52 lines
2.6 KiB
Plaintext
52 lines
2.6 KiB
Plaintext
===============================================================================
|
|
QUICK-START SAMPLE
|
|
===============================================================================
|
|
|
|
Acegi Security's flexibility can be a bit daunting. Because projects only have
|
|
so much budget, and people only have so much time, often the complexity of
|
|
getting started can seem too high a price to pay. The quick-start sample is
|
|
designed to provide you the basic building blocks needed to be added to your
|
|
existing application.
|
|
|
|
Quick-start is not executable or deployable. It's just a convenient, simple
|
|
place where you can see what needs to be added to your web application's
|
|
existing files and directories.
|
|
|
|
What you _will_ need to change in the quick-start configuration:
|
|
|
|
- It protects a /secure directory from HTTP requests. The /secure directory
|
|
is included (along with a debug.jsp you might find useful), but can be
|
|
deleted as soon as you are up and running. You'll need to setup your own
|
|
URLs to protect in the applicationContext.xml. Search for the
|
|
FilterInvocationInterceptor bean.
|
|
|
|
What you _may_ need to change in the quick-start configuration:
|
|
|
|
- It uses an in-memory list of users as your authentication repository. This
|
|
means you edit the XML file to add users, change their roles etc. If you'd
|
|
prefer to use a database, remove the InMemoryDaoImpl from the
|
|
applicationContext.xml, and add in a JdbcDaoImpl bean. For an example of
|
|
using the JdbcDaoImpl, search the reference guide.
|
|
|
|
What does this buy you? Not a great deal more than using the Servlet spec
|
|
(although we do support regular expressions and Ant paths for URL matching)!
|
|
Seriously, you can use the Servlet spec to protect URLs, so why bother?
|
|
The quick-start sample provides you the BASE security building blocks for
|
|
your application. Whilst there's nothing wrong with using it instead of the
|
|
Servlet spec security just for the better path support or avoiding the
|
|
multitude of container authentication configurations, most people will use it
|
|
because this foundation allows you to simply tweak configuration if you wish
|
|
to:
|
|
|
|
- Protect your business beans (search for MethodSecurityInterceptor in docs)
|
|
- Use enterprise-wide single sign on (see CAS section in docs)
|
|
- Use custom authorization voters (see Authorization section in docs)
|
|
- Deploy custom authentication providers (see Authentication section in docs)
|
|
- Perform BASIC authentication (search for BasicProcessingFilter in docs)
|
|
- Automate HTTPS redirection (see Channel Security section in docs)
|
|
|
|
Good luck! Don't forget we're happy to help. See the end of the docs for
|
|
contact details.
|
|
|
|
$Id$
|