From 6ddc006012a2ac9997baf0c1118517bfd19c3ec5 Mon Sep 17 00:00:00 2001
From: Ben Alex <ben.alex@springsource.com>
Date: Fri, 2 Apr 2004 12:00:29 +0000
Subject: [PATCH] Modify MethodSecurityInterceptor to new location, remove
 unnecessary comments, add a DAO authentication provider so the
 MethodSecurityInterceptor can validate Authentication objects presented by
 the HTTP filter authentication system.

---
 .../contacts/war/WEB-INF/contacts-servlet.xml | 43 ++++++++++++-------
 1 file changed, 28 insertions(+), 15 deletions(-)

diff --git a/samples/contacts/war/WEB-INF/contacts-servlet.xml b/samples/contacts/war/WEB-INF/contacts-servlet.xml
index 83dce57e89..6c771b534f 100644
--- a/samples/contacts/war/WEB-INF/contacts-servlet.xml
+++ b/samples/contacts/war/WEB-INF/contacts-servlet.xml
@@ -60,28 +60,41 @@
 
 	<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHENTICATION DEFINITIONS ~~~~~~~~~~~~~~~~~~ -->
 	
-	<!-- We rely on the Because the web container to authenticate the user -->
-
-	<!-- Authentication provider that accepts as valid our RunAsManagerImpl created tokens -->
 	<bean id="runAsAuthenticationProvider" class="net.sf.acegisecurity.runas.RunAsImplAuthenticationProvider">
      	<property name="key"><value>my_run_as_password</value></property>
  	</bean>
 
-	<!-- Authentication provider that accepts as valid any adapter-created Authentication token  -->
 	<bean id="authByAdapterProvider" class="net.sf.acegisecurity.adapters.AuthByAdapterProvider">
   		<property name="key"><value>my_password</value></property>
  	</bean>
 
-	<!-- The authentication manager that iterates through our authentication providers -->
-	<bean id="providerManager" class="net.sf.acegisecurity.providers.ProviderManager">
+	<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
 		<property name="providers">
 		  <list>
 		    <ref bean="runAsAuthenticationProvider"/>
 		    <ref bean="authByAdapterProvider"/>
+		    <ref bean="daoAuthenticationProvider"/>
 		  </list>
 		</property>
 	</bean>
 
+	<bean id="inMemoryDaoImpl" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
+  		<property name="userMap">
+			<value>
+				marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
+				dianne=emu,ROLE_TELLER
+				scott=wombat,ROLE_TELLER
+				peter=opal,disabled,ROLE_TELLER
+			</value>
+		</property>
+	</bean>
+	
+	<bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
+     	<property name="authenticationDao"><ref bean="inMemoryDaoImpl"/></property>
+ 		<property name="ignorePasswordCase"><value>false</value></property>
+ 		<property name="ignoreUsernameCase"><value>true</value></property>
+	</bean>
+
 	<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~~~~ -->
 
 	<!-- An access decision voter that reads ROLE_* configuaration settings -->
@@ -91,7 +104,7 @@
 	<bean id="contactSecurityVoter" class="sample.contact.ContactSecurityVoter"/>
 
 	<!-- An affirmative access decision manager -->
-	<bean id="affirmativeBased" class="net.sf.acegisecurity.vote.AffirmativeBased">
+	<bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
    		<property name="allowIfAllAbstainDecisions"><value>false</value></property>
 		<property name="decisionVoters">
 		  <list>
@@ -103,11 +116,11 @@
 
 	<!-- ===================== SECURITY DEFINITIONS ======================= -->
 	
-	<bean id="publicContactManagerSecurity" class="net.sf.acegisecurity.SecurityInterceptor">
-    	<property name="authenticationManager"><ref bean="providerManager"/></property>
-    	<property name="accessDecisionManager"><ref bean="affirmativeBased"/></property>
+	<bean id="publicContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
+    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
+    	<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
     	<property name="runAsManager"><ref bean="runAsManager"/></property>
- 		<property name="methodDefinitionSource">
+ 		<property name="objectDefinitionSource">
 			<value>
 				sample.contact.ContactManager.delete=ROLE_SUPERVISOR,RUN_AS_SERVER
 				sample.contact.ContactManager.getAllByOwner=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
@@ -118,11 +131,11 @@
 	</bean>
 
 	<!-- We expect all callers of the backend object to hold the role ROLE_RUN_AS_SERVER -->
-	<bean id="backendContactManagerSecurity" class="net.sf.acegisecurity.SecurityInterceptor">
-    	<property name="authenticationManager"><ref bean="providerManager"/></property>
-    	<property name="accessDecisionManager"><ref bean="affirmativeBased"/></property>
+	<bean id="backendContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
+    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
+    	<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
     	<property name="runAsManager"><ref bean="runAsManager"/></property>
- 		<property name="methodDefinitionSource">
+ 		<property name="objectDefinitionSource">
 			<value>
 				sample.contact.ContactManager.delete=ROLE_RUN_AS_SERVER
 				sample.contact.ContactManager.getAllByOwner=ROLE_RUN_AS_SERVER