mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-06-01 09:42:13 +00:00
Added Java 5 Annotations version of the BankService sample. Note: This project requires the Secured annotation which is in "core-tiger"... make sure you have built and installed the acegi-security-tiger-0.9.0-SNAPSHOT.jar in your local maven repo.
This commit is contained in:
parent
61df8e9f7b
commit
e850849be5
@ -59,5 +59,8 @@
|
|||||||
<classpathentry kind="src" path="core-tiger/src/test/java"/>
|
<classpathentry kind="src" path="core-tiger/src/test/java"/>
|
||||||
<classpathentry kind="src" path="core-tiger/src/main/resources"/>
|
<classpathentry kind="src" path="core-tiger/src/main/resources"/>
|
||||||
<classpathentry kind="src" path="core-tiger/src/test/resources"/>
|
<classpathentry kind="src" path="core-tiger/src/test/resources"/>
|
||||||
|
<classpathentry kind="src" path="samples/annotations/src/main/java"/>
|
||||||
|
<classpathentry kind="src" path="samples/annotations/src/main/resources"/>
|
||||||
|
<classpathentry kind="src" path="samples/annotations/src/test/java"/>
|
||||||
<classpathentry kind="output" path="target/eclipseclasses"/>
|
<classpathentry kind="output" path="target/eclipseclasses"/>
|
||||||
</classpath>
|
</classpath>
|
||||||
|
4
samples/annotations/.cvsignore
Normal file
4
samples/annotations/.cvsignore
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
classes
|
||||||
|
generated
|
||||||
|
reports
|
||||||
|
target
|
6
samples/annotations/maven.xml
Normal file
6
samples/annotations/maven.xml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
<project xmlns:maven="jelly:maven"
|
||||||
|
xmlns:j="jelly:core"
|
||||||
|
xmlns:util="jelly:util">
|
||||||
|
|
||||||
|
|
||||||
|
</project>
|
9
samples/annotations/project.properties
Normal file
9
samples/annotations/project.properties
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
# $Id$
|
||||||
|
|
||||||
|
# Compile settings
|
||||||
|
#
|
||||||
|
# Java 1.5 is required due to the use of annotations for metadata.
|
||||||
|
# (main Acegi Security project / parent) is Java 1.3 compatible
|
||||||
|
#
|
||||||
|
maven.compile.target=1.5
|
||||||
|
maven.compile.source=1.5
|
23
samples/annotations/project.xml
Normal file
23
samples/annotations/project.xml
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<project>
|
||||||
|
<extend>${basedir}/../project.xml</extend>
|
||||||
|
<pomVersion>3</pomVersion>
|
||||||
|
<artifactId>acegi-security-sample-annotations</artifactId>
|
||||||
|
<name>Acegi Security System for Spring - Annotations sample</name>
|
||||||
|
<groupId>acegisecurity</groupId>
|
||||||
|
<siteDirectory>/home/groups/a/ac/acegisecurity/htdocs/multiproject/acegi-security-sample-annotations</siteDirectory>
|
||||||
|
<repository>
|
||||||
|
<connection>scm:cvs:pserver:anonymous@cvs.sourceforge.net:/cvsroot/acegisecurity:acegisecurity</connection>
|
||||||
|
<developerConnection>scm:cvs:ext:${maven.username}@cvs.sourceforge.net:/cvsroot/acegisecurity:acegisecurity</developerConnection>
|
||||||
|
<url>http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/acegisecurity/acegisecurity/samples/annotations/</url>
|
||||||
|
</repository>
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>acegisecurity</groupId>
|
||||||
|
<artifactId>acegi-security-tiger</artifactId>
|
||||||
|
<version>0.9.0-SNAPSHOT</version>
|
||||||
|
<type>jar</type>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
</project>
|
||||||
|
|
@ -0,0 +1,52 @@
|
|||||||
|
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package sample.annotations;
|
||||||
|
|
||||||
|
import net.sf.acegisecurity.annotation.Secured;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* <code>BankService</code> sample using Java 5 Annotations.
|
||||||
|
*
|
||||||
|
* @author Mark St.Godard
|
||||||
|
* @version $Id$
|
||||||
|
*
|
||||||
|
* @see net.sf.acegisecurity.annotation.Secured
|
||||||
|
*/
|
||||||
|
|
||||||
|
@Secured({"ROLE_TELLER" })
|
||||||
|
public interface BankService {
|
||||||
|
//~ Methods ================================================================
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the account balance.
|
||||||
|
*
|
||||||
|
* @param accountNumber The account number
|
||||||
|
*
|
||||||
|
* @return The balance
|
||||||
|
*/
|
||||||
|
|
||||||
|
@Secured({"ROLE_PERMISSION_BALANCE" })
|
||||||
|
public float balance(String accountNumber);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* List accounts
|
||||||
|
*
|
||||||
|
* @return The list of accounts
|
||||||
|
*/
|
||||||
|
|
||||||
|
@Secured({"ROLE_PERMISSION_LIST" })
|
||||||
|
public String[] listAccounts();
|
||||||
|
}
|
@ -0,0 +1,34 @@
|
|||||||
|
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package sample.annotations;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* <code>BankService</code> sample implementation.
|
||||||
|
*
|
||||||
|
* @author Mark St.Godard
|
||||||
|
* @version $Id$
|
||||||
|
*/
|
||||||
|
public class BankServiceImpl implements BankService {
|
||||||
|
//~ Methods ================================================================
|
||||||
|
|
||||||
|
public float balance(String accountNumber) {
|
||||||
|
return 42000000;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String[] listAccounts() {
|
||||||
|
return new String[] {"1", "2", "3"};
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,60 @@
|
|||||||
|
package sample.annotations;
|
||||||
|
|
||||||
|
|
||||||
|
import net.sf.acegisecurity.AccessDeniedException;
|
||||||
|
import net.sf.acegisecurity.GrantedAuthority;
|
||||||
|
import net.sf.acegisecurity.GrantedAuthorityImpl;
|
||||||
|
import net.sf.acegisecurity.context.SecurityContextHolder;
|
||||||
|
import net.sf.acegisecurity.context.SecurityContextImpl;
|
||||||
|
import net.sf.acegisecurity.providers.TestingAuthenticationToken;
|
||||||
|
|
||||||
|
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @author Mark St.Godard
|
||||||
|
* @version $Id$
|
||||||
|
*/
|
||||||
|
public class Main {
|
||||||
|
//~ Methods ================================================================
|
||||||
|
|
||||||
|
public static void main(String[] args) throws Exception {
|
||||||
|
createSecureContext();
|
||||||
|
|
||||||
|
ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext(
|
||||||
|
"applicationContext-annotations.xml");
|
||||||
|
BankService service = (BankService) context.getBean("bankService");
|
||||||
|
|
||||||
|
// will succeed
|
||||||
|
service.listAccounts();
|
||||||
|
|
||||||
|
// will fail
|
||||||
|
try {
|
||||||
|
System.out.println(
|
||||||
|
"We expect an AccessDeniedException now, as we do not hold the ROLE_PERMISSION_BALANCE granted authority, and we're using a unanimous access decision manager... ");
|
||||||
|
service.balance("1");
|
||||||
|
} catch (AccessDeniedException e) {
|
||||||
|
e.printStackTrace();
|
||||||
|
}
|
||||||
|
|
||||||
|
destroySecureContext();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This can be done in a web app by using a filter or
|
||||||
|
* <code>SpringMvcIntegrationInterceptor</code>.
|
||||||
|
*/
|
||||||
|
private static void createSecureContext() {
|
||||||
|
TestingAuthenticationToken auth = new TestingAuthenticationToken("test",
|
||||||
|
"test",
|
||||||
|
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_TELLER"), new GrantedAuthorityImpl(
|
||||||
|
"ROLE_PERMISSION_LIST")});
|
||||||
|
|
||||||
|
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||||
|
}
|
||||||
|
|
||||||
|
private static void destroySecureContext() {
|
||||||
|
SecurityContextHolder.setContext(new SecurityContextImpl());
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,99 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
|
||||||
|
<!--
|
||||||
|
* Copyright 2004 Acegi Technology Pty Limited
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*
|
||||||
|
*
|
||||||
|
* $Id$
|
||||||
|
-->
|
||||||
|
|
||||||
|
<beans>
|
||||||
|
|
||||||
|
<!-- =================== SECURITY SYSTEM DEFINITIONS ================== -->
|
||||||
|
|
||||||
|
<!-- RunAsManager -->
|
||||||
|
<bean id="runAsManager" class="net.sf.acegisecurity.runas.RunAsManagerImpl">
|
||||||
|
<property name="key"><value>my_run_as_password</value></property>
|
||||||
|
</bean>
|
||||||
|
|
||||||
|
<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHENTICATION DEFINITIONS ~~~~~~~~~~~~~~~~~~ -->
|
||||||
|
|
||||||
|
<!-- This authentication provider accepts any presented TestingAuthenticationToken -->
|
||||||
|
<bean id="testingAuthenticationProvider" class="net.sf.acegisecurity.providers.TestingAuthenticationProvider"/>
|
||||||
|
|
||||||
|
<!-- The authentication manager that iterates through our only authentication provider -->
|
||||||
|
<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
|
||||||
|
<property name="providers">
|
||||||
|
<list>
|
||||||
|
<ref local="testingAuthenticationProvider"/>
|
||||||
|
</list>
|
||||||
|
</property>
|
||||||
|
</bean>
|
||||||
|
|
||||||
|
<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~~~~ -->
|
||||||
|
|
||||||
|
<!-- An access decision voter that reads ROLE_* configuaration settings -->
|
||||||
|
<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
|
||||||
|
|
||||||
|
<!-- A unanimous access decision manager -->
|
||||||
|
<bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.UnanimousBased">
|
||||||
|
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
|
||||||
|
<property name="decisionVoters">
|
||||||
|
<list>
|
||||||
|
<ref local="roleVoter"/>
|
||||||
|
</list>
|
||||||
|
</property>
|
||||||
|
</bean>
|
||||||
|
|
||||||
|
<!-- ===================== SECURITY DEFINITIONS ======================= -->
|
||||||
|
|
||||||
|
<bean id="attributes" class="net.sf.acegisecurity.annotation.SecurityAnnotationAttributes"/>
|
||||||
|
|
||||||
|
<bean id="objectDefinitionSource" class="net.sf.acegisecurity.intercept.method.MethodDefinitionAttributes">
|
||||||
|
<property name="attributes"><ref local="attributes"/></property>
|
||||||
|
</bean>
|
||||||
|
|
||||||
|
<!-- We don't validate config attributes, as it's unsupported by MethodDefinitionAttributes -->
|
||||||
|
<bean id="securityInterceptor" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
|
||||||
|
<property name="validateConfigAttributes"><value>false</value></property>
|
||||||
|
<property name="authenticationManager"><ref local="authenticationManager"/></property>
|
||||||
|
<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
|
||||||
|
<property name="runAsManager"><ref local="runAsManager"/></property>
|
||||||
|
<property name="objectDefinitionSource"><ref local="objectDefinitionSource"/></property>
|
||||||
|
</bean>
|
||||||
|
|
||||||
|
<bean id="bankService" class="sample.annotations.BankServiceImpl"/>
|
||||||
|
|
||||||
|
<!--
|
||||||
|
This bean is a postprocessor that will automatically apply relevant advisors
|
||||||
|
to any bean in child factories.
|
||||||
|
-->
|
||||||
|
<bean id="autoproxy"
|
||||||
|
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator">
|
||||||
|
</bean>
|
||||||
|
|
||||||
|
<!--
|
||||||
|
AOP advisor that will automatically wire the MethodSecurityInterceptor (above)
|
||||||
|
into BankServiceImpl (above). The configuration attributes used are obtained
|
||||||
|
from the securityInterceptor.objectDefinitionSouce, which in the
|
||||||
|
above configuration is a JDK 5 Annotations Attributes-based source.
|
||||||
|
-->
|
||||||
|
<bean id="methodSecurityAdvisor"
|
||||||
|
class="net.sf.acegisecurity.intercept.method.aopalliance.MethodDefinitionSourceAdvisor"
|
||||||
|
autowire="constructor" >
|
||||||
|
</bean>
|
||||||
|
|
||||||
|
|
||||||
|
</beans>
|
@ -0,0 +1,82 @@
|
|||||||
|
package samples.annotations;
|
||||||
|
|
||||||
|
import junit.framework.TestCase;
|
||||||
|
import net.sf.acegisecurity.AccessDeniedException;
|
||||||
|
import net.sf.acegisecurity.GrantedAuthority;
|
||||||
|
import net.sf.acegisecurity.GrantedAuthorityImpl;
|
||||||
|
import net.sf.acegisecurity.context.SecurityContextHolder;
|
||||||
|
import net.sf.acegisecurity.context.SecurityContextImpl;
|
||||||
|
import net.sf.acegisecurity.providers.TestingAuthenticationToken;
|
||||||
|
|
||||||
|
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
||||||
|
|
||||||
|
import sample.annotations.BankService;
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tests security objects.
|
||||||
|
*
|
||||||
|
* @author Ben Alex
|
||||||
|
* @version $Id$
|
||||||
|
*/
|
||||||
|
public class BankTests extends TestCase {
|
||||||
|
//~ Instance fields ========================================================
|
||||||
|
|
||||||
|
private BankService service;
|
||||||
|
private ClassPathXmlApplicationContext ctx;
|
||||||
|
|
||||||
|
//~ Constructors ===========================================================
|
||||||
|
|
||||||
|
public BankTests() {
|
||||||
|
super();
|
||||||
|
}
|
||||||
|
|
||||||
|
public BankTests(String arg0) {
|
||||||
|
super(arg0);
|
||||||
|
}
|
||||||
|
|
||||||
|
//~ Methods ================================================================
|
||||||
|
|
||||||
|
public final void setUp() throws Exception {
|
||||||
|
super.setUp();
|
||||||
|
ctx = new ClassPathXmlApplicationContext("applicationContext-annotations.xml");
|
||||||
|
service = (BankService) ctx.getBean("bankService");
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void main(String[] args) {
|
||||||
|
junit.textui.TestRunner.run(BankTests.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testDeniedAccess() throws Exception {
|
||||||
|
createSecureContext();
|
||||||
|
|
||||||
|
try {
|
||||||
|
service.balance("1");
|
||||||
|
fail("Should have thrown AccessDeniedException");
|
||||||
|
} catch (AccessDeniedException expected) {
|
||||||
|
assertTrue(true);
|
||||||
|
}
|
||||||
|
|
||||||
|
destroySecureContext();
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testListAccounts() throws Exception {
|
||||||
|
createSecureContext();
|
||||||
|
service.listAccounts();
|
||||||
|
destroySecureContext();
|
||||||
|
}
|
||||||
|
|
||||||
|
private static void createSecureContext() {
|
||||||
|
TestingAuthenticationToken auth = new TestingAuthenticationToken("test",
|
||||||
|
"test",
|
||||||
|
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_TELLER"), new GrantedAuthorityImpl(
|
||||||
|
"ROLE_PERMISSION_LIST")});
|
||||||
|
|
||||||
|
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||||
|
}
|
||||||
|
|
||||||
|
private static void destroySecureContext() {
|
||||||
|
SecurityContextHolder.setContext(new SecurityContextImpl());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
x
Reference in New Issue
Block a user