||||
|
|
||||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
|
|
||||||
|
|
||||||
// add the properties
|
|
||||||
RootBeanDefinition definition = new RootBeanDefinition(LogoutFilter.class);
|
|
||||||
setConstructorArgumentIfAvailable(0, element, REDIRECT_AFTER_LOGOUT_URL, "logoutSuccessUrl", definition);
|
|
||||||
|
|
||||||
setPropertyIfAvailable(element, LOGOUT_URL, "filterProcessesUrl", definition);
|
|
||||||
|
|
||||||
// register BFPP to check if LogoutFilter does not have setHandlers
|
|
||||||
// populated, introspect app ctx for LogoutHandlers, using Ordered (if
|
|
||||||
// present, otherwise assume Integer.MAX_VALUE)
|
|
||||||
RootBeanDefinition bfpp = new RootBeanDefinition(LogoutHandlerOrderResolver.class);
|
|
||||||
parserContext.getReaderContext().registerWithGeneratedName(bfpp);
|
|
||||||
|
|
||||||
return definition;
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setConstructorArgumentIfAvailable(int index, Element element, String attribute, String property,
|
|
||||||
RootBeanDefinition definition) {
|
|
||||||
String propertyValue = element.getAttribute(attribute);
|
|
||||||
if (StringUtils.hasText(propertyValue)) {
|
|
||||||
definition.getConstructorArgumentValues().addIndexedArgumentValue(index, propertyValue);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setPropertyIfAvailable(Element element, String attribute, String property,
|
|
||||||
RootBeanDefinition definition) {
|
|
||||||
String propertyValue = element.getAttribute(attribute);
|
|
||||||
if (StringUtils.hasText(propertyValue)) {
|
|
||||||
definition.getPropertyValues().addPropertyValue(property, propertyValue);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
//
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,95 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import java.util.Collections;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
import org.acegisecurity.ui.logout.LogoutFilter;
|
|
||||||
import org.acegisecurity.ui.logout.LogoutHandler;
|
|
||||||
import org.acegisecurity.ui.logout.SecurityContextLogoutHandler;
|
|
||||||
import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
|
|
||||||
import org.springframework.beans.BeansException;
|
|
||||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.beans.factory.config.ConstructorArgumentValues.ValueHolder;
|
|
||||||
import org.springframework.beans.factory.support.ManagedList;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.core.OrderComparator;
|
|
||||||
import org.springframework.core.Ordered;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
* @since
|
|
||||||
*/
|
|
||||||
public class LogoutHandlerOrderResolver implements BeanFactoryPostProcessor {
|
|
||||||
|
|
||||||
// ~ Methods
|
|
||||||
// ================================================================================================
|
|
||||||
|
|
||||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
|
|
||||||
// If LogoutFilter does not have setHandlers populated, introspect app
|
|
||||||
// ctx for LogoutHandlers, using Ordered (if present, otherwise assume
|
|
||||||
// Integer.MAX_VALUE)
|
|
||||||
String[] names = beanFactory.getBeanNamesForType(LogoutFilter.class);
|
|
||||||
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[0]);
|
|
||||||
ValueHolder holder = getHandlersIfConfigured(beanFactory, definition);
|
|
||||||
if (holder == null) {
|
|
||||||
// intropect the appcontext for registerd LogoutHandler
|
|
||||||
List logoutHandlers = retrieveAllLogoutHandlers(beanFactory);
|
|
||||||
definition.getConstructorArgumentValues().addIndexedArgumentValue(1, logoutHandlers);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param beanFactory
|
|
||||||
* @param definition
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
private ValueHolder getHandlersIfConfigured(ConfigurableListableBeanFactory beanFactory,
|
|
||||||
RootBeanDefinition definition) {
|
|
||||||
// there should be only one LogoutFilter
|
|
||||||
return definition.getConstructorArgumentValues().getArgumentValue(1, null);
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param beanFactory
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
private List retrieveAllLogoutHandlers(ConfigurableListableBeanFactory beanFactory) {
|
|
||||||
String[] names = beanFactory.getBeanNamesForType(LogoutHandler.class);
|
|
||||||
ManagedList list = new ManagedList();
|
|
||||||
|
|
||||||
for (int i = 0, n = names.length; i < n; i++) {
|
|
||||||
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[i]);
|
|
||||||
|
|
||||||
if (definition.hasBeanClass()) {
|
|
||||||
if (Ordered.class.isAssignableFrom(definition.getBeanClass())) {
|
|
||||||
definition.getPropertyValues().addPropertyValue("order",
|
|
||||||
new Integer(getOrder(definition.getBeanClass())));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
definition.getPropertyValues().addPropertyValue("order", new Integer(Integer.MAX_VALUE));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
list.add(definition);
|
|
||||||
}
|
|
||||||
Collections.sort(list, new OrderComparator());
|
|
||||||
return list;
|
|
||||||
}
|
|
||||||
|
|
||||||
private int getOrder(Class clazz) {
|
|
||||||
if (clazz.getName().equals(TokenBasedRememberMeServices.class.getName())) {
|
|
||||||
return 100;
|
|
||||||
}
|
|
||||||
if (clazz.getName().equals(SecurityContextLogoutHandler.class.getName())) {
|
|
||||||
return 200;
|
|
||||||
}
|
|
||||||
return Integer.MAX_VALUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,235 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import java.util.Properties;
|
|
||||||
|
|
||||||
import org.acegisecurity.GrantedAuthorityImpl;
|
|
||||||
import org.acegisecurity.userdetails.User;
|
|
||||||
import org.acegisecurity.userdetails.UserDetails;
|
|
||||||
import org.acegisecurity.userdetails.jdbc.JdbcDaoImpl;
|
|
||||||
import org.acegisecurity.userdetails.memory.InMemoryDaoImpl;
|
|
||||||
import org.acegisecurity.userdetails.memory.UserAttribute;
|
|
||||||
import org.acegisecurity.userdetails.memory.UserMap;
|
|
||||||
import org.apache.commons.logging.Log;
|
|
||||||
import org.apache.commons.logging.LogFactory;
|
|
||||||
import org.springframework.beans.factory.config.PropertiesFactoryBean;
|
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
|
||||||
import org.springframework.beans.factory.support.AbstractBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
|
||||||
import org.springframework.beans.factory.support.ManagedList;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
|
||||||
import org.springframework.util.StringUtils;
|
|
||||||
import org.w3c.dom.Element;
|
|
||||||
import org.w3c.dom.Node;
|
|
||||||
import org.w3c.dom.NodeList;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class PrincipalRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser implements
|
|
||||||
BeanDefinitionParser {
|
|
||||||
|
|
||||||
// ~ Static fields/initializers =====================================================================================
|
|
||||||
|
|
||||||
private static final Log logger = LogFactory.getLog(PrincipalRepositoryBeanDefinitionParser.class);
|
|
||||||
|
|
||||||
// ~ Instance fields
|
|
||||||
// ================================================================================================
|
|
||||||
private static final String JDBC = "jdbc";
|
|
||||||
|
|
||||||
private static final String DATASOURCE_REF = "dataSourceBeanRef";
|
|
||||||
|
|
||||||
private static final String DATASOURCE = "dataSource";
|
|
||||||
|
|
||||||
private static final String JDBCTEMPLATE_REF = "jdbcTemplateBeanRef";
|
|
||||||
|
|
||||||
private static final String JDBCTEMPLATE = "jdbcTemplate";
|
|
||||||
|
|
||||||
private static final String AUTHORITIES_BY_USERNAME_QUERY = "authoritiesByUsernameQuery";
|
|
||||||
|
|
||||||
private static final String ROLE_PREFIX = "rolePrefix";
|
|
||||||
|
|
||||||
private static final String USERNAME_BASED_PRIMARY_KEY = "usernameBasedPrimaryKey";
|
|
||||||
|
|
||||||
private static final String PROPERTIES = "properties";
|
|
||||||
|
|
||||||
private static final String RESOURCE = "resource";
|
|
||||||
|
|
||||||
private static final String USER_PROPERTIES = "userProperties";
|
|
||||||
|
|
||||||
private static final String USER_DEFINITION = "user-definition";
|
|
||||||
|
|
||||||
private static final Object GRANTED_AUTHORITY = "granted-authority";
|
|
||||||
|
|
||||||
private static final String USERNAME = "username";
|
|
||||||
|
|
||||||
private static final String PASSWORD = "password";
|
|
||||||
|
|
||||||
private static final String ENABLED = "enabled";
|
|
||||||
|
|
||||||
private static final String GRANTED_AUTHORITY_REF = "granted-authority-ref";
|
|
||||||
|
|
||||||
private static final String AUTHORITY = "authority";
|
|
||||||
|
|
||||||
private static final String AUTHORITY_BEAN_REF="authorityBeanRef";
|
|
||||||
|
|
||||||
// ~ Method
|
|
||||||
// ================================================================================================
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
|
|
||||||
NodeList userDetailsServiceChildren = element.getChildNodes();
|
|
||||||
RootBeanDefinition userDetailsServiceDefinition = null;
|
|
||||||
for (int i = 0, n = userDetailsServiceChildren.getLength(); i < n; i++) {
|
|
||||||
Node userDetailsService = userDetailsServiceChildren.item(i);
|
|
||||||
|
|
||||||
if (JDBC.equals(userDetailsService.getLocalName()) && userDetailsService.getNodeType() == Node.ELEMENT_NODE) {
|
|
||||||
Element ele = (Element) userDetailsService;
|
|
||||||
userDetailsServiceDefinition = parseUserDetailsServiceJdbcDefinition(ele);
|
|
||||||
userDetailsServiceDefinition.setSource(parserContext.extractSource(element));
|
|
||||||
parserContext.getReaderContext().registerWithGeneratedName(userDetailsServiceDefinition);
|
|
||||||
}
|
|
||||||
if (PROPERTIES.equals(userDetailsService.getLocalName())
|
|
||||||
&& userDetailsService.getNodeType() == Node.ELEMENT_NODE) {
|
|
||||||
Element ele = (Element) userDetailsService;
|
|
||||||
|
|
||||||
userDetailsServiceDefinition = new RootBeanDefinition(InMemoryDaoImpl.class);
|
|
||||||
userDetailsServiceDefinition.getPropertyValues().addPropertyValue(USER_PROPERTIES,
|
|
||||||
new RuntimeBeanReference(createPropertiesBeanDefinition(ele, parserContext)));
|
|
||||||
userDetailsServiceDefinition.setSource(parserContext.extractSource(element));
|
|
||||||
parserContext.getReaderContext().registerWithGeneratedName(userDetailsServiceDefinition);
|
|
||||||
}
|
|
||||||
if (USER_DEFINITION.equals(userDetailsService.getLocalName())
|
|
||||||
&& userDetailsService.getNodeType() == Node.ELEMENT_NODE) {
|
|
||||||
Element ele = (Element) userDetailsService;
|
|
||||||
|
|
||||||
// create a UserMap which interns uses UserMapEditor
|
|
||||||
userDetailsServiceDefinition = createUserDefinition(ele, parserContext);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return userDetailsServiceDefinition;
|
|
||||||
}
|
|
||||||
|
|
||||||
private RootBeanDefinition createUserDefinition(Element ele, ParserContext parserContext) {
|
|
||||||
RootBeanDefinition definition = new RootBeanDefinition(InMemoryDaoImpl.class);
|
|
||||||
|
|
||||||
UserAttribute userAttribute = new UserAttribute();
|
|
||||||
UserMap userMap = new UserMap();
|
|
||||||
|
|
||||||
setPassword(ele, userAttribute);
|
|
||||||
setEnabled(ele, userAttribute);
|
|
||||||
setAuthorities(ele, userAttribute);
|
|
||||||
|
|
||||||
UserDetails user = new User(ele.getAttribute(USERNAME), userAttribute.getPassword(), userAttribute.isEnabled(),
|
|
||||||
true, true, true, userAttribute.getAuthorities());
|
|
||||||
userMap.addUser(user);
|
|
||||||
definition.getPropertyValues().addPropertyValue("userMap", userMap);
|
|
||||||
return definition;
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
private String createPropertiesBeanDefinition(Element ele, ParserContext parserContext) {
|
|
||||||
// properties element
|
|
||||||
RootBeanDefinition defintion = new RootBeanDefinition(PropertiesFactoryBean.class);
|
|
||||||
String propertyValue = ele.getAttribute(RESOURCE);
|
|
||||||
defintion.getPropertyValues().addPropertyValue("location", propertyValue);
|
|
||||||
defintion.setSource(parserContext.extractSource(ele));
|
|
||||||
return parserContext.getReaderContext().registerWithGeneratedName(defintion);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param elementToParse
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
private RootBeanDefinition parseUserDetailsServiceJdbcDefinition(Element elementToParse) {
|
|
||||||
// parse attributes
|
|
||||||
RootBeanDefinition definition = new RootBeanDefinition(JdbcDaoImpl.class);
|
|
||||||
setPropertyIfAvailable(elementToParse, DATASOURCE_REF, DATASOURCE, definition);
|
|
||||||
setPropertyIfAvailable(elementToParse, JDBCTEMPLATE_REF, JDBCTEMPLATE, definition);
|
|
||||||
setPropertyIfAvailable(elementToParse, AUTHORITIES_BY_USERNAME_QUERY, AUTHORITIES_BY_USERNAME_QUERY, definition);
|
|
||||||
setPropertyIfAvailable(elementToParse, ROLE_PREFIX, ROLE_PREFIX, definition);
|
|
||||||
setPropertyIfAvailable(elementToParse, USERNAME_BASED_PRIMARY_KEY, USERNAME_BASED_PRIMARY_KEY, definition);
|
|
||||||
return definition;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected void doParseProperties(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
|
|
||||||
Properties parsedProps = parserContext.getDelegate().parsePropsElement(element);
|
|
||||||
builder.addPropertyValue(PROPERTIES, parsedProps);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* @param element
|
|
||||||
* @param attribute
|
|
||||||
* @param property
|
|
||||||
* @param definition
|
|
||||||
*/
|
|
||||||
private void setPropertyIfAvailable(Element element, String attribute, String property,
|
|
||||||
RootBeanDefinition definition) {
|
|
||||||
String propertyValue = element.getAttribute(attribute);
|
|
||||||
if (StringUtils.hasText(propertyValue)) {
|
|
||||||
if (propertyValue.equals(DATASOURCE_REF) || propertyValue.equals(JDBCTEMPLATE_REF)) {
|
|
||||||
definition.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(propertyValue));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
definition.getPropertyValues().addPropertyValue(property, propertyValue);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setPassword(Element element, UserAttribute userAttribute) {
|
|
||||||
String propertyValue = element.getAttribute(PASSWORD);
|
|
||||||
if (StringUtils.hasText(propertyValue)) {
|
|
||||||
userAttribute.setPassword(propertyValue);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setEnabled(Element element, UserAttribute userAttribute) {
|
|
||||||
String propertyValue = element.getAttribute(ENABLED);
|
|
||||||
if (StringUtils.hasText(propertyValue)) {
|
|
||||||
if (propertyValue.equals("true")) {
|
|
||||||
userAttribute.setEnabled(true);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
userAttribute.setEnabled(false);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setAuthorities(Element ele, UserAttribute userAttribute) {
|
|
||||||
// get authorities
|
|
||||||
NodeList childNodes = ele.getChildNodes();
|
|
||||||
|
|
||||||
ManagedList authorities = new ManagedList();
|
|
||||||
|
|
||||||
for (int i = 0, n = childNodes.getLength(); i < n; i++) {
|
|
||||||
Node authorityNode = childNodes.item(i);
|
|
||||||
|
|
||||||
if (GRANTED_AUTHORITY.equals(authorityNode.getLocalName())
|
|
||||||
&& authorityNode.getNodeType() == Element.ELEMENT_NODE) {
|
|
||||||
Element propertyValue = (Element) authorityNode;
|
|
||||||
authorities.add(new GrantedAuthorityImpl(propertyValue.getAttribute(AUTHORITY)));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (GRANTED_AUTHORITY_REF.equals(authorityNode.getLocalName())
|
|
||||||
&& authorityNode.getNodeType() == Element.ELEMENT_NODE) {
|
|
||||||
Element propertyValue = (Element) authorityNode;
|
|
||||||
String attribute = propertyValue.getAttribute(AUTHORITY_BEAN_REF);
|
|
||||||
if (StringUtils.hasLength(attribute)) {
|
|
||||||
authorities.add(new RuntimeBeanReference(attribute));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
userAttribute.setAuthorities(authorities);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,35 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.ui.rememberme.RememberMeServices;
|
|
||||||
import org.acegisecurity.userdetails.UserDetailsService;
|
|
||||||
import org.springframework.beans.BeansException;
|
|
||||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class RemeberMeServicesDependenciesConfigurer implements BeanFactoryPostProcessor {
|
|
||||||
|
|
||||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
|
|
||||||
|
|
||||||
String [] userDetailServices = beanFactory.getBeanNamesForType(UserDetailsService.class);
|
|
||||||
|
|
||||||
String [] rememberMeService = beanFactory.getBeanNamesForType(RememberMeServices.class);
|
|
||||||
|
|
||||||
RootBeanDefinition definition=(RootBeanDefinition) beanFactory.getBeanDefinition(rememberMeService[0]);
|
|
||||||
|
|
||||||
// there should be only one principal-repository defined, pick the first one
|
|
||||||
if(userDetailServices.length!=0) {
|
|
||||||
definition.getPropertyValues().addPropertyValue("userDetailsService", new RuntimeBeanReference(userDetailServices[0]));
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,49 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.ui.rememberme.RememberMeProcessingFilter;
|
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
|
||||||
import org.springframework.beans.factory.support.AbstractBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
|
||||||
import org.springframework.util.Assert;
|
|
||||||
import org.springframework.util.StringUtils;
|
|
||||||
import org.w3c.dom.Element;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*@since
|
|
||||||
*/
|
|
||||||
public class RememberMeFilterBeanDefinitionParser extends AbstractBeanDefinitionParser {
|
|
||||||
|
|
||||||
private static final String REMEMBER_ME_SERVICES_REF = "rememberMeServicesBeanRef";
|
|
||||||
|
|
||||||
private static final String REMEMBER_ME_SERVICES = "rememberMeServices";
|
|
||||||
|
|
||||||
|
|
||||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
|
|
||||||
Assert.notNull(parserContext, "ParserContext must not be null");
|
|
||||||
|
|
||||||
RootBeanDefinition rememberMeFilterBeanDef = new RootBeanDefinition(RememberMeProcessingFilter.class);
|
|
||||||
|
|
||||||
// detect all the required dependencies and autowire them by type
|
|
||||||
rememberMeFilterBeanDef.setAutowireMode(AbstractBeanDefinition.AUTOWIRE_AUTODETECT);
|
|
||||||
|
|
||||||
// check if rememberMeServicesBeanRef is defined and if it's specified use its referred bean
|
|
||||||
String rememberMeServicesRef = element.getAttribute(REMEMBER_ME_SERVICES_REF);
|
|
||||||
if (StringUtils.hasLength(rememberMeServicesRef)) {
|
|
||||||
rememberMeFilterBeanDef.getPropertyValues().addPropertyValue(REMEMBER_ME_SERVICES,
|
|
||||||
new RuntimeBeanReference(rememberMeServicesRef));
|
|
||||||
}
|
|
||||||
return rememberMeFilterBeanDef;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,62 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
|
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
|
||||||
import org.springframework.beans.factory.support.AbstractBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
|
||||||
import org.springframework.util.Assert;
|
|
||||||
import org.springframework.util.StringUtils;
|
|
||||||
import org.w3c.dom.Element;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class RememberMeServicesBeanDefinitionParser extends AbstractBeanDefinitionParser implements
|
|
||||||
BeanDefinitionParser {
|
|
||||||
|
|
||||||
private static final String PRINCIPAL_REPOSITORY_BEAN_REF = "principalRepositoryBeanRef";
|
|
||||||
|
|
||||||
private static final String USER_DETAILS_SERVICE_PROPERTY = "userDetailsService";
|
|
||||||
|
|
||||||
/*
|
|
||||||
* key is optional; if unspecified, pick a rnd int and use for all unspecified key properties for acegi beans
|
|
||||||
*/
|
|
||||||
private static final String KEY = "key";
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
|
|
||||||
Assert.notNull(parserContext, "ParserContext must not be null");
|
|
||||||
|
|
||||||
RootBeanDefinition rememberMeServicesBeanDef = new RootBeanDefinition(TokenBasedRememberMeServices.class);
|
|
||||||
|
|
||||||
String keyValue = element.getAttribute(KEY);
|
|
||||||
if (StringUtils.hasLength(keyValue)) {
|
|
||||||
rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(KEY,keyValue);
|
|
||||||
} else {
|
|
||||||
// pick a rnd int
|
|
||||||
}
|
|
||||||
|
|
||||||
// check if rememberMeServicesBeanRef is defined and if it's specified use its referred bean
|
|
||||||
String rememberMeServicesRef = element.getAttribute(PRINCIPAL_REPOSITORY_BEAN_REF);
|
|
||||||
if (StringUtils.hasLength(rememberMeServicesRef)) {
|
|
||||||
rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE_PROPERTY,
|
|
||||||
new RuntimeBeanReference(rememberMeServicesRef));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
// register a bean definition parse
|
|
||||||
RootBeanDefinition configurer = new RootBeanDefinition(RemeberMeServicesDependenciesConfigurer.class);
|
|
||||||
parserContext.getReaderContext().registerWithGeneratedName(configurer);
|
|
||||||
}
|
|
||||||
return rememberMeServicesBeanDef;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,33 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.NamespaceHandlerSupport;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* {@link org.springframework.beans.factory.xml.NamespaceHandler} for the '<code>security</code>' namespace.
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
* @since
|
|
||||||
*/
|
|
||||||
public class SecurityNamespaceHandler extends NamespaceHandlerSupport {
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Register the {@link BeanDefinitionParser BeanDefinitionParsers} for the
|
|
||||||
* '<code>context-integration</code>', ' and '<code></code>' elements.
|
|
||||||
*/
|
|
||||||
public void init() {
|
|
||||||
registerBeanDefinitionParser("principal-repository", new PrincipalRepositoryBeanDefinitionParser());
|
|
||||||
registerBeanDefinitionParser("session-context-integration", new ContextIntegrationBeanDefinitionParser());
|
|
||||||
registerBeanDefinitionParser("authentication-repository", new AuthenticationRepositoryBeanDefinitionParser());
|
|
||||||
registerBeanDefinitionParser("authentication-mechanism", new AuthenticationMechanismBeanDefinitionParser());
|
|
||||||
registerBeanDefinitionParser("authentication-remember-me-services", new RememberMeServicesBeanDefinitionParser());
|
|
||||||
registerBeanDefinitionParser("authentication-remember-me-filter", new RememberMeFilterBeanDefinitionParser());
|
|
||||||
registerBeanDefinitionParser("logout-support", new LogoutFilterBeanDefinitionParser());
|
|
||||||
registerBeanDefinitionParser("exception-translation", new ExceptionTranslationFilterBeanDefinitionParser());
|
|
||||||
registerBeanDefinitionParser("authentication-form", new AuthenticationProcessingFilterBeanDefinitionParser());
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -39,6 +39,7 @@ import org.apache.commons.codec.binary.Base64;
|
||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
import org.springframework.beans.factory.InitializingBean;
|
import org.springframework.beans.factory.InitializingBean;
|
||||||
|
import org.springframework.core.Ordered;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
|
|
||||||
|
|
||||||
|
@ -72,7 +73,7 @@ import org.springframework.util.Assert;
|
||||||
* @author Ben Alex
|
* @author Ben Alex
|
||||||
* @version $Id$
|
* @version $Id$
|
||||||
*/
|
*/
|
||||||
public class BasicProcessingFilter implements Filter, InitializingBean {
|
public class BasicProcessingFilter implements Filter, InitializingBean, Ordered {
|
||||||
//~ Static fields/initializers =====================================================================================
|
//~ Static fields/initializers =====================================================================================
|
||||||
|
|
||||||
private static final Log logger = LogFactory.getLog(BasicProcessingFilter.class);
|
private static final Log logger = LogFactory.getLog(BasicProcessingFilter.class);
|
||||||
|
@ -84,6 +85,7 @@ public class BasicProcessingFilter implements Filter, InitializingBean {
|
||||||
private AuthenticationManager authenticationManager;
|
private AuthenticationManager authenticationManager;
|
||||||
private RememberMeServices rememberMeServices;
|
private RememberMeServices rememberMeServices;
|
||||||
private boolean ignoreFailure = false;
|
private boolean ignoreFailure = false;
|
||||||
|
private int order;
|
||||||
|
|
||||||
//~ Methods ========================================================================================================
|
//~ Methods ========================================================================================================
|
||||||
|
|
||||||
|
@ -226,4 +228,12 @@ public class BasicProcessingFilter implements Filter, InitializingBean {
|
||||||
public void setRememberMeServices(RememberMeServices rememberMeServices) {
|
public void setRememberMeServices(RememberMeServices rememberMeServices) {
|
||||||
this.rememberMeServices = rememberMeServices;
|
this.rememberMeServices = rememberMeServices;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public int getOrder() {
|
||||||
|
return order;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setOrder(int order) {
|
||||||
|
this.order = order;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
package org.acegisecurity.ui.basicauth;
|
package org.acegisecurity.ui.basicauth;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
import javax.servlet.ServletException;
|
import javax.servlet.ServletException;
|
||||||
import javax.servlet.ServletRequest;
|
import javax.servlet.ServletRequest;
|
||||||
|
@ -24,8 +25,12 @@ import javax.servlet.http.HttpServletResponse;
|
||||||
|
|
||||||
import org.acegisecurity.AuthenticationException;
|
import org.acegisecurity.AuthenticationException;
|
||||||
import org.acegisecurity.ui.AuthenticationEntryPoint;
|
import org.acegisecurity.ui.AuthenticationEntryPoint;
|
||||||
|
import org.acegisecurity.util.OrderedUtils;
|
||||||
import org.springframework.beans.factory.InitializingBean;
|
import org.springframework.beans.factory.InitializingBean;
|
||||||
|
import org.springframework.context.ApplicationContext;
|
||||||
|
import org.springframework.context.ApplicationContextAware;
|
||||||
import org.springframework.core.Ordered;
|
import org.springframework.core.Ordered;
|
||||||
|
import org.springframework.util.Assert;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -38,11 +43,13 @@ import org.springframework.core.Ordered;
|
||||||
* @author Ben Alex
|
* @author Ben Alex
|
||||||
* @version $Id$
|
* @version $Id$
|
||||||
*/
|
*/
|
||||||
public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
|
public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered, ApplicationContextAware {
|
||||||
//~ Instance fields ================================================================================================
|
//~ Instance fields ================================================================================================
|
||||||
|
|
||||||
|
private static final int DEFAULT_ORDER = Integer.MAX_VALUE;
|
||||||
private String realmName;
|
private String realmName;
|
||||||
private int order = Integer.MAX_VALUE; // ~ default
|
private int order = DEFAULT_ORDER;
|
||||||
|
private ApplicationContext applicationContext;
|
||||||
|
|
||||||
//~ Methods ========================================================================================================
|
//~ Methods ========================================================================================================
|
||||||
|
|
||||||
|
@ -55,8 +62,9 @@ public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint
|
||||||
}
|
}
|
||||||
|
|
||||||
public void afterPropertiesSet() throws Exception {
|
public void afterPropertiesSet() throws Exception {
|
||||||
if ((realmName == null) || "".equals(realmName)) {
|
Assert.hasText(realmName, "realmName must be specified");
|
||||||
throw new IllegalArgumentException("realmName must be specified");
|
if (order == DEFAULT_ORDER) {
|
||||||
|
OrderedUtils.copyOrderFromOtherClass(BasicProcessingFilter.class, applicationContext, this, true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -74,4 +82,8 @@ public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint
|
||||||
public void setRealmName(String realmName) {
|
public void setRealmName(String realmName) {
|
||||||
this.realmName = realmName;
|
this.realmName = realmName;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void setApplicationContext(ApplicationContext applicationContext) {
|
||||||
|
this.applicationContext = applicationContext;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,444 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
|
||||||
|
|
||||||
<xsd:schema xmlns="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
|
|
||||||
targetNamespace="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
elementFormDefault="qualified" attributeFormDefault="unqualified">
|
|
||||||
|
|
||||||
<xsd:import namespace="http://www.springframework.org/schema/util" />
|
|
||||||
|
|
||||||
<xsd:element name="session-context-integration">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
The unique identifier for a bean.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
|
|
||||||
<xsd:attribute name="sessionCreation"
|
|
||||||
default="ifRequired">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
Indicates if this filter can create a HttpSession if
|
|
||||||
needed (sessions are always created sparingly, but setting this value to
|
|
||||||
false will prohibit sessions from ever being created).
|
|
||||||
Defaults to true. Do not set to false if
|
|
||||||
you have set forceEagerSessionCreation to true ,
|
|
||||||
as the properties would be in conflict.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
<xsd:simpleType>
|
|
||||||
<xsd:restriction base="xsd:string">
|
|
||||||
<xsd:enumeration value="ifRequired" />
|
|
||||||
<xsd:enumeration value="never" />
|
|
||||||
<xsd:enumeration value="always" />
|
|
||||||
</xsd:restriction>
|
|
||||||
</xsd:simpleType>
|
|
||||||
</xsd:attribute>
|
|
||||||
|
|
||||||
<xsd:attribute name="forceEagerSessionCreation"
|
|
||||||
default="false" type="defaultable-boolean" use="optional">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
Indicates if this filter is required to create a <code>HttpSession</code>
|
|
||||||
for every request before proceeding through the filter chain, even if the
|
|
||||||
<code>HttpSession</code> would not ordinarily have been created. By
|
|
||||||
default this is <code>false</code>, which is entirely appropriate for
|
|
||||||
most circumstances as you do not want a <code>HttpSession</code>
|
|
||||||
created unless the filter actually needs one. It is envisaged the main
|
|
||||||
situation in which this property would be set to <code>true</code> is
|
|
||||||
if using other filters that depend on a <code>HttpSession</code>
|
|
||||||
already existing, such as those which need to obtain a session ID. This
|
|
||||||
is only required in specialised cases, so leave it set to
|
|
||||||
<code>false</code> unless you have an actual requirement and are
|
|
||||||
conscious of the session creation overhead.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
<xsd:attribute name="cloneFromHttpSession" default="false"
|
|
||||||
type="defaultable-boolean" use="optional">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
Indicates whether the <code>SecurityContext</code> will be cloned from
|
|
||||||
the <code>HttpSession</code>. The default is to simply reference (ie
|
|
||||||
the default is <code>false</code>). The default may cause issues if
|
|
||||||
concurrent threads need to have a different security identity from other
|
|
||||||
threads being concurrently processed that share the same
|
|
||||||
<code>HttpSession</code>. In most normal environments this does not
|
|
||||||
represent an issue, as changes to the security identity in one thread is
|
|
||||||
allowed to affect the security identitiy in other threads associated with
|
|
||||||
the same <code>HttpSession</code>. For unusual cases where this is not
|
|
||||||
permitted, change this value to <code>true</code> and ensure the
|
|
||||||
{@link #context} is set to a <code>SecurityContext</code> that
|
|
||||||
implements {@link Cloneable} and overrides the <code>clone()</code>
|
|
||||||
method.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
|
|
||||||
<xsd:element name="authentication-remember-me-filter"
|
|
||||||
type="RememberMeFilter" />
|
|
||||||
|
|
||||||
<xsd:complexType name="RememberMeFilter">
|
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
The unique identifier for a bean.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
<xsd:attribute name="rememberMeServicesBeanRef"
|
|
||||||
type="xsd:string" use="optional" />
|
|
||||||
</xsd:complexType>
|
|
||||||
|
|
||||||
<xsd:element name="authentication-remember-me-services"
|
|
||||||
type="RememberMeServices" />
|
|
||||||
|
|
||||||
<xsd:complexType name="RememberMeServices">
|
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
The unique identifier for a bean.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
<xsd:attribute name="key" type="xsd:string" use="optional" />
|
|
||||||
<xsd:attribute name="principalRepositoryBeanRef"
|
|
||||||
type="xsd:string" use="optional" />
|
|
||||||
</xsd:complexType>
|
|
||||||
|
|
||||||
<!-- Logout Filter -->
|
|
||||||
<xsd:element name="logout-support">
|
|
||||||
<xsd:complexType>
|
|
||||||
<!-- Write other attributes -->
|
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
The unique identifier for a bean.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
<xsd:attribute name="redirectAfterLogoutUrl"
|
|
||||||
type="xsd:string" default="/" />
|
|
||||||
<xsd:attribute name="logoutUrl" type="xsd:string"
|
|
||||||
default="/logout" />
|
|
||||||
<xsd:anyAttribute namespace="##other" processContents="lax"/>
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
|
|
||||||
|
|
||||||
<!-- Exception Translation Filter -->
|
|
||||||
<xsd:element name="exception-translation"
|
|
||||||
type="ExceptionTranslation" />
|
|
||||||
|
|
||||||
<xsd:complexType name="ExceptionTranslation">
|
|
||||||
<xsd:all>
|
|
||||||
<xsd:element ref="entry-point" maxOccurs="1" />
|
|
||||||
<xsd:element ref="access-denied" maxOccurs="1"
|
|
||||||
minOccurs="0" />
|
|
||||||
</xsd:all>
|
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
The unique identifier for a bean.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
</xsd:complexType>
|
|
||||||
|
|
||||||
<xsd:element name="entry-point">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="entryPointBeanRef" type="xsd:string" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
|
|
||||||
<xsd:element name="access-denied">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="accessDeniedUrl" type="xsd:string"
|
|
||||||
use="optional" />
|
|
||||||
<xsd:attribute name="accessDeniedBeanRef" type="xsd:string"
|
|
||||||
use="optional" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
|
|
||||||
<!-- AuthenticationProcessigFilter -->
|
|
||||||
<xsd:element name="authentication-form"
|
|
||||||
type="AuthenticationProcessingFilter" />
|
|
||||||
|
|
||||||
<xsd:complexType name="AuthenticationProcessingFilter">
|
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
The unique identifier for a bean.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
<xsd:attribute name="authenticationUrl" type="xsd:string"
|
|
||||||
use="required">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
The URL destination that this filter intercepts and processes (usually something like
|
|
||||||
/login)
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
<xsd:attribute name="defaultTargetUrl" type="xsd:string"
|
|
||||||
use="required">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
Where to redirect the browser to if authentication is successful but ACEGI_SAVED_REQUEST_KEY is
|
|
||||||
null
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
<xsd:attribute name="errorFormUrl" type="xsd:string"
|
|
||||||
use="required">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
Where to redirect the browser to if authentication fails.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
</xsd:complexType>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<xsd:element name="authentication-mechanism"
|
|
||||||
type="AuthenticationManager" />
|
|
||||||
|
|
||||||
<xsd:complexType name="AuthenticationManager">
|
|
||||||
<xsd:sequence>
|
|
||||||
<xsd:element ref="authentication-jdbc" minOccurs="0"
|
|
||||||
maxOccurs="1" />
|
|
||||||
<xsd:element ref="authentication-ldap" minOccurs="0"
|
|
||||||
maxOccurs="1" />
|
|
||||||
</xsd:sequence>
|
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
The unique identifier for a bean.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
</xsd:complexType>
|
|
||||||
|
|
||||||
<xsd:element name="authentication-jdbc">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="ref" type="xsd:string" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
|
|
||||||
<xsd:element name="authentication-ldap">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="ref" type="xsd:string" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<xsd:element name="principal-repository" type="PrincipalRepository" />
|
|
||||||
|
|
||||||
<xsd:complexType name="PrincipalRepository">
|
|
||||||
<xsd:choice>
|
|
||||||
<xsd:element ref="jdbc" minOccurs="0" maxOccurs="1" />
|
|
||||||
<xsd:element ref="ldap" minOccurs="0" maxOccurs="1" />
|
|
||||||
<xsd:element ref="properties" minOccurs="0" maxOccurs="1" />
|
|
||||||
<xsd:element ref="user-definition" minOccurs="0"
|
|
||||||
maxOccurs="unbounded" />
|
|
||||||
</xsd:choice>
|
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
The unique identifier for a bean.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
</xsd:complexType>
|
|
||||||
|
|
||||||
<xsd:element name="jdbc">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="dataSourceBeanRef" type="xsd:string" />
|
|
||||||
<xsd:attribute name="authoritiesByUsernameQuery"
|
|
||||||
type="xsd:string" use="optional" />
|
|
||||||
<xsd:attribute name="jdbcTemplateBeanRef" type="xsd:string"
|
|
||||||
use="optional" />
|
|
||||||
<xsd:attribute name="rolePrefix" type="xsd:string"
|
|
||||||
use="optional" />
|
|
||||||
<xsd:attribute name="usernameBasedPrimaryKey"
|
|
||||||
type="xsd:boolean" use="optional" />
|
|
||||||
<xsd:attribute name="usersByUsernameQuery" type="xsd:string"
|
|
||||||
use="optional" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
|
|
||||||
|
|
||||||
<xsd:element name="ldap">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="not-yet-defined" type="xsd:string" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
|
|
||||||
<xsd:element name="properties">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="resource" type="xsd:string" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
|
|
||||||
<xsd:element name="user-definition">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:sequence>
|
|
||||||
<xsd:element name="granted-authority" minOccurs="0"
|
|
||||||
maxOccurs="unbounded">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="authority"
|
|
||||||
type="xsd:string" use="required" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
<xsd:element name="granted-authority-ref" minOccurs="0"
|
|
||||||
maxOccurs="unbounded">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="authorityBeanRef"
|
|
||||||
type="xsd:string" use="required" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
</xsd:sequence>
|
|
||||||
<xsd:attribute name="username" type="xsd:string"
|
|
||||||
use="required" />
|
|
||||||
<xsd:attribute name="password" type="xsd:string" />
|
|
||||||
<xsd:attribute name="enabled" type="xsd:boolean" />
|
|
||||||
<xsd:anyAttribute namespace="##local"
|
|
||||||
processContents="strict" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
|
|
||||||
|
|
||||||
<xsd:element name="authentication-repository"
|
|
||||||
type="AuthenticationRepositoryType" />
|
|
||||||
|
|
||||||
<xsd:complexType name="AuthenticationRepositoryType">
|
|
||||||
<xsd:sequence>
|
|
||||||
<xsd:element name="salt-source" type="SaltSource"
|
|
||||||
minOccurs="0" maxOccurs="1" />
|
|
||||||
<xsd:element name="password-encoder" type="PasswordEncoder"
|
|
||||||
minOccurs="0" maxOccurs="1" />
|
|
||||||
</xsd:sequence>
|
|
||||||
<xsd:attributeGroup ref="AuthenticationRepositoryAttributes" />
|
|
||||||
</xsd:complexType>
|
|
||||||
|
|
||||||
<!-- <security:salt-source source="systemwide|reflection" salt="salt"/> -->
|
|
||||||
<xsd:complexType name="SaltSource">
|
|
||||||
<xsd:sequence>
|
|
||||||
<xsd:choice minOccurs="0" maxOccurs="1">
|
|
||||||
<xsd:element name="system-wide">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="systemWideSalt"
|
|
||||||
type="xsd:string" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
<xsd:element name="reflection">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="userPropertyToUse"
|
|
||||||
type="xsd:string" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
</xsd:choice>
|
|
||||||
</xsd:sequence>
|
|
||||||
<xsd:attribute name="saltSourceBeanRef" type="xsd:string"
|
|
||||||
use="optional" />
|
|
||||||
</xsd:complexType>
|
|
||||||
|
|
||||||
<xsd:complexType name="PasswordEncoder">
|
|
||||||
<xsd:sequence>
|
|
||||||
<xsd:choice minOccurs="0" maxOccurs="1">
|
|
||||||
<xsd:element name="encoder">
|
|
||||||
<xsd:complexType>
|
|
||||||
<xsd:attribute name="method" type="encoders" />
|
|
||||||
</xsd:complexType>
|
|
||||||
</xsd:element>
|
|
||||||
</xsd:choice>
|
|
||||||
</xsd:sequence>
|
|
||||||
<xsd:attribute name="encoderBeanRef" type="xsd:string"
|
|
||||||
use="optional" />
|
|
||||||
</xsd:complexType>
|
|
||||||
|
|
||||||
<xsd:attributeGroup name="AuthenticationRepositoryAttributes">
|
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
The unique identifier for a bean.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
<xsd:attribute name="repositoryBeanRef" type="xsd:string">
|
|
||||||
<xsd:annotation>
|
|
||||||
<xsd:documentation>
|
|
||||||
<![CDATA[
|
|
||||||
Reference of a bean.
|
|
||||||
]]>
|
|
||||||
</xsd:documentation>
|
|
||||||
</xsd:annotation>
|
|
||||||
</xsd:attribute>
|
|
||||||
</xsd:attributeGroup>
|
|
||||||
|
|
||||||
<!-- simple internal types -->
|
|
||||||
<xsd:simpleType name="defaultable-boolean">
|
|
||||||
<xsd:restriction base="xsd:NMTOKEN">
|
|
||||||
<xsd:enumeration value="true" />
|
|
||||||
<xsd:enumeration value="false" />
|
|
||||||
</xsd:restriction>
|
|
||||||
</xsd:simpleType>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<xsd:simpleType name="encoders">
|
|
||||||
<xsd:restriction base="xsd:NMTOKEN">
|
|
||||||
<xsd:enumeration value="md5" />
|
|
||||||
<xsd:enumeration value="md5Hex" />
|
|
||||||
<xsd:enumeration value="sha" />
|
|
||||||
<xsd:enumeration value="shaHex" />
|
|
||||||
<xsd:enumeration value="custom" />
|
|
||||||
</xsd:restriction>
|
|
||||||
</xsd:simpleType>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
</xsd:schema>
|
|
|
@ -1,25 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.context.ApplicationContext;
|
|
||||||
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class AuthenticationProcessingFilterNamespaceTests extends TestCase {
|
|
||||||
|
|
||||||
public void testAuthenticationFilterBeanDefinition() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext(
|
|
||||||
"org/acegisecurity/config/authentication-form-filter.xml");
|
|
||||||
ConfigurableListableBeanFactory factory = (ConfigurableListableBeanFactory) context
|
|
||||||
.getAutowireCapableBeanFactory();
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,120 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
|
||||||
|
|
||||||
import org.acegisecurity.providers.AuthenticationProvider;
|
|
||||||
import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
|
|
||||||
import org.acegisecurity.providers.dao.SaltSource;
|
|
||||||
import org.acegisecurity.providers.encoding.Md5PasswordEncoder;
|
|
||||||
import org.acegisecurity.providers.encoding.PasswordEncoder;
|
|
||||||
import org.acegisecurity.providers.encoding.PlaintextPasswordEncoder;
|
|
||||||
import org.acegisecurity.userdetails.jdbc.JdbcDaoImpl;
|
|
||||||
import org.springframework.beans.PropertyValue;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.context.ApplicationContext;
|
|
||||||
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
|
||||||
import org.springframework.util.Assert;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class AuthenticationRepositoryParserTest extends TestCase {
|
|
||||||
|
|
||||||
public void testAuthenticationRepositoryDefaultWithAutoUserdetails() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext(
|
|
||||||
"org/acegisecurity/config/authentication-dao-defaults.xml");
|
|
||||||
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
|
|
||||||
.getAutowireCapableBeanFactory();
|
|
||||||
|
|
||||||
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class);
|
|
||||||
assertEquals(1, names.length);
|
|
||||||
|
|
||||||
// check bean class
|
|
||||||
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
|
|
||||||
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass());
|
|
||||||
|
|
||||||
DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository");
|
|
||||||
Assert.isAssignable(JdbcDaoImpl.class, provider.getUserDetailsService().getClass());
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
public void testCollaboratorsAsInnerBeans() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext(
|
|
||||||
"org/acegisecurity/config/authentication-innerbeans.xml");
|
|
||||||
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
|
|
||||||
.getAutowireCapableBeanFactory();
|
|
||||||
// get the main bean definition, there should be only one
|
|
||||||
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class);
|
|
||||||
assertEquals(1, names.length);
|
|
||||||
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
|
|
||||||
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass());
|
|
||||||
|
|
||||||
// get the 2 inner beans
|
|
||||||
PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource");
|
|
||||||
assertEquals("saltSource", saltSourceBean.getName());
|
|
||||||
|
|
||||||
// get the BeanDefinition
|
|
||||||
RootBeanDefinition saltsourceDef = (RootBeanDefinition) saltSourceBean.getValue();
|
|
||||||
Assert.isAssignable(SaltSource.class, saltsourceDef.getBeanClass());
|
|
||||||
|
|
||||||
PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder");
|
|
||||||
assertEquals("passwordEncoder", encoder.getName());
|
|
||||||
|
|
||||||
// get the BeanDefinition
|
|
||||||
RootBeanDefinition encoderDef = (RootBeanDefinition) encoder.getValue();
|
|
||||||
Assert.isAssignable(PasswordEncoder.class, encoderDef.getBeanClass());
|
|
||||||
|
|
||||||
assertEquals("incorrect bean class name", encoderDef.getBeanClassName(), Md5PasswordEncoder.class.getName());
|
|
||||||
}
|
|
||||||
|
|
||||||
public void testCollaboratorsAsBeanRef() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext(
|
|
||||||
"org/acegisecurity/config/authentication-beanRef-attributes.xml");
|
|
||||||
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
|
|
||||||
.getAutowireCapableBeanFactory();
|
|
||||||
// get the main bean definition, there should be only one
|
|
||||||
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class);
|
|
||||||
assertEquals(1, names.length);
|
|
||||||
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
|
|
||||||
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass());
|
|
||||||
|
|
||||||
// get the referred collaborators
|
|
||||||
|
|
||||||
PropertyValue userDetailsBean = definition.getPropertyValues().getPropertyValue("userDetailsService");
|
|
||||||
assertEquals("userDetailsService", userDetailsBean.getName());
|
|
||||||
|
|
||||||
PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource");
|
|
||||||
assertEquals("saltSource", saltSourceBean.getName());
|
|
||||||
|
|
||||||
// get the BeanDefinition
|
|
||||||
RuntimeBeanReference saltsourceDef = (RuntimeBeanReference) saltSourceBean.getValue();
|
|
||||||
assertEquals("refToSaltSource", saltsourceDef.getBeanName());
|
|
||||||
|
|
||||||
PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder");
|
|
||||||
assertEquals("passwordEncoder", encoder.getName());
|
|
||||||
|
|
||||||
// get the BeanDefinition
|
|
||||||
RuntimeBeanReference encoderDef = (RuntimeBeanReference) encoder.getValue();
|
|
||||||
assertEquals("refToPasswordEncoder", encoderDef.getBeanName());
|
|
||||||
|
|
||||||
DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository");
|
|
||||||
assertTrue(provider.getPasswordEncoder() instanceof PasswordEncoder);
|
|
||||||
assertEquals(Md5PasswordEncoder.class, provider.getPasswordEncoder().getClass());
|
|
||||||
}
|
|
||||||
|
|
||||||
public void testAutodetectionOfUserDetailsService() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext(
|
|
||||||
"org/acegisecurity/config/authentication-defaults.xml");
|
|
||||||
DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository");
|
|
||||||
assertNotNull(provider.getUserDetailsService());
|
|
||||||
assertNull(provider.getSaltSource());
|
|
||||||
assertEquals(PlaintextPasswordEncoder.class, provider.getPasswordEncoder().getClass());
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,47 +0,0 @@
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import javax.servlet.Filter;
|
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
|
||||||
|
|
||||||
import org.acegisecurity.ui.ExceptionTranslationFilter;
|
|
||||||
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint;
|
|
||||||
import org.springframework.beans.PropertyValue;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.context.ApplicationContext;
|
|
||||||
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
|
||||||
|
|
||||||
public class ExceptionTranslationParserTests extends TestCase {
|
|
||||||
|
|
||||||
public void testParsingBeanReferences() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext(
|
|
||||||
"org/acegisecurity/config/exception-translation-beanref.xml");
|
|
||||||
ConfigurableListableBeanFactory factory = (ConfigurableListableBeanFactory) context
|
|
||||||
.getAutowireCapableBeanFactory();
|
|
||||||
String[] beanNames = factory.getBeanNamesForType(Filter.class);
|
|
||||||
assertEquals(1, beanNames.length);
|
|
||||||
RootBeanDefinition def = (RootBeanDefinition) factory.getBeanDefinition(beanNames[0]);
|
|
||||||
assertEquals(ExceptionTranslationFilter.class.getName(), def.getBeanClassName());
|
|
||||||
// check collaborators
|
|
||||||
PropertyValue accessDeniedHandler = def.getPropertyValues().getPropertyValue("accessDeniedHandler");
|
|
||||||
assertNotNull(accessDeniedHandler);
|
|
||||||
assertEquals(accessDeniedHandler.getValue(), new RuntimeBeanReference("theBeanToUse"));
|
|
||||||
PropertyValue entryPoint = def.getPropertyValues().getPropertyValue("authenticationEntryPoint");
|
|
||||||
assertNotNull(entryPoint);
|
|
||||||
assertEquals(entryPoint.getValue(), new RuntimeBeanReference("authenticationProcessingFilterEntryPoint"));
|
|
||||||
}
|
|
||||||
|
|
||||||
public void testRuntimeBeanDependencies() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext(
|
|
||||||
"org/acegisecurity/config/exception-translation-beanref.xml");
|
|
||||||
ExceptionTranslationFilter filter = (ExceptionTranslationFilter) context.getBean("exceptionTranslationFilter");
|
|
||||||
AuthenticationProcessingFilterEntryPoint entryPoint = (AuthenticationProcessingFilterEntryPoint) filter
|
|
||||||
.getAuthenticationEntryPoint();
|
|
||||||
assertEquals("/acegilogin.jsp", entryPoint.getLoginFormUrl());
|
|
||||||
assertFalse(entryPoint.getForceHttps());
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,44 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import javax.servlet.Filter;
|
|
||||||
|
|
||||||
import org.acegisecurity.context.HttpSessionContextIntegrationFilter;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.context.ApplicationContext;
|
|
||||||
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
|
||||||
|
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class HttpSessionContextIntegrationParserTest extends TestCase {
|
|
||||||
|
|
||||||
public void testApplicationContext() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/session-context-integration-defaults.xml");
|
|
||||||
ConfigurableListableBeanFactory clbf =
|
|
||||||
(ConfigurableListableBeanFactory)context.getAutowireCapableBeanFactory();
|
|
||||||
|
|
||||||
String[] names = clbf.getBeanNamesForType(Filter.class);
|
|
||||||
assertEquals(1, names.length);
|
|
||||||
|
|
||||||
// check bean name
|
|
||||||
RootBeanDefinition definition = (RootBeanDefinition)clbf.getBeanDefinition(names[0]);
|
|
||||||
assertEquals(HttpSessionContextIntegrationFilter.class, definition.getBeanClass());
|
|
||||||
|
|
||||||
// check properties
|
|
||||||
//get the bean
|
|
||||||
HttpSessionContextIntegrationFilter filter = (HttpSessionContextIntegrationFilter)context.getBean("httpSessionContextIntegrationFilter");
|
|
||||||
assertFalse(filter.isAllowSessionCreation());
|
|
||||||
assertNotNull(definition.getPropertyValues().getPropertyValue("allowSessionCreation"));
|
|
||||||
assertFalse(filter.isForceEagerSessionCreation());
|
|
||||||
assertFalse(filter.isCloneFromHttpSession());
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,29 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
|
||||||
|
|
||||||
import org.acegisecurity.ui.logout.LogoutHandler;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.context.ApplicationContext;
|
|
||||||
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class LogoutFilterBeanDefinitionParserTests extends TestCase {
|
|
||||||
|
|
||||||
public void testLogoutFilter() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext(
|
|
||||||
"org/acegisecurity/config/logout-filter-with-handlers.xml");
|
|
||||||
ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory();
|
|
||||||
Map m = bf.getBeansOfType(LogoutHandler.class);
|
|
||||||
assertEquals(2, m.size());
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,66 +0,0 @@
|
||||||
/**
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
|
||||||
|
|
||||||
import org.acegisecurity.GrantedAuthority;
|
|
||||||
import org.acegisecurity.GrantedAuthorityImpl;
|
|
||||||
import org.acegisecurity.userdetails.User;
|
|
||||||
import org.acegisecurity.userdetails.UserDetailsService;
|
|
||||||
import org.acegisecurity.userdetails.memory.InMemoryDaoImpl;
|
|
||||||
import org.acegisecurity.userdetails.memory.UserMap;
|
|
||||||
import org.springframework.beans.PropertyValue;
|
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
|
||||||
import org.springframework.context.ApplicationContext;
|
|
||||||
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author vpuri
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
public class PrincipalRepositoryNamespaceTests extends TestCase {
|
|
||||||
|
|
||||||
public void testParserWithUserDefinition() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext(
|
|
||||||
"org/acegisecurity/config/principal-repository-user-map.xml");
|
|
||||||
|
|
||||||
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
|
|
||||||
.getAutowireCapableBeanFactory();
|
|
||||||
|
|
||||||
String[] names = clbf.getBeanNamesForType(UserDetailsService.class);
|
|
||||||
assertEquals(1, names.length);
|
|
||||||
|
|
||||||
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
|
|
||||||
assertEquals(InMemoryDaoImpl.class, definition.getBeanClass());
|
|
||||||
|
|
||||||
UserMap map = new UserMap();
|
|
||||||
|
|
||||||
GrantedAuthority[] authotities = { new GrantedAuthorityImpl("ROLE_YO"), new GrantedAuthorityImpl("ROLE_YOYO") };
|
|
||||||
|
|
||||||
User user = new User("vishal", "nottellingya", true, true, true, true, authotities);
|
|
||||||
|
|
||||||
map.addUser(user);
|
|
||||||
|
|
||||||
assertPropertyValues(map, definition, "userMap");
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
private void assertPropertyValues(UserMap assertionValue, RootBeanDefinition definition, String property) {
|
|
||||||
PropertyValue propertyValue = definition.getPropertyValues().getPropertyValue(property);
|
|
||||||
assertNotNull(propertyValue);
|
|
||||||
assertTrue(propertyValue.getValue() instanceof UserMap);
|
|
||||||
UserMap users = (UserMap) propertyValue.getValue();
|
|
||||||
assertTrue(assertionValue.getUserCount() == users.getUserCount());
|
|
||||||
assertEquals(assertionValue.getUser("vishal"), users.getUser("vishal"));
|
|
||||||
assertTrue(users.getUser("vishal").isEnabled());
|
|
||||||
assertTrue(users.getUser("vishal").isAccountNonExpired());
|
|
||||||
assertTrue(users.getUser("vishal").isAccountNonLocked());
|
|
||||||
assertTrue(users.getUser("vishal").isCredentialsNonExpired());
|
|
||||||
assertEquals(2, users.getUser("vishal").getAuthorities().length);
|
|
||||||
assertEquals(new GrantedAuthorityImpl("ROLE_YO"), users.getUser("vishal").getAuthorities()[0]);
|
|
||||||
assertEquals(new GrantedAuthorityImpl("ROLE_YOYO"), users.getUser("vishal").getAuthorities()[1]);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,16 +0,0 @@
|
||||||
package org.acegisecurity.config;
|
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
|
||||||
|
|
||||||
import org.springframework.context.ApplicationContext;
|
|
||||||
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
|
||||||
|
|
||||||
public class RememberMeBeanDefinitionParserTest extends TestCase {
|
|
||||||
|
|
||||||
public void testParserDefaults() {
|
|
||||||
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/principal-repository-properties.xml");
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -19,6 +19,7 @@ import junit.framework.TestCase;
|
||||||
|
|
||||||
import org.acegisecurity.DisabledException;
|
import org.acegisecurity.DisabledException;
|
||||||
|
|
||||||
|
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
||||||
import org.springframework.mock.web.MockHttpServletRequest;
|
import org.springframework.mock.web.MockHttpServletRequest;
|
||||||
import org.springframework.mock.web.MockHttpServletResponse;
|
import org.springframework.mock.web.MockHttpServletResponse;
|
||||||
|
|
||||||
|
@ -69,6 +70,7 @@ public class BasicProcessingFilterEntryPointTests extends TestCase {
|
||||||
|
|
||||||
public void testNormalOperation() throws Exception {
|
public void testNormalOperation() throws Exception {
|
||||||
BasicProcessingFilterEntryPoint ep = new BasicProcessingFilterEntryPoint();
|
BasicProcessingFilterEntryPoint ep = new BasicProcessingFilterEntryPoint();
|
||||||
|
|
||||||
ep.setRealmName("hello");
|
ep.setRealmName("hello");
|
||||||
|
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
|
@ -76,7 +78,7 @@ public class BasicProcessingFilterEntryPointTests extends TestCase {
|
||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
|
|
||||||
ep.afterPropertiesSet();
|
//ep.afterPropertiesSet();
|
||||||
|
|
||||||
String msg = "These are the jokes kid";
|
String msg = "These are the jokes kid";
|
||||||
ep.commence(request, response, new DisabledException(msg));
|
ep.commence(request, response, new DisabledException(msg));
|
||||||
|
|
|
@ -1,21 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<!-- AuthenticationEntryPoints handled across the system via Ordered interface; every Acegi entry point has an order; the highest order wins and
|
|
||||||
is used as the entry point by ExceptionTranslationFilter; for things like BasicAuthenticationfilter, they're smart enough to know they need a
|
|
||||||
BasicAuthenticationProcessingFilterEntryPoint, so they use that one; here we have an entryPointOrder to say when we make the BasicEntryPoint,
|
|
||||||
we will call setOrder(2) such that this app effectively will use somehing with a higher order as the app-wide default -->
|
|
||||||
<security:authentication-basic id="id"
|
|
||||||
realmName="Spring Security Application" entryPointOrder="2" />
|
|
||||||
|
|
||||||
</beans>
|
|
|
@ -1,53 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<security:authentication-repository id="authenticationRepository" repositoryBeanRef="refToUserDetailsService">
|
|
||||||
<security:salt-source saltSourceBeanRef="refToSaltSource"/>
|
|
||||||
<security:password-encoder encoderBeanRef="refToPasswordEncoder"/>
|
|
||||||
</security:authentication-repository>
|
|
||||||
|
|
||||||
<bean id="refToUserDetailsService"
|
|
||||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
|
|
||||||
<property name="dataSource">
|
|
||||||
<ref bean="dataSource" />
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="dataSource"
|
|
||||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
|
|
||||||
<property name="driverClassName">
|
|
||||||
<value>org.hsqldb.jdbcDriver</value>
|
|
||||||
</property>
|
|
||||||
<property name="url">
|
|
||||||
<value>jdbc:hsqldb:mem:test</value>
|
|
||||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
|
|
||||||
</property>
|
|
||||||
<property name="username">
|
|
||||||
<value>sa</value>
|
|
||||||
</property>
|
|
||||||
<property name="password">
|
|
||||||
<value></value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="refToSaltSource"
|
|
||||||
class="org.acegisecurity.providers.dao.salt.SystemWideSaltSource">
|
|
||||||
<property name="systemWideSalt">
|
|
||||||
<value>12345</value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="refToPasswordEncoder"
|
|
||||||
class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" />
|
|
||||||
|
|
||||||
</beans>
|
|
|
@ -1,54 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<!-- Case 1: defaults (userDetailsService mandatory)-->
|
|
||||||
<!-- autocreate userDetailsService with dataSource(search in ctx) injected -->
|
|
||||||
|
|
||||||
<security:authentication-repository id="authenticationRepository">
|
|
||||||
<security:password-encoder encoderBeanRef="passwordEncoder" />
|
|
||||||
</security:authentication-repository>
|
|
||||||
|
|
||||||
<bean id="userDetailsService"
|
|
||||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
|
|
||||||
<property name="dataSource">
|
|
||||||
<ref bean="dataSource" />
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="dataSource"
|
|
||||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
|
|
||||||
<property name="driverClassName">
|
|
||||||
<value>org.hsqldb.jdbcDriver</value>
|
|
||||||
</property>
|
|
||||||
<property name="url">
|
|
||||||
<value>jdbc:hsqldb:mem:test</value>
|
|
||||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
|
|
||||||
</property>
|
|
||||||
<property name="username">
|
|
||||||
<value>sa</value>
|
|
||||||
</property>
|
|
||||||
<property name="password">
|
|
||||||
<value></value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="saltSource"
|
|
||||||
class="org.acegisecurity.providers.dao.salt.SystemWideSaltSource">
|
|
||||||
<property name="systemWideSalt">
|
|
||||||
<value>12345</value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="passwordEncoder"
|
|
||||||
class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" />
|
|
||||||
</beans>
|
|
|
@ -1,40 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<security:authentication-repository id="authenticationRepository"/>
|
|
||||||
|
|
||||||
<bean id="userDetailsService"
|
|
||||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
|
|
||||||
<property name="dataSource">
|
|
||||||
<ref bean="dataSource" />
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="dataSource"
|
|
||||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
|
|
||||||
<property name="driverClassName">
|
|
||||||
<value>org.hsqldb.jdbcDriver</value>
|
|
||||||
</property>
|
|
||||||
<property name="url">
|
|
||||||
<value>jdbc:hsqldb:mem:test</value>
|
|
||||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
|
|
||||||
</property>
|
|
||||||
<property name="username">
|
|
||||||
<value>sa</value>
|
|
||||||
</property>
|
|
||||||
<property name="password">
|
|
||||||
<value></value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
</beans>
|
|
|
@ -1,57 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
|
|
||||||
<!-- the URLs are all mandatory and have no defaults (well, except authenticationUrl) -->
|
|
||||||
<security:authentication-form id="authenticationProcessinFilter"
|
|
||||||
authenticationUrl="/login" defaultTargetUrl="/login.html"
|
|
||||||
errorFormUrl="error.html" />
|
|
||||||
|
|
||||||
<!-- make it optional, if not supplied autodetect all auth-providers from app ctx, using Ordered to resolve their order -->
|
|
||||||
<security:authentication-mechanism id="authenticationManager">
|
|
||||||
<security:authentication-jdbc ref="authenticationRepository"/>
|
|
||||||
</security:authentication-mechanism>
|
|
||||||
|
|
||||||
<!-- dao authentication provider -->
|
|
||||||
<security:authentication-repository id="authenticationRepository" repositoryBeanRef="userDetailsService"/>
|
|
||||||
|
|
||||||
<security:authentication-remember-me-services
|
|
||||||
id="rememberMeServices" key="someValue" />
|
|
||||||
|
|
||||||
<bean id="userDetailsService"
|
|
||||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
|
|
||||||
<property name="dataSource">
|
|
||||||
<ref bean="dataSource" />
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="dataSource"
|
|
||||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
|
|
||||||
<property name="driverClassName">
|
|
||||||
<value>org.hsqldb.jdbcDriver</value>
|
|
||||||
</property>
|
|
||||||
<property name="url">
|
|
||||||
<value>jdbc:hsqldb:mem:test</value>
|
|
||||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
|
|
||||||
</property>
|
|
||||||
<property name="username">
|
|
||||||
<value>sa</value>
|
|
||||||
</property>
|
|
||||||
<property name="password">
|
|
||||||
<value></value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
|
|
||||||
</beans>
|
|
||||||
|
|
|
@ -1,50 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<!-- Case 1: defaults (userDetailsService mandatory)-->
|
|
||||||
<!-- autocreate userDetailsService with dataSource(search in ctx) injected -->
|
|
||||||
|
|
||||||
<security:authentication-repository id="authenticationRepository">
|
|
||||||
<security:salt-source>
|
|
||||||
<security:system-wide systemWideSalt="12345" />
|
|
||||||
</security:salt-source>
|
|
||||||
<security:password-encoder>
|
|
||||||
<security:encoder method="md5" />
|
|
||||||
</security:password-encoder>
|
|
||||||
</security:authentication-repository>
|
|
||||||
|
|
||||||
<bean id="AnyBeanIdAsThisBeanWillBeAutoDetectedAndInjectedInauthenticationRepositoryUsingAutoWireByType"
|
|
||||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
|
|
||||||
<property name="dataSource">
|
|
||||||
<ref bean="dataSource" />
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="dataSource"
|
|
||||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
|
|
||||||
<property name="driverClassName">
|
|
||||||
<value>org.hsqldb.jdbcDriver</value>
|
|
||||||
</property>
|
|
||||||
<property name="url">
|
|
||||||
<value>jdbc:hsqldb:mem:test</value>
|
|
||||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
|
|
||||||
</property>
|
|
||||||
<property name="username">
|
|
||||||
<value>sa</value>
|
|
||||||
</property>
|
|
||||||
<property name="password">
|
|
||||||
<value></value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
</beans>
|
|
|
@ -1,37 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
|
|
||||||
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it;
|
|
||||||
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for
|
|
||||||
other props; i do not mind if you move the access denied stuff to a sub-element -->
|
|
||||||
<security:exception-translation id="exceptionTranslationFilter">
|
|
||||||
<security:entry-point
|
|
||||||
entryPointBeanRef="authenticationProcessingFilterEntryPoint" />
|
|
||||||
</security:exception-translation>
|
|
||||||
|
|
||||||
<bean id="theBeanToUse"
|
|
||||||
class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
|
|
||||||
<property name="errorPage" value="/accessDenied.jsp" />
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="authenticationProcessingFilterEntryPoint"
|
|
||||||
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
|
|
||||||
<property name="loginFormUrl">
|
|
||||||
<value>/acegilogin.jsp</value>
|
|
||||||
</property>
|
|
||||||
<property name="forceHttps">
|
|
||||||
<value>false</value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
</beans>
|
|
|
@ -1,38 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
|
|
||||||
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it;
|
|
||||||
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for
|
|
||||||
other props; i do not mind if you move the access denied stuff to a sub-element -->
|
|
||||||
<security:exception-translation id="exceptionTranslationFilter">
|
|
||||||
<security:access-denied accessDeniedBeanRef="theBeanToUse" />
|
|
||||||
<security:entry-point
|
|
||||||
entryPointBeanRef="authenticationProcessingFilterEntryPoint" />
|
|
||||||
</security:exception-translation>
|
|
||||||
|
|
||||||
<bean id="theBeanToUse"
|
|
||||||
class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
|
|
||||||
<property name="errorPage" value="/accessDenied.jsp" />
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="authenticationProcessingFilterEntryPoint"
|
|
||||||
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
|
|
||||||
<property name="loginFormUrl">
|
|
||||||
<value>/acegilogin.jsp</value>
|
|
||||||
</property>
|
|
||||||
<property name="forceHttps">
|
|
||||||
<value>false</value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
</beans>
|
|
|
@ -1,34 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) -->
|
|
||||||
<!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown -->
|
|
||||||
<security:logout-support id="logoutFilter" logoutUrl="/logout" redirectAfterLogoutUrl="/"/>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<security:authentication-remember-me-services
|
|
||||||
id="rememberMeServices" key="someValue" />
|
|
||||||
|
|
||||||
<bean id="SecurityContextLogoutHandler"
|
|
||||||
class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" />
|
|
||||||
|
|
||||||
<security:principal-repository id="userDetailsService">
|
|
||||||
<security:user-definition username="vishal"
|
|
||||||
password="nottellingya" enabled="true">
|
|
||||||
<security:granted-authority authority="ROLE_YO" />
|
|
||||||
<security:granted-authority authority="ROLE_YOYO" />
|
|
||||||
<!-- TODO: <security:granted-authority-ref authorityBeanRef="fooBarAuthority"/>-->
|
|
||||||
</security:user-definition>
|
|
||||||
</security:principal-repository>
|
|
||||||
</beans>
|
|
|
@ -1,44 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<!-- userDetailsService, This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various
|
|
||||||
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly.
|
|
||||||
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds -->
|
|
||||||
|
|
||||||
<!--<security:security-autoconfig/> -->
|
|
||||||
|
|
||||||
<security:principal-repository id="userDetailsService">
|
|
||||||
<security:jdbc dataSourceBeanRef="dataSource"/>
|
|
||||||
</security:principal-repository>
|
|
||||||
|
|
||||||
<bean id="dataSource"
|
|
||||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
|
|
||||||
<property name="driverClassName">
|
|
||||||
<value>org.hsqldb.jdbcDriver</value>
|
|
||||||
</property>
|
|
||||||
<property name="url">
|
|
||||||
<value>jdbc:hsqldb:mem:test</value>
|
|
||||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
|
|
||||||
</property>
|
|
||||||
<property name="username">
|
|
||||||
<value>sa</value>
|
|
||||||
</property>
|
|
||||||
<property name="password">
|
|
||||||
<value></value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<!--<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
|
|
||||||
<property name="dataSource" ref="dataSource"></property>
|
|
||||||
</bean>-->
|
|
||||||
</beans>
|
|
|
@ -1,22 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<!-- userDetailsService, This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various
|
|
||||||
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly.
|
|
||||||
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds -->
|
|
||||||
|
|
||||||
<security:principal-repository id="userDetailsService">
|
|
||||||
<security:properties resource="classpath:org/acegisecurity/config/user.properties"/>
|
|
||||||
</security:principal-repository>
|
|
||||||
|
|
||||||
</beans>
|
|
|
@ -1,28 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<!-- userDetailsService, This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various
|
|
||||||
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly.
|
|
||||||
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds -->
|
|
||||||
|
|
||||||
<security:principal-repository id="userDetailsService">
|
|
||||||
<security:user-definition username="vishal" password="nottellingya" enabled="true">
|
|
||||||
<security:granted-authority authority="ROLE_YO"/>
|
|
||||||
<security:granted-authority authority="ROLE_YOYO"/>
|
|
||||||
<!-- TODO: <security:granted-authority-ref authorityBeanRef="fooBarAuthority"/>-->
|
|
||||||
</security:user-definition>
|
|
||||||
</security:principal-repository>
|
|
||||||
|
|
||||||
<!-- TODO: <security:granted-authority id="fooBarAuthority" authority="ROLE_FOOBAR"/> -->
|
|
||||||
|
|
||||||
</beans>
|
|
|
@ -1,76 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<!-- ======================== AUTHENTICATION ======================= -->
|
|
||||||
|
|
||||||
<!-- makes the filter, but does little else, as it auto-detects everything -->
|
|
||||||
<security:authentication-remember-me-filter id="rememberMeFilter" rememberMeServicesBeanRef="rememberMeServices" />
|
|
||||||
|
|
||||||
<!-- services should auto-detect UserDetails from app ctx if principalRepository was not specified; -->
|
|
||||||
<!-- key is optional; if unspecified, in the NamespaceHandler pick a rnd int and use for all unspecified key properties for acegi beans -->
|
|
||||||
<security:authentication-remember-me-services
|
|
||||||
id="rememberMeServices" key="someValue"
|
|
||||||
principalRepositoryBeanRef="userDetailsService" />
|
|
||||||
|
|
||||||
<!-- The rules are:
|
|
||||||
AuthenticationManager interface is implemented by ProviderManager
|
|
||||||
So if you have any auto-detection, create a ProviderManager definition
|
|
||||||
If ProviderManager.setProvider(List) is never called, auto-detect all AuthenticationProviders from app ctx, using Ordered to resolve their order
|
|
||||||
Every authentication mechanism OR provider must start with security:authentication-something
|
|
||||||
Use appropriate attrs and elements depending on provider or mechanism
|
|
||||||
-->
|
|
||||||
<!-- make it optional, if not supplied autodetect all auth-providers from app ctx, using Ordered to resolve their order -->
|
|
||||||
<security:authentication-mechanism id="authenticationManager">
|
|
||||||
<security:authentication-jdbc ref="authenticationRepository"/>
|
|
||||||
</security:authentication-mechanism>
|
|
||||||
|
|
||||||
|
|
||||||
<!--<bean id="authenticationManager"
|
|
||||||
class="org.acegisecurity.providers.ProviderManager">
|
|
||||||
|
|
||||||
<property name="providers">
|
|
||||||
<list>
|
|
||||||
<ref local="authenticationRepository" />
|
|
||||||
</list>
|
|
||||||
</property>
|
|
||||||
</bean>-->
|
|
||||||
|
|
||||||
<!-- dao authentication provider -->
|
|
||||||
<security:authentication-repository id="authenticationRepository" />
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<bean id="userDetailsService"
|
|
||||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
|
|
||||||
<property name="dataSource">
|
|
||||||
<ref bean="dataSource" />
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="dataSource"
|
|
||||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
|
|
||||||
<property name="driverClassName">
|
|
||||||
<value>org.hsqldb.jdbcDriver</value>
|
|
||||||
</property>
|
|
||||||
<property name="url">
|
|
||||||
<value>jdbc:hsqldb:mem:test</value>
|
|
||||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
|
|
||||||
</property>
|
|
||||||
<property name="username">
|
|
||||||
<value>sa</value>
|
|
||||||
</property>
|
|
||||||
<property name="password">
|
|
||||||
<value></value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
</beans>
|
|
|
@ -1,21 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
|
|
||||||
<!-- introspect all bean definitions for an explicit object of a "required" type, and if not found, add it. You can turn OFF ones you dont want added via attributes -->
|
|
||||||
<security:security-autoconfig exceptionTranslation="disable"
|
|
||||||
sessionContextIntegration="disable" logoutSupport="disable"
|
|
||||||
filterChain="disable" servletRequestEmulation="disabled"
|
|
||||||
anonyomousRoleGranter="disabled" />
|
|
||||||
|
|
||||||
</beans>
|
|
|
@ -1,183 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<!-- introspect all bean definitions for an explicit object of a "required" type, and if not found, add it. You can turn OFF ones you dont want added via attributes -->
|
|
||||||
<security:security-autoconfig exceptionTranslation="disable"
|
|
||||||
sessionContextIntegration="disable" logoutSupport="disable"
|
|
||||||
filterChain="disable" servletRequestEmulation="disabled"
|
|
||||||
anonyomousRoleGranter="disabled" />
|
|
||||||
|
|
||||||
<!-- autodetect attribute is the default, and an exception is thrown if false, as the expectation is they will write their own legacy <beans> format
|
|
||||||
FilterChainProxy bean definition is dissatisfied with the auto approach. The auto approach simply creates a bean definition similar to that shown
|
|
||||||
below with the AUTODETECT_ALL_ORDERED_FILTERs. As suggested, this causes a runtime check of app ctx for all javax.servlet.Filter instances, and
|
|
||||||
for each that also implemented Ordered, these are automatically applied to the pattern shown (which is **/* in the case of autodetect=true).*-->
|
|
||||||
<security:filter-chain id="id" />
|
|
||||||
<bean id="dcdc" class="FilterChainProxy">
|
|
||||||
<property name="chainConfig">
|
|
||||||
<value>
|
|
||||||
**/*=AUTODETECT_ALL_ORDERED_FILTERS
|
|
||||||
**/*=filter1,filter2,filter3
|
|
||||||
</value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
<!-- also provide an OrderedFilterAdapter, impls Filter and Ordered, and can be configured declaratively in Spring XML (eg SiteMesh), setOrder, setDelegate(Filter object) -->
|
|
||||||
|
|
||||||
<!-- creates a bean definition for an AccessDecisionManager; strategy defaults to AffirmativeBased;
|
|
||||||
superclass AbstractAccessDecisionManager requires refactoring so if no setProvider(List) given, it introspects app ctx for all AccessDecisionVoters
|
|
||||||
and uses their Ordered interface to apply them; if one doesn't implement Ordered, assume it is Integer.MAX_VALUE -->
|
|
||||||
<security:authorization-manager id="id"
|
|
||||||
strategy="consensus|unanimous|affirmative" />
|
|
||||||
|
|
||||||
<!-- ======================== AUTHENTICATION ======================= -->
|
|
||||||
|
|
||||||
<!-- sessionCreation defaults to ifRequired. -->
|
|
||||||
<security:session-context-integration
|
|
||||||
id="httpSessionContextIntegrationFilter"
|
|
||||||
sessionCreation="never|ifRequired|always" />
|
|
||||||
|
|
||||||
<!-- The rules are:
|
|
||||||
AuthenticationManager interface is implemented by ProviderManager
|
|
||||||
So if you have any auto-detection, create a ProviderManager definition
|
|
||||||
If ProviderManager.setProvider(List) is never called, auto-detect all AuthenticationProviders from app ctx, using Ordered to resolve their order
|
|
||||||
Every authentication mechanism OR provider must start with security:authentication-something
|
|
||||||
Use appropriate attrs and elements depending on provider or mechanism
|
|
||||||
-->
|
|
||||||
<security:authentication-repository id="id"
|
|
||||||
repositoryBeanRef="beanIdOfRepositoryIfUnspecifiedAutoDetectTheirUserDetailsInstance">
|
|
||||||
<security:salt-source
|
|
||||||
saltSourceBeanRef="beanRefOfAnExternalEncoder" />
|
|
||||||
<!-- or allow it to be written inline as an inner bean -->
|
|
||||||
<security:password-encoder
|
|
||||||
encoder="md5|md5Hex|sha|shaHex|custom"
|
|
||||||
encoderBeanRef="beanRefOfAnExternalEncoder" />
|
|
||||||
<!-- same story here, inner beans allowed -->
|
|
||||||
</security:authentication-repository>
|
|
||||||
|
|
||||||
<security:salt-source>
|
|
||||||
<security:system-wide systemWideSalt="12345" />
|
|
||||||
<security-reflection userPropertyToUse="sss" />
|
|
||||||
</security:salt-source>
|
|
||||||
|
|
||||||
|
|
||||||
<!-- the URLs are all mandatory and have no defaults (well, except authenticationUrl) -->
|
|
||||||
<security:authentication-form id="id" authenticationUrl="/login"
|
|
||||||
loginFormUrl="/login.html" errorFormUrl="error.html" />
|
|
||||||
|
|
||||||
<!-- AuthenticationEntryPoints handled across the system via Ordered interface; every Acegi entry point has an order; the highest order wins and
|
|
||||||
is used as the entry point by ExceptionTranslationFilter; for things like BasicAuthenticationfilter, they're smart enough to know they need a
|
|
||||||
BasicAuthenticationProcessingFilterEntryPoint, so they use that one; here we have an entryPointOrder to say when we make the BasicEntryPoint,
|
|
||||||
we will call setOrder(2) such that this app effectively will use somehing with a higher order as the app-wide default -->
|
|
||||||
<security:authentication-basic id="id"
|
|
||||||
realmName="Spring Security Application" entryPointOrder="2" />
|
|
||||||
|
|
||||||
<!-- This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various
|
|
||||||
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly.
|
|
||||||
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds -->
|
|
||||||
<security:principal-repository id="id">
|
|
||||||
<security:ldap
|
|
||||||
x="you can do the attributes and suitable nested elements" />
|
|
||||||
<security:jdbc
|
|
||||||
x="you can do the attributes and suitable nested elements" />
|
|
||||||
<security:properties
|
|
||||||
location="resourceStringToPropertiesFile">
|
|
||||||
<!-- if they specify a resource attrib, that means throw exception if they nest some user-definition data) -->
|
|
||||||
<security:user-definition username="ben"
|
|
||||||
password="nottellingYou" enabled="true"
|
|
||||||
it="more stuff if you want">
|
|
||||||
<security:granted-authority authority="ROLE_ANONYMOUS" />
|
|
||||||
<ref bean="fooBarAuthority" />
|
|
||||||
</security:user-definition>
|
|
||||||
</security:properties>
|
|
||||||
</security:principal-repository>
|
|
||||||
|
|
||||||
<!-- makes the filter, but does little else, as it auto-detects everything -->
|
|
||||||
<security:authentication-remember-me-filter id="id"
|
|
||||||
rememberMeServicesBeanRef="theId" />
|
|
||||||
|
|
||||||
<!-- services should auto-detect UserDetails from app ctx if principalRepository was not specified; key is handled in same way as discussed earlier -->
|
|
||||||
<security:authentication-remember-me-services id="id"
|
|
||||||
key="someValue" principalRepositoryBeanRef="jdbcDaoImpl" />
|
|
||||||
|
|
||||||
<!-- key is optional; if unspecified, in the NamespaceHandler pick a rnd int and use for all unspecified key properties for acegi beans -->
|
|
||||||
<security:anonymous-role-granter id="id" key="someValue">
|
|
||||||
<security:granted-authority authority="ROLE_ANONYMOUS" />
|
|
||||||
<ref bean="fooBarAuthority" />
|
|
||||||
</security:anonymous-role-granter>
|
|
||||||
|
|
||||||
<security:granted-authority id="fooBarAuthority"
|
|
||||||
authority="ROLE_FOOBAR" />
|
|
||||||
|
|
||||||
<!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) -->
|
|
||||||
<!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown -->
|
|
||||||
<security:logout-support id="logoutFilter"
|
|
||||||
redirectAfterLogoutUrl="/" logoutUrl="/logout" />
|
|
||||||
|
|
||||||
|
|
||||||
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
|
|
||||||
|
|
||||||
<!-- channel security out of scope; they use existing bean definition format; the channel filter will auto-detect and use Ordered interface as discussed above -->
|
|
||||||
|
|
||||||
<!-- any kind of ACL support is out of scope; frankly it is too hard for 1.1.0 -->
|
|
||||||
|
|
||||||
<!-- ensure element name is not overlapping with portlet or spring web flow or tapestry URI patterns, as this filter is incompatible with them -->
|
|
||||||
<security:authorization-http-url>
|
|
||||||
<security:url-mapping
|
|
||||||
source="xml - the default and no other options"
|
|
||||||
sourceBeanId="referenceToTheirObjectDefinitionSource">
|
|
||||||
<!-- Specify security:uri-patterns in order of processing; each pattern must specify EITHER a regularExpression OR a path, but not both
|
|
||||||
and ALL patterns in the url-mapping MUST be of the SAME type (ie cannot mix a regular expression and Ant Path) - give exception if tried -->
|
|
||||||
<security:uri-pattern path="/index.jsp"
|
|
||||||
regularExpression="whatever">
|
|
||||||
<security:configuration-attribute attribute="ROLE_A" />
|
|
||||||
<ref
|
|
||||||
bean="someExternalConfigurationAttributeThatIsATopLevelBean" />
|
|
||||||
</security:uri-pattern>
|
|
||||||
<security:uri-pattern path="/**"
|
|
||||||
regularExperssion="whatever">
|
|
||||||
<security:configuration-attribute attribute="ROLE_A" />
|
|
||||||
<ref
|
|
||||||
bean="someExternalConfigurationAttributeThatIsATopLevelBean" />
|
|
||||||
</security:uri-pattern>
|
|
||||||
</security:url-mapping>
|
|
||||||
</security:authorization-http-url>
|
|
||||||
|
|
||||||
<!-- the source refers to use of the relevant concete ObjectDefinitionSource; user can alternately specify their own instance and refer to it
|
|
||||||
via the sourceBeanId property; in that case they must specify "custom"; if unspecified, it means it's described as nested elements using the
|
|
||||||
security:method-pattern element, and you will therefore create it via the MethodDefinitionSourceEditor (that is what the default source=xml means, too)
|
|
||||||
For aspectj and springAop, that means create a MethodSecurityInterceptor and AspectJSecurityInterceptor bean definition respectively (in the case of
|
|
||||||
springAop, also create a MethodDefinitionSourceAdvisor); defaults to springAop=true, aspectJ=false -->
|
|
||||||
<security:authorization-joinpoint aspectj="false|true"
|
|
||||||
springAop="true|false">
|
|
||||||
<security:url-mapping source="custom|xml|attributes|annotations"
|
|
||||||
sourceBeanId="referenceToTheirObjectDefinitionSource">
|
|
||||||
<security:method-pattern
|
|
||||||
type="com.foo.Bar.whateverMethodNamePattern">
|
|
||||||
<security:configuration-attribute attribute="ROLE_A" />
|
|
||||||
<ref
|
|
||||||
bean="someExternalConfigurationAttributeThatIsATopLevelBean" />
|
|
||||||
</security:method-pattern>
|
|
||||||
</security:url-mapping>
|
|
||||||
<!-- if get time, do a new security:pointcut-pattern -->
|
|
||||||
</security:authorization-joinpoint>
|
|
||||||
|
|
||||||
|
|
||||||
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it;
|
|
||||||
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for
|
|
||||||
other props; i do not mind if you move the access denied stuff to a sub-element -->
|
|
||||||
<security:exception-translation id="id"
|
|
||||||
accessDeniedUrl="/accessDenied.jsp"
|
|
||||||
accessDeniedBeanRef="theBeanToUse">
|
|
||||||
<security:entry-point path="/acegilogin.jsp" https="boolean" />
|
|
||||||
</security:exception-translation>
|
|
||||||
|
|
||||||
</beans>
|
|
|
@ -1,63 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
|
||||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
|
||||||
|
|
||||||
<!-- ======================== AUTHENTICATION ======================= -->
|
|
||||||
|
|
||||||
<!-- sessionCreation defaults to ifRequired(true) always(true) never(false) . -->
|
|
||||||
<security:session-context-integration id="httpSessionContextIntegrationFilter" sessionCreation="never" />
|
|
||||||
|
|
||||||
<!-- The rules are:
|
|
||||||
AuthenticationManager interface is implemented by ProviderManager
|
|
||||||
So if you have any auto-detection, create a ProviderManager definition
|
|
||||||
If ProviderManager.setProvider(List) is never called, auto-detect all AuthenticationProviders from app ctx, using Ordered to resolve their order
|
|
||||||
Every authentication mechanism OR provider must start with security:authentication-something
|
|
||||||
Use appropriate attrs and elements depending on provider or mechanism
|
|
||||||
-->
|
|
||||||
|
|
||||||
|
|
||||||
<!-- Case 1
|
|
||||||
<security:authentication-repository id="id" repositoryBeanRef="userDetails">
|
|
||||||
<security:salt-source
|
|
||||||
saltSourceBeanRef="beanRefOfAnExternalEncoder" />
|
|
||||||
or allow it to be written inline as an inner bean
|
|
||||||
<security:password-encoder
|
|
||||||
encoder="md5|md5Hex|sha|shaHex|custom"
|
|
||||||
encoderBeanRef="beanRefOfAnExternalEncoder" />
|
|
||||||
same story here, inner beans allowed
|
|
||||||
</security:authentication-repository>
|
|
||||||
|
|
||||||
<bean id="userDetails" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
|
|
||||||
<property name="dataSource"><ref bean="dataSource"/></property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
Case 2: autodetect userDetails
|
|
||||||
<security:authentication-repository id="id">
|
|
||||||
<security:salt-source
|
|
||||||
saltSourceBeanRef="beanRefOfAnExternalEncoder" />
|
|
||||||
or allow it to be written inline as an inner bean
|
|
||||||
<security:password-encoder
|
|
||||||
encoder="md5|md5Hex|sha|shaHex|custom"
|
|
||||||
encoderBeanRef="beanRefOfAnExternalEncoder" />
|
|
||||||
same story here, inner beans allowed
|
|
||||||
</security:authentication-repository>
|
|
||||||
|
|
||||||
Case 3: inner beans
|
|
||||||
<security:authentication-repository id="id"
|
|
||||||
ref="userDetails">
|
|
||||||
<security:salt-source propertyName="propertyValue" />
|
|
||||||
or allow it to be written inline as an inner bean
|
|
||||||
<security:password-encoder encoder="md5" />
|
|
||||||
same story here, inner beans allowed
|
|
||||||
</security:authentication-repository>
|
|
||||||
--></beans>
|
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
vishal=ity,ROLE_ADMIN
|
|
||||||
ity=vishal,ROLE_TELLER
|
|
|
@ -1,7 +1,5 @@
|
||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
<modelVersion>4.0.0</modelVersion>
|
||||||
<parent>
|
<parent>
|
||||||
<groupId>org.acegisecurity</groupId>
|
<groupId>org.acegisecurity</groupId>
|
||||||
|
@ -22,6 +20,7 @@
|
||||||
<module>webwork</module>
|
<module>webwork</module>
|
||||||
<module>openid</module>
|
<module>openid</module>
|
||||||
<module>other</module>
|
<module>other</module>
|
||||||
|
<module>spring-security-config</module>
|
||||||
</modules>
|
</modules>
|
||||||
|
|
||||||
<dependencies>
|
<dependencies>
|
||||||
|
|
Loading…
Reference in New Issue