Vishal Puri
19 years ago
45 changed files with 37 additions and 2903 deletions
@ -1,50 +0,0 @@
@@ -1,50 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import java.util.ArrayList; |
||||
import java.util.List; |
||||
import java.util.Map; |
||||
|
||||
import org.acegisecurity.ui.AccessDeniedHandler; |
||||
import org.acegisecurity.ui.ExceptionTranslationFilter; |
||||
import org.springframework.beans.BeansException; |
||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.util.Assert; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class AccessDeniedHandlerBeanDefinitionLocator implements BeanFactoryPostProcessor { |
||||
|
||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException { |
||||
|
||||
Map m = beanFactory.getBeansOfType(AccessDeniedHandler.class); |
||||
|
||||
List l = new ArrayList(m.values()); |
||||
|
||||
|
||||
|
||||
if (m.size() > 1) { |
||||
throw new IllegalArgumentException( |
||||
"More than one AccessDeniedHandler beans detected please refer to the one using " |
||||
+ " [ accessDeniedBeanRef ] " + "attribute"); |
||||
} |
||||
else if (m.size() == 1) { |
||||
// use this
|
||||
String[] names = beanFactory.getBeanNamesForType(ExceptionTranslationFilter.class); |
||||
Assert.notEmpty(names, "No bean of type ExceptionTranslationFilter found in ApplicationContext"); |
||||
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[0]); |
||||
Assert.isAssignable(AccessDeniedHandler.class, l.get(0).getClass()); |
||||
definition.getPropertyValues().addPropertyValue("accessDeniedHandler", l.get(0)); |
||||
} |
||||
else { |
||||
// use the default one for now
|
||||
} |
||||
|
||||
} |
||||
} |
||||
@ -1,73 +0,0 @@
@@ -1,73 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.providers.ProviderManager; |
||||
import org.springframework.beans.factory.config.BeanDefinitionHolder; |
||||
import org.springframework.beans.factory.config.RuntimeBeanReference; |
||||
import org.springframework.beans.factory.support.AbstractBeanDefinition; |
||||
import org.springframework.beans.factory.support.ManagedList; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.BeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.ParserContext; |
||||
import org.springframework.util.Assert; |
||||
import org.springframework.util.StringUtils; |
||||
import org.w3c.dom.Element; |
||||
import org.w3c.dom.Node; |
||||
import org.w3c.dom.NodeList; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDefinitionParser implements |
||||
BeanDefinitionParser { |
||||
|
||||
private static final String AUTHENTICATION_JDBC = "authentication-jdbc"; |
||||
|
||||
private static final String REF = "ref"; |
||||
|
||||
private boolean providerExists = false; |
||||
|
||||
|
||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { |
||||
|
||||
ManagedList providers = new ManagedList(); |
||||
Assert.notNull(parserContext, "ParserContext must not be null"); |
||||
RootBeanDefinition authMechanismBeanDef = new RootBeanDefinition(ProviderManager.class); |
||||
NodeList childNodes = element.getChildNodes(); |
||||
|
||||
for (int i = 0, n = childNodes.getLength(); i < n; i++) { |
||||
Node node = childNodes.item(i); |
||||
|
||||
if (node.getNodeType() == Node.ELEMENT_NODE) { |
||||
Element childElement = (Element) node; |
||||
this.providerExists = true; |
||||
|
||||
if (AUTHENTICATION_JDBC.equals(node.getLocalName())) { |
||||
String attribute = childElement.getAttribute(REF); |
||||
if (StringUtils.hasLength(attribute)) { |
||||
// create a beandefinition
|
||||
providers.add(new RuntimeBeanReference(attribute)); |
||||
} |
||||
|
||||
} |
||||
// TODO:Add other providers here
|
||||
} |
||||
authMechanismBeanDef.getPropertyValues().addPropertyValue("providers", providers); |
||||
|
||||
} |
||||
|
||||
if (!this.providerExists) { |
||||
RootBeanDefinition rootBeanDefinition = new RootBeanDefinition(AuthenticationProviderOrderResolver.class); |
||||
BeanDefinitionHolder beanDefinitionHolder = new BeanDefinitionHolder(rootBeanDefinition, |
||||
"providerOrderResolver"); |
||||
registerBeanDefinition(beanDefinitionHolder, parserContext.getRegistry()); |
||||
} |
||||
|
||||
return authMechanismBeanDef; |
||||
|
||||
} |
||||
} |
||||
@ -1,58 +0,0 @@
@@ -1,58 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter; |
||||
import org.springframework.beans.factory.support.AbstractBeanDefinition; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.BeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.ParserContext; |
||||
import org.springframework.util.StringUtils; |
||||
import org.w3c.dom.Element; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class AuthenticationProcessingFilterBeanDefinitionParser extends AbstractBeanDefinitionParser implements |
||||
BeanDefinitionParser { |
||||
|
||||
// ~ Instance fields
|
||||
// ================================================================================================
|
||||
|
||||
private static final String AUTHENTICATION_URL = "authenticationUrl"; |
||||
|
||||
private static final String ERROR_FORM_URL = "errorFormUrl"; |
||||
|
||||
private static final String DEFAULT_TARGET_URL = "defaultTargetUrl"; |
||||
|
||||
// ~ Methods
|
||||
// ================================================================================================
|
||||
|
||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { |
||||
|
||||
RootBeanDefinition definition = new RootBeanDefinition(AuthenticationProcessingFilter.class); |
||||
|
||||
setPropertyIfAvailable(element, AUTHENTICATION_URL, "filterProcessesUrl", definition); |
||||
setPropertyIfAvailable(element, ERROR_FORM_URL, "authenticationFailureUrl", definition); |
||||
setPropertyIfAvailable(element, DEFAULT_TARGET_URL, "defaultTargetUrl", definition); |
||||
|
||||
// register BFPP to re-unite all other collaborators
|
||||
RootBeanDefinition postProcessor = new RootBeanDefinition( |
||||
AuthenticationProcessingFilterDependenciesConfigurer.class); |
||||
parserContext.getReaderContext().registerWithGeneratedName(postProcessor); |
||||
|
||||
return definition; |
||||
} |
||||
|
||||
private void setPropertyIfAvailable(Element element, String attribute, String property, |
||||
RootBeanDefinition definition) { |
||||
String propertyValue = element.getAttribute(attribute); |
||||
if (StringUtils.hasText(propertyValue)) { |
||||
definition.getPropertyValues().addPropertyValue(property, propertyValue); |
||||
} |
||||
} |
||||
|
||||
} |
||||
@ -1,43 +0,0 @@
@@ -1,43 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.AuthenticationManager; |
||||
import org.acegisecurity.ui.rememberme.RememberMeServices; |
||||
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter; |
||||
import org.springframework.beans.BeansException; |
||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class AuthenticationProcessingFilterDependenciesConfigurer implements BeanFactoryPostProcessor { |
||||
|
||||
// ~ Methods
|
||||
// ================================================================================================
|
||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException { |
||||
|
||||
String [] authenticationProcessingFilter = beanFactory.getBeanNamesForType(AuthenticationProcessingFilter.class); |
||||
|
||||
RootBeanDefinition def = (RootBeanDefinition)beanFactory.getBeanDefinition(authenticationProcessingFilter[0]); |
||||
|
||||
String[] remServiceNames = beanFactory.getBeanNamesForType(RememberMeServices.class); |
||||
|
||||
RootBeanDefinition rememberMeServices = (RootBeanDefinition) beanFactory.getBeanDefinition(remServiceNames[0]); |
||||
|
||||
if (remServiceNames.length > 0) |
||||
def.getPropertyValues() |
||||
.addPropertyValue("rememberMeServices", rememberMeServices); |
||||
|
||||
String[] authManager = beanFactory.getBeanNamesForType(AuthenticationManager.class); |
||||
|
||||
RootBeanDefinition authenticationManager = (RootBeanDefinition) beanFactory.getBeanDefinition(authManager[0]); |
||||
|
||||
if (authManager.length > 0) |
||||
def.getPropertyValues().addPropertyValue("authenticationManager", authenticationManager); |
||||
} |
||||
} |
||||
@ -1,46 +0,0 @@
@@ -1,46 +0,0 @@
|
||||
package org.acegisecurity.config; |
||||
|
||||
import java.util.ArrayList; |
||||
import java.util.Arrays; |
||||
import java.util.Collections; |
||||
import java.util.List; |
||||
|
||||
import org.acegisecurity.AuthenticationManager; |
||||
import org.acegisecurity.providers.AuthenticationProvider; |
||||
import org.springframework.beans.BeansException; |
||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.beans.factory.support.ManagedList; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.core.OrderComparator; |
||||
|
||||
public class AuthenticationProviderOrderResolver implements BeanFactoryPostProcessor { |
||||
|
||||
/** |
||||
* |
||||
*/ |
||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException { |
||||
// retrieve all the AuthenticationProvider instances
|
||||
ManagedList providers = retrieveAllAuthenticationProviders(beanFactory); |
||||
String[] names = beanFactory.getBeanNamesForType(AuthenticationManager.class); |
||||
RootBeanDefinition definition = (RootBeanDefinition)beanFactory.getBeanDefinition(names[0]); |
||||
definition.getPropertyValues().addPropertyValue("providers",providers); |
||||
} |
||||
/** |
||||
* |
||||
* @param beanFactory |
||||
* @return |
||||
*/ |
||||
private ManagedList retrieveAllAuthenticationProviders(ConfigurableListableBeanFactory beanFactory) { |
||||
String[] m = beanFactory.getBeanNamesForType(AuthenticationProvider.class); |
||||
ManagedList l = new ManagedList(); |
||||
for(int i=0;i<m.length;i++){ |
||||
RootBeanDefinition def = (RootBeanDefinition)beanFactory.getBeanDefinition(m[i]); |
||||
l.add(def); |
||||
} |
||||
Collections.sort(l, new OrderComparator()); |
||||
return l; |
||||
} |
||||
|
||||
|
||||
} |
||||
@ -1,196 +0,0 @@
@@ -1,196 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.providers.dao.DaoAuthenticationProvider; |
||||
import org.acegisecurity.providers.dao.salt.ReflectionSaltSource; |
||||
import org.acegisecurity.providers.dao.salt.SystemWideSaltSource; |
||||
import org.acegisecurity.providers.encoding.Md5PasswordEncoder; |
||||
import org.springframework.beans.factory.config.BeanDefinitionHolder; |
||||
import org.springframework.beans.factory.config.RuntimeBeanReference; |
||||
import org.springframework.beans.factory.support.AbstractBeanDefinition; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.ParserContext; |
||||
import org.springframework.util.Assert; |
||||
import org.springframework.util.StringUtils; |
||||
import org.springframework.util.xml.DomUtils; |
||||
import org.w3c.dom.Element; |
||||
import org.w3c.dom.Node; |
||||
import org.w3c.dom.NodeList; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser { |
||||
|
||||
// ~ Instance fields
|
||||
// ================================================================================================
|
||||
|
||||
private static final String REPOSITORY_BEAN_REF = "repositoryBeanRef"; |
||||
|
||||
private static final String USER_DETAILS_SERVICE = "userDetailsService"; |
||||
|
||||
private static final String SALT_SOURCE_ELEMENT = "salt-source"; |
||||
|
||||
private static final String SALT_SOURCE_REF = "saltSourceBeanRef"; |
||||
|
||||
private static final String SYSTEM_WIDE_SALT_SOURCE = "system-wide"; |
||||
|
||||
private static final String REFLECTION_SALT_SOURCE = "reflection"; |
||||
|
||||
private static final String PASSWORD_ENCODER_ELEMENT = "password-encoder"; |
||||
|
||||
private static final String PASSWORD_ENCODER_REF = "encoderBeanRef"; |
||||
|
||||
private static final String PASSWORD_ENCODER = "encoder"; |
||||
|
||||
// ~ Method
|
||||
// ================================================================================================
|
||||
/** |
||||
* TODO: Document Me !!! |
||||
*/ |
||||
public AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { |
||||
Assert.notNull(parserContext, "ParserContext must not be null"); |
||||
|
||||
RootBeanDefinition repositoryBeanDef = new RootBeanDefinition(DaoAuthenticationProvider.class); |
||||
|
||||
// check if saltSource is defined
|
||||
Element saltSourceEle = DomUtils.getChildElementByTagName(element, SALT_SOURCE_ELEMENT); |
||||
setSaltSourceProperty(repositoryBeanDef, saltSourceEle); |
||||
|
||||
Element passwordEncoderEle = DomUtils.getChildElementByTagName(element, PASSWORD_ENCODER_ELEMENT); |
||||
setPasswordEncoderProperty(repositoryBeanDef, passwordEncoderEle); |
||||
|
||||
// if repositoryBeanRef is specified use its referred bean
|
||||
String userDetailsRef = element.getAttribute(REPOSITORY_BEAN_REF); |
||||
if (StringUtils.hasLength(userDetailsRef)) { |
||||
repositoryBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE, |
||||
new RuntimeBeanReference(userDetailsRef)); |
||||
} |
||||
else { |
||||
// autodetect userDetailsService from App Context
|
||||
RootBeanDefinition depConfigurer = new RootBeanDefinition( |
||||
AuthenticationRepositoryDependenciesConfigurer.class); |
||||
BeanDefinitionHolder holder = new BeanDefinitionHolder(depConfigurer, parserContext.getReaderContext().generateBeanName(depConfigurer)); |
||||
registerBeanDefinition(holder, parserContext.getRegistry()); |
||||
} |
||||
return repositoryBeanDef; |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param repositoryBeanDef |
||||
* @param element |
||||
*/ |
||||
private void setSaltSourceProperty(RootBeanDefinition repositoryBeanDef, Element element) { |
||||
if (element != null) { |
||||
setBeanReferenceOrInnerBeanDefinitions(repositoryBeanDef, element, "saltSource", element |
||||
.getAttribute(SALT_SOURCE_REF)); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param repositoryBeanDef |
||||
* @param element |
||||
*/ |
||||
private void setPasswordEncoderProperty(RootBeanDefinition repositoryBeanDef, Element element) { |
||||
if (element != null) { |
||||
setBeanReferenceOrInnerBeanDefinitions(repositoryBeanDef, element, "passwordEncoder", element |
||||
.getAttribute(PASSWORD_ENCODER_REF)); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param repositoryBeanDef |
||||
* @param element |
||||
* @param property |
||||
* @param reference |
||||
*/ |
||||
private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition repositoryBeanDef, Element element, |
||||
String property, String reference) { |
||||
// check for encoderBeanRef attribute
|
||||
if (StringUtils.hasLength(reference)) { |
||||
repositoryBeanDef.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(reference)); |
||||
} |
||||
else { |
||||
doSetInnerBeanDefinitions(repositoryBeanDef, element, property); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param repositoryBeanDef |
||||
* @param element |
||||
* @param property |
||||
*/ |
||||
private void doSetInnerBeanDefinitions(RootBeanDefinition repositoryBeanDef, Element element, String property) { |
||||
NodeList children = element.getChildNodes(); |
||||
for (int i = 0, n = children.getLength(); i < n; i++) { |
||||
Node node = children.item(i); |
||||
|
||||
if (node.getNodeType() == Node.ELEMENT_NODE) { |
||||
Element childElement = (Element) node; |
||||
RootBeanDefinition innerBeanDefinition = null; |
||||
|
||||
if (SYSTEM_WIDE_SALT_SOURCE.equals(node.getLocalName())) { |
||||
innerBeanDefinition = createSystemWideSaltSource(childElement); |
||||
repositoryBeanDef.getPropertyValues().addPropertyValue(property, innerBeanDefinition); |
||||
} |
||||
else if (REFLECTION_SALT_SOURCE.equals(node.getLocalName())) { |
||||
innerBeanDefinition = createReflectionSaltSource(childElement); |
||||
repositoryBeanDef.getPropertyValues().addPropertyValue(property, innerBeanDefinition); |
||||
} |
||||
if (PASSWORD_ENCODER.equals(node.getLocalName())) { |
||||
RootBeanDefinition passwordEncoderInnerBeanDefinition = createPasswordEncoder(childElement); |
||||
repositoryBeanDef.getPropertyValues() |
||||
.addPropertyValue(property, passwordEncoderInnerBeanDefinition); |
||||
} |
||||
} |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param childElement |
||||
* @return |
||||
*/ |
||||
private RootBeanDefinition createPasswordEncoder(Element childElement) { |
||||
String attributeValue = childElement.getAttribute("method"); |
||||
RootBeanDefinition definition = null; |
||||
// TODO: add other encoders support
|
||||
if (attributeValue.equals("md5")) { |
||||
definition = new RootBeanDefinition(Md5PasswordEncoder.class); |
||||
} |
||||
return definition; |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param saltSourceTypeElement |
||||
* @return |
||||
*/ |
||||
private RootBeanDefinition createReflectionSaltSource(Element saltSourceTypeElement) { |
||||
RootBeanDefinition definition = new RootBeanDefinition(ReflectionSaltSource.class); |
||||
definition.getPropertyValues().addPropertyValue("userPropertyToUse", |
||||
saltSourceTypeElement.getAttribute("userPropertyToUse")); |
||||
return definition; |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param saltSourceTypeElement |
||||
* @return |
||||
*/ |
||||
private RootBeanDefinition createSystemWideSaltSource(Element saltSourceTypeElement) { |
||||
RootBeanDefinition definition = new RootBeanDefinition(SystemWideSaltSource.class); |
||||
definition.getPropertyValues().addPropertyValue("systemWideSalt", |
||||
saltSourceTypeElement.getAttribute("systemWideSalt")); |
||||
return definition; |
||||
} |
||||
|
||||
} |
||||
@ -1,37 +0,0 @@
@@ -1,37 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.providers.dao.DaoAuthenticationProvider; |
||||
import org.acegisecurity.userdetails.UserDetailsService; |
||||
import org.springframework.beans.BeansException; |
||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.beans.factory.config.RuntimeBeanReference; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class AuthenticationRepositoryDependenciesConfigurer implements BeanFactoryPostProcessor { |
||||
|
||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException { |
||||
System.out.println("whyyyy??????"); |
||||
String[] userDetailServices = beanFactory.getBeanNamesForType(UserDetailsService.class); |
||||
|
||||
String[] authenticationProvider = beanFactory.getBeanNamesForType(DaoAuthenticationProvider.class); |
||||
|
||||
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(authenticationProvider[0]); |
||||
|
||||
// there should be only one principal-repository defined, pick the first
|
||||
// one
|
||||
if (userDetailServices.length != 0) { |
||||
definition.getPropertyValues().addPropertyValue("userDetailsService", |
||||
new RuntimeBeanReference(userDetailServices[0])); |
||||
} |
||||
|
||||
} |
||||
|
||||
} |
||||
@ -1,78 +0,0 @@
@@ -1,78 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.context.HttpSessionContextIntegrationFilter; |
||||
import org.springframework.beans.factory.support.BeanDefinitionBuilder; |
||||
import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.ParserContext; |
||||
import org.springframework.core.Conventions; |
||||
import org.springframework.util.Assert; |
||||
import org.springframework.util.StringUtils; |
||||
import org.w3c.dom.Attr; |
||||
import org.w3c.dom.Element; |
||||
import org.w3c.dom.NamedNodeMap; |
||||
|
||||
/** |
||||
* |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class ContextIntegrationBeanDefinitionParser extends AbstractSingleBeanDefinitionParser { |
||||
|
||||
private static final String HTTP_SESSION_CONTEXT_INTEGRATION = "session-context-integration"; |
||||
|
||||
private static final String SESSION_CREATION = "sessionCreation"; |
||||
|
||||
|
||||
|
||||
private static final String IF_REQUIRED = "ifRequired"; |
||||
|
||||
private static final String ALWAYS = "always"; |
||||
|
||||
private static final String NEVER = "never"; |
||||
|
||||
|
||||
|
||||
protected Class getBeanClass(Element element) { |
||||
return HttpSessionContextIntegrationFilter.class; |
||||
} |
||||
|
||||
|
||||
|
||||
protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) { |
||||
|
||||
NamedNodeMap attributes = element.getAttributes(); |
||||
|
||||
for (int x = 0; x < attributes.getLength(); x++) { |
||||
Attr attribute = (Attr) attributes.item(x); |
||||
String attributeName = attribute.getLocalName(); |
||||
if ( !ID_ATTRIBUTE.equals(attributeName)) { |
||||
if (attributeName.equals(SESSION_CREATION)) { |
||||
String sessionCreation = element.getAttribute(SESSION_CREATION); |
||||
|
||||
if(sessionCreation.equals(IF_REQUIRED)) { |
||||
builder.addPropertyValue("allowSessionCreation", Boolean.TRUE); |
||||
} |
||||
|
||||
if(sessionCreation.equals(ALWAYS)) { |
||||
builder.addPropertyValue("allowSessionCreation", Boolean.TRUE); |
||||
} |
||||
|
||||
if(sessionCreation.equals(NEVER)) { |
||||
builder.addPropertyValue("allowSessionCreation", Boolean.FALSE); |
||||
} |
||||
} |
||||
else{ |
||||
String propertyName = Conventions.attributeNameToPropertyName(attributeName); |
||||
Assert.state(StringUtils.hasText(propertyName), |
||||
"Illegal property name returned from 'extractPropertyName(String)': cannot be null or empty."); |
||||
builder.addPropertyValue(propertyName, attribute.getValue()); |
||||
} |
||||
} |
||||
} |
||||
} |
||||
} |
||||
|
||||
|
||||
@ -1,121 +0,0 @@
@@ -1,121 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.ui.AccessDeniedHandlerImpl; |
||||
import org.acegisecurity.ui.ExceptionTranslationFilter; |
||||
import org.springframework.beans.factory.config.RuntimeBeanReference; |
||||
import org.springframework.beans.factory.support.AbstractBeanDefinition; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.ParserContext; |
||||
import org.springframework.util.StringUtils; |
||||
import org.springframework.util.xml.DomUtils; |
||||
import org.w3c.dom.Element; |
||||
|
||||
/** |
||||
* Basically accessDeniedUrl is optional, we if unspecified impl will |
||||
* auto-detect any AccessDeniedHandler in ctx and use it; alternately if there |
||||
* are > 1 such handlers, we can nominate the one to use via |
||||
* accessDeniedBeanRef; |
||||
* |
||||
* @author vpuri |
||||
* @since |
||||
*/ |
||||
public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBeanDefinitionParser { |
||||
|
||||
private static final String ACCESS_DENIED = "access-denied"; |
||||
|
||||
private static final String ACCESS_DENIED_REF = "accessDeniedBeanRef"; |
||||
|
||||
private static final String ACCESS_DENIED_URL = "accessDeniedUrl"; |
||||
|
||||
private static final String ENTRY_POINT = "entry-point"; |
||||
|
||||
private static final String ENTRY_POINT_REF ="entryPointBeanRef"; |
||||
|
||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { |
||||
|
||||
RootBeanDefinition exceptionFilterDef = new RootBeanDefinition(ExceptionTranslationFilter.class); |
||||
|
||||
// add handler
|
||||
Element accessDeniedElement = DomUtils.getChildElementByTagName(element, ACCESS_DENIED); |
||||
setAccessDeniedHandlerProperty(parserContext, exceptionFilterDef, accessDeniedElement); |
||||
|
||||
Element entryPointElement = DomUtils.getChildElementByTagName(element, ENTRY_POINT); |
||||
setEntryPointProperty(exceptionFilterDef, entryPointElement); |
||||
|
||||
return exceptionFilterDef; |
||||
} |
||||
|
||||
private void setEntryPointProperty(RootBeanDefinition exceptionFilterDef, Element entryPointElement) { |
||||
if (entryPointElement != null) { |
||||
setBeanReferenceOrInnerBeanDefinitions(exceptionFilterDef, entryPointElement, "authenticationEntryPoint", |
||||
entryPointElement.getAttribute(ENTRY_POINT_REF)); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param parserContext |
||||
* @param repositoryBeanDef |
||||
* @param element |
||||
*/ |
||||
private void setAccessDeniedHandlerProperty(ParserContext parserContext, RootBeanDefinition exceptionFilterDef, |
||||
Element accessDeniedElement) { |
||||
if (accessDeniedElement != null) { |
||||
setBeanReferenceOrInnerBeanDefinitions(exceptionFilterDef, accessDeniedElement, "accessDeniedHandler", |
||||
accessDeniedElement.getAttribute(ACCESS_DENIED_REF)); |
||||
} |
||||
else { |
||||
// register BFPP to check if handler exist in application context,
|
||||
// if > 1 throw error saying ref should be specified as there are
|
||||
// more than one
|
||||
RootBeanDefinition accessDeniedHandlerLocatorBeanDef = new RootBeanDefinition( |
||||
AccessDeniedHandlerBeanDefinitionLocator.class); |
||||
parserContext.getReaderContext().registerWithGeneratedName(accessDeniedHandlerLocatorBeanDef); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param repositoryBeanDef |
||||
* @param element |
||||
* @param property |
||||
* @param reference |
||||
*/ |
||||
private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef, |
||||
Element element, String property, String beanRef) { |
||||
// check for encoderBeanRef attribute
|
||||
if (StringUtils.hasLength(beanRef)) { |
||||
exceptionFilterDef.getPropertyValues().addPropertyValue(property, |
||||
new RuntimeBeanReference(beanRef)); |
||||
} |
||||
else { |
||||
doSetInnerBeanDefinitions(exceptionFilterDef, element, property); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param repositoryBeanDef |
||||
* @param element |
||||
* @param property |
||||
*/ |
||||
private void doSetInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef, Element accessDeniedElement, |
||||
String property) { |
||||
RootBeanDefinition accessDeniedHandlerBeanDef = new RootBeanDefinition(AccessDeniedHandlerImpl.class); |
||||
setPropertyIfAvailable(accessDeniedElement, ACCESS_DENIED_URL, "errorPage", accessDeniedHandlerBeanDef); |
||||
exceptionFilterDef.getPropertyValues().addPropertyValue(property, accessDeniedHandlerBeanDef); |
||||
|
||||
} |
||||
|
||||
private void setPropertyIfAvailable(Element element, String attribute, String property, |
||||
RootBeanDefinition definition) { |
||||
String propertyValue = element.getAttribute(attribute); |
||||
if (StringUtils.hasText(propertyValue)) { |
||||
definition.getPropertyValues().addPropertyValue(property, propertyValue); |
||||
} |
||||
} |
||||
} |
||||
@ -1,64 +0,0 @@
@@ -1,64 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.ui.logout.LogoutFilter; |
||||
import org.springframework.beans.factory.support.AbstractBeanDefinition; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.ParserContext; |
||||
import org.springframework.util.StringUtils; |
||||
import org.w3c.dom.Element; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* @since |
||||
*/ |
||||
public class LogoutFilterBeanDefinitionParser extends AbstractBeanDefinitionParser { |
||||
|
||||
// ~ Instance fields
|
||||
// ================================================================================================
|
||||
private static final String REDIRECT_AFTER_LOGOUT_URL = "redirectAfterLogoutUrl"; |
||||
|
||||
private static final String LOGOUT_URL = "logoutUrl"; |
||||
|
||||
// ~ Methods
|
||||
// ================================================================================================
|
||||
|
||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { |
||||
|
||||
// add the properties
|
||||
RootBeanDefinition definition = new RootBeanDefinition(LogoutFilter.class); |
||||
setConstructorArgumentIfAvailable(0, element, REDIRECT_AFTER_LOGOUT_URL, "logoutSuccessUrl", definition); |
||||
|
||||
setPropertyIfAvailable(element, LOGOUT_URL, "filterProcessesUrl", definition); |
||||
|
||||
// register BFPP to check if LogoutFilter does not have setHandlers
|
||||
// populated, introspect app ctx for LogoutHandlers, using Ordered (if
|
||||
// present, otherwise assume Integer.MAX_VALUE)
|
||||
RootBeanDefinition bfpp = new RootBeanDefinition(LogoutHandlerOrderResolver.class); |
||||
parserContext.getReaderContext().registerWithGeneratedName(bfpp); |
||||
|
||||
return definition; |
||||
} |
||||
|
||||
private void setConstructorArgumentIfAvailable(int index, Element element, String attribute, String property, |
||||
RootBeanDefinition definition) { |
||||
String propertyValue = element.getAttribute(attribute); |
||||
if (StringUtils.hasText(propertyValue)) { |
||||
definition.getConstructorArgumentValues().addIndexedArgumentValue(index, propertyValue); |
||||
} |
||||
} |
||||
|
||||
private void setPropertyIfAvailable(Element element, String attribute, String property, |
||||
RootBeanDefinition definition) { |
||||
String propertyValue = element.getAttribute(attribute); |
||||
if (StringUtils.hasText(propertyValue)) { |
||||
definition.getPropertyValues().addPropertyValue(property, propertyValue); |
||||
} |
||||
} |
||||
|
||||
//
|
||||
|
||||
} |
||||
@ -1,95 +0,0 @@
@@ -1,95 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import java.util.Collections; |
||||
import java.util.List; |
||||
|
||||
import org.acegisecurity.ui.logout.LogoutFilter; |
||||
import org.acegisecurity.ui.logout.LogoutHandler; |
||||
import org.acegisecurity.ui.logout.SecurityContextLogoutHandler; |
||||
import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices; |
||||
import org.springframework.beans.BeansException; |
||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.beans.factory.config.ConstructorArgumentValues.ValueHolder; |
||||
import org.springframework.beans.factory.support.ManagedList; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.core.OrderComparator; |
||||
import org.springframework.core.Ordered; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* @since |
||||
*/ |
||||
public class LogoutHandlerOrderResolver implements BeanFactoryPostProcessor { |
||||
|
||||
// ~ Methods
|
||||
// ================================================================================================
|
||||
|
||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException { |
||||
// If LogoutFilter does not have setHandlers populated, introspect app
|
||||
// ctx for LogoutHandlers, using Ordered (if present, otherwise assume
|
||||
// Integer.MAX_VALUE)
|
||||
String[] names = beanFactory.getBeanNamesForType(LogoutFilter.class); |
||||
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[0]); |
||||
ValueHolder holder = getHandlersIfConfigured(beanFactory, definition); |
||||
if (holder == null) { |
||||
// intropect the appcontext for registerd LogoutHandler
|
||||
List logoutHandlers = retrieveAllLogoutHandlers(beanFactory); |
||||
definition.getConstructorArgumentValues().addIndexedArgumentValue(1, logoutHandlers); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param beanFactory |
||||
* @param definition |
||||
* @return |
||||
*/ |
||||
private ValueHolder getHandlersIfConfigured(ConfigurableListableBeanFactory beanFactory, |
||||
RootBeanDefinition definition) { |
||||
// there should be only one LogoutFilter
|
||||
return definition.getConstructorArgumentValues().getArgumentValue(1, null); |
||||
|
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param beanFactory |
||||
* @return |
||||
*/ |
||||
private List retrieveAllLogoutHandlers(ConfigurableListableBeanFactory beanFactory) { |
||||
String[] names = beanFactory.getBeanNamesForType(LogoutHandler.class); |
||||
ManagedList list = new ManagedList(); |
||||
|
||||
for (int i = 0, n = names.length; i < n; i++) { |
||||
RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[i]); |
||||
|
||||
if (definition.hasBeanClass()) { |
||||
if (Ordered.class.isAssignableFrom(definition.getBeanClass())) { |
||||
definition.getPropertyValues().addPropertyValue("order", |
||||
new Integer(getOrder(definition.getBeanClass()))); |
||||
} |
||||
else { |
||||
definition.getPropertyValues().addPropertyValue("order", new Integer(Integer.MAX_VALUE)); |
||||
} |
||||
} |
||||
list.add(definition); |
||||
} |
||||
Collections.sort(list, new OrderComparator()); |
||||
return list; |
||||
} |
||||
|
||||
private int getOrder(Class clazz) { |
||||
if (clazz.getName().equals(TokenBasedRememberMeServices.class.getName())) { |
||||
return 100; |
||||
} |
||||
if (clazz.getName().equals(SecurityContextLogoutHandler.class.getName())) { |
||||
return 200; |
||||
} |
||||
return Integer.MAX_VALUE; |
||||
} |
||||
|
||||
} |
||||
@ -1,235 +0,0 @@
@@ -1,235 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import java.util.Properties; |
||||
|
||||
import org.acegisecurity.GrantedAuthorityImpl; |
||||
import org.acegisecurity.userdetails.User; |
||||
import org.acegisecurity.userdetails.UserDetails; |
||||
import org.acegisecurity.userdetails.jdbc.JdbcDaoImpl; |
||||
import org.acegisecurity.userdetails.memory.InMemoryDaoImpl; |
||||
import org.acegisecurity.userdetails.memory.UserAttribute; |
||||
import org.acegisecurity.userdetails.memory.UserMap; |
||||
import org.apache.commons.logging.Log; |
||||
import org.apache.commons.logging.LogFactory; |
||||
import org.springframework.beans.factory.config.PropertiesFactoryBean; |
||||
import org.springframework.beans.factory.config.RuntimeBeanReference; |
||||
import org.springframework.beans.factory.support.AbstractBeanDefinition; |
||||
import org.springframework.beans.factory.support.BeanDefinitionBuilder; |
||||
import org.springframework.beans.factory.support.ManagedList; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.BeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.ParserContext; |
||||
import org.springframework.util.StringUtils; |
||||
import org.w3c.dom.Element; |
||||
import org.w3c.dom.Node; |
||||
import org.w3c.dom.NodeList; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class PrincipalRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser implements |
||||
BeanDefinitionParser { |
||||
|
||||
// ~ Static fields/initializers =====================================================================================
|
||||
|
||||
private static final Log logger = LogFactory.getLog(PrincipalRepositoryBeanDefinitionParser.class); |
||||
|
||||
// ~ Instance fields
|
||||
// ================================================================================================
|
||||
private static final String JDBC = "jdbc"; |
||||
|
||||
private static final String DATASOURCE_REF = "dataSourceBeanRef"; |
||||
|
||||
private static final String DATASOURCE = "dataSource"; |
||||
|
||||
private static final String JDBCTEMPLATE_REF = "jdbcTemplateBeanRef"; |
||||
|
||||
private static final String JDBCTEMPLATE = "jdbcTemplate"; |
||||
|
||||
private static final String AUTHORITIES_BY_USERNAME_QUERY = "authoritiesByUsernameQuery"; |
||||
|
||||
private static final String ROLE_PREFIX = "rolePrefix"; |
||||
|
||||
private static final String USERNAME_BASED_PRIMARY_KEY = "usernameBasedPrimaryKey"; |
||||
|
||||
private static final String PROPERTIES = "properties"; |
||||
|
||||
private static final String RESOURCE = "resource"; |
||||
|
||||
private static final String USER_PROPERTIES = "userProperties"; |
||||
|
||||
private static final String USER_DEFINITION = "user-definition"; |
||||
|
||||
private static final Object GRANTED_AUTHORITY = "granted-authority"; |
||||
|
||||
private static final String USERNAME = "username"; |
||||
|
||||
private static final String PASSWORD = "password"; |
||||
|
||||
private static final String ENABLED = "enabled"; |
||||
|
||||
private static final String GRANTED_AUTHORITY_REF = "granted-authority-ref"; |
||||
|
||||
private static final String AUTHORITY = "authority"; |
||||
|
||||
private static final String AUTHORITY_BEAN_REF="authorityBeanRef"; |
||||
|
||||
// ~ Method
|
||||
// ================================================================================================
|
||||
/** |
||||
* |
||||
*/ |
||||
|
||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { |
||||
NodeList userDetailsServiceChildren = element.getChildNodes(); |
||||
RootBeanDefinition userDetailsServiceDefinition = null; |
||||
for (int i = 0, n = userDetailsServiceChildren.getLength(); i < n; i++) { |
||||
Node userDetailsService = userDetailsServiceChildren.item(i); |
||||
|
||||
if (JDBC.equals(userDetailsService.getLocalName()) && userDetailsService.getNodeType() == Node.ELEMENT_NODE) { |
||||
Element ele = (Element) userDetailsService; |
||||
userDetailsServiceDefinition = parseUserDetailsServiceJdbcDefinition(ele); |
||||
userDetailsServiceDefinition.setSource(parserContext.extractSource(element)); |
||||
parserContext.getReaderContext().registerWithGeneratedName(userDetailsServiceDefinition); |
||||
} |
||||
if (PROPERTIES.equals(userDetailsService.getLocalName()) |
||||
&& userDetailsService.getNodeType() == Node.ELEMENT_NODE) { |
||||
Element ele = (Element) userDetailsService; |
||||
|
||||
userDetailsServiceDefinition = new RootBeanDefinition(InMemoryDaoImpl.class); |
||||
userDetailsServiceDefinition.getPropertyValues().addPropertyValue(USER_PROPERTIES, |
||||
new RuntimeBeanReference(createPropertiesBeanDefinition(ele, parserContext))); |
||||
userDetailsServiceDefinition.setSource(parserContext.extractSource(element)); |
||||
parserContext.getReaderContext().registerWithGeneratedName(userDetailsServiceDefinition); |
||||
} |
||||
if (USER_DEFINITION.equals(userDetailsService.getLocalName()) |
||||
&& userDetailsService.getNodeType() == Node.ELEMENT_NODE) { |
||||
Element ele = (Element) userDetailsService; |
||||
|
||||
// create a UserMap which interns uses UserMapEditor
|
||||
userDetailsServiceDefinition = createUserDefinition(ele, parserContext); |
||||
} |
||||
} |
||||
return userDetailsServiceDefinition; |
||||
} |
||||
|
||||
private RootBeanDefinition createUserDefinition(Element ele, ParserContext parserContext) { |
||||
RootBeanDefinition definition = new RootBeanDefinition(InMemoryDaoImpl.class); |
||||
|
||||
UserAttribute userAttribute = new UserAttribute(); |
||||
UserMap userMap = new UserMap(); |
||||
|
||||
setPassword(ele, userAttribute); |
||||
setEnabled(ele, userAttribute); |
||||
setAuthorities(ele, userAttribute); |
||||
|
||||
UserDetails user = new User(ele.getAttribute(USERNAME), userAttribute.getPassword(), userAttribute.isEnabled(), |
||||
true, true, true, userAttribute.getAuthorities()); |
||||
userMap.addUser(user); |
||||
definition.getPropertyValues().addPropertyValue("userMap", userMap); |
||||
return definition; |
||||
|
||||
} |
||||
|
||||
private String createPropertiesBeanDefinition(Element ele, ParserContext parserContext) { |
||||
// properties element
|
||||
RootBeanDefinition defintion = new RootBeanDefinition(PropertiesFactoryBean.class); |
||||
String propertyValue = ele.getAttribute(RESOURCE); |
||||
defintion.getPropertyValues().addPropertyValue("location", propertyValue); |
||||
defintion.setSource(parserContext.extractSource(ele)); |
||||
return parserContext.getReaderContext().registerWithGeneratedName(defintion); |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param elementToParse |
||||
* @return |
||||
*/ |
||||
private RootBeanDefinition parseUserDetailsServiceJdbcDefinition(Element elementToParse) { |
||||
// parse attributes
|
||||
RootBeanDefinition definition = new RootBeanDefinition(JdbcDaoImpl.class); |
||||
setPropertyIfAvailable(elementToParse, DATASOURCE_REF, DATASOURCE, definition); |
||||
setPropertyIfAvailable(elementToParse, JDBCTEMPLATE_REF, JDBCTEMPLATE, definition); |
||||
setPropertyIfAvailable(elementToParse, AUTHORITIES_BY_USERNAME_QUERY, AUTHORITIES_BY_USERNAME_QUERY, definition); |
||||
setPropertyIfAvailable(elementToParse, ROLE_PREFIX, ROLE_PREFIX, definition); |
||||
setPropertyIfAvailable(elementToParse, USERNAME_BASED_PRIMARY_KEY, USERNAME_BASED_PRIMARY_KEY, definition); |
||||
return definition; |
||||
} |
||||
|
||||
protected void doParseProperties(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) { |
||||
Properties parsedProps = parserContext.getDelegate().parsePropsElement(element); |
||||
builder.addPropertyValue(PROPERTIES, parsedProps); |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param element |
||||
* @param attribute |
||||
* @param property |
||||
* @param definition |
||||
*/ |
||||
private void setPropertyIfAvailable(Element element, String attribute, String property, |
||||
RootBeanDefinition definition) { |
||||
String propertyValue = element.getAttribute(attribute); |
||||
if (StringUtils.hasText(propertyValue)) { |
||||
if (propertyValue.equals(DATASOURCE_REF) || propertyValue.equals(JDBCTEMPLATE_REF)) { |
||||
definition.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(propertyValue)); |
||||
} |
||||
else { |
||||
definition.getPropertyValues().addPropertyValue(property, propertyValue); |
||||
} |
||||
} |
||||
} |
||||
|
||||
private void setPassword(Element element, UserAttribute userAttribute) { |
||||
String propertyValue = element.getAttribute(PASSWORD); |
||||
if (StringUtils.hasText(propertyValue)) { |
||||
userAttribute.setPassword(propertyValue); |
||||
} |
||||
} |
||||
|
||||
private void setEnabled(Element element, UserAttribute userAttribute) { |
||||
String propertyValue = element.getAttribute(ENABLED); |
||||
if (StringUtils.hasText(propertyValue)) { |
||||
if (propertyValue.equals("true")) { |
||||
userAttribute.setEnabled(true); |
||||
} |
||||
else { |
||||
userAttribute.setEnabled(false); |
||||
} |
||||
} |
||||
} |
||||
|
||||
private void setAuthorities(Element ele, UserAttribute userAttribute) { |
||||
// get authorities
|
||||
NodeList childNodes = ele.getChildNodes(); |
||||
|
||||
ManagedList authorities = new ManagedList(); |
||||
|
||||
for (int i = 0, n = childNodes.getLength(); i < n; i++) { |
||||
Node authorityNode = childNodes.item(i); |
||||
|
||||
if (GRANTED_AUTHORITY.equals(authorityNode.getLocalName()) |
||||
&& authorityNode.getNodeType() == Element.ELEMENT_NODE) { |
||||
Element propertyValue = (Element) authorityNode; |
||||
authorities.add(new GrantedAuthorityImpl(propertyValue.getAttribute(AUTHORITY))); |
||||
} |
||||
|
||||
if (GRANTED_AUTHORITY_REF.equals(authorityNode.getLocalName()) |
||||
&& authorityNode.getNodeType() == Element.ELEMENT_NODE) { |
||||
Element propertyValue = (Element) authorityNode; |
||||
String attribute = propertyValue.getAttribute(AUTHORITY_BEAN_REF); |
||||
if (StringUtils.hasLength(attribute)) { |
||||
authorities.add(new RuntimeBeanReference(attribute)); |
||||
} |
||||
} |
||||
} |
||||
userAttribute.setAuthorities(authorities); |
||||
} |
||||
|
||||
} |
||||
@ -1,35 +0,0 @@
@@ -1,35 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.ui.rememberme.RememberMeServices; |
||||
import org.acegisecurity.userdetails.UserDetailsService; |
||||
import org.springframework.beans.BeansException; |
||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.beans.factory.config.RuntimeBeanReference; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class RemeberMeServicesDependenciesConfigurer implements BeanFactoryPostProcessor { |
||||
|
||||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException { |
||||
|
||||
String [] userDetailServices = beanFactory.getBeanNamesForType(UserDetailsService.class); |
||||
|
||||
String [] rememberMeService = beanFactory.getBeanNamesForType(RememberMeServices.class); |
||||
|
||||
RootBeanDefinition definition=(RootBeanDefinition) beanFactory.getBeanDefinition(rememberMeService[0]); |
||||
|
||||
// there should be only one principal-repository defined, pick the first one
|
||||
if(userDetailServices.length!=0) { |
||||
definition.getPropertyValues().addPropertyValue("userDetailsService", new RuntimeBeanReference(userDetailServices[0])); |
||||
} |
||||
|
||||
} |
||||
|
||||
} |
||||
@ -1,49 +0,0 @@
@@ -1,49 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.ui.rememberme.RememberMeProcessingFilter; |
||||
import org.springframework.beans.factory.config.RuntimeBeanReference; |
||||
import org.springframework.beans.factory.support.AbstractBeanDefinition; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.ParserContext; |
||||
import org.springframework.util.Assert; |
||||
import org.springframework.util.StringUtils; |
||||
import org.w3c.dom.Element; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*@since |
||||
*/ |
||||
public class RememberMeFilterBeanDefinitionParser extends AbstractBeanDefinitionParser { |
||||
|
||||
private static final String REMEMBER_ME_SERVICES_REF = "rememberMeServicesBeanRef"; |
||||
|
||||
private static final String REMEMBER_ME_SERVICES = "rememberMeServices"; |
||||
|
||||
|
||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { |
||||
Assert.notNull(parserContext, "ParserContext must not be null"); |
||||
|
||||
RootBeanDefinition rememberMeFilterBeanDef = new RootBeanDefinition(RememberMeProcessingFilter.class); |
||||
|
||||
// detect all the required dependencies and autowire them by type
|
||||
rememberMeFilterBeanDef.setAutowireMode(AbstractBeanDefinition.AUTOWIRE_AUTODETECT); |
||||
|
||||
// check if rememberMeServicesBeanRef is defined and if it's specified use its referred bean
|
||||
String rememberMeServicesRef = element.getAttribute(REMEMBER_ME_SERVICES_REF); |
||||
if (StringUtils.hasLength(rememberMeServicesRef)) { |
||||
rememberMeFilterBeanDef.getPropertyValues().addPropertyValue(REMEMBER_ME_SERVICES, |
||||
new RuntimeBeanReference(rememberMeServicesRef)); |
||||
} |
||||
return rememberMeFilterBeanDef; |
||||
} |
||||
|
||||
|
||||
|
||||
|
||||
|
||||
} |
||||
@ -1,62 +0,0 @@
@@ -1,62 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices; |
||||
import org.springframework.beans.factory.config.RuntimeBeanReference; |
||||
import org.springframework.beans.factory.support.AbstractBeanDefinition; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.BeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.ParserContext; |
||||
import org.springframework.util.Assert; |
||||
import org.springframework.util.StringUtils; |
||||
import org.w3c.dom.Element; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class RememberMeServicesBeanDefinitionParser extends AbstractBeanDefinitionParser implements |
||||
BeanDefinitionParser { |
||||
|
||||
private static final String PRINCIPAL_REPOSITORY_BEAN_REF = "principalRepositoryBeanRef"; |
||||
|
||||
private static final String USER_DETAILS_SERVICE_PROPERTY = "userDetailsService"; |
||||
|
||||
/* |
||||
* key is optional; if unspecified, pick a rnd int and use for all unspecified key properties for acegi beans |
||||
*/ |
||||
private static final String KEY = "key"; |
||||
|
||||
/** |
||||
* |
||||
*/ |
||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { |
||||
Assert.notNull(parserContext, "ParserContext must not be null"); |
||||
|
||||
RootBeanDefinition rememberMeServicesBeanDef = new RootBeanDefinition(TokenBasedRememberMeServices.class); |
||||
|
||||
String keyValue = element.getAttribute(KEY); |
||||
if (StringUtils.hasLength(keyValue)) { |
||||
rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(KEY,keyValue); |
||||
} else { |
||||
// pick a rnd int
|
||||
} |
||||
|
||||
// check if rememberMeServicesBeanRef is defined and if it's specified use its referred bean
|
||||
String rememberMeServicesRef = element.getAttribute(PRINCIPAL_REPOSITORY_BEAN_REF); |
||||
if (StringUtils.hasLength(rememberMeServicesRef)) { |
||||
rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE_PROPERTY, |
||||
new RuntimeBeanReference(rememberMeServicesRef)); |
||||
} |
||||
else { |
||||
// register a bean definition parse
|
||||
RootBeanDefinition configurer = new RootBeanDefinition(RemeberMeServicesDependenciesConfigurer.class); |
||||
parserContext.getReaderContext().registerWithGeneratedName(configurer); |
||||
} |
||||
return rememberMeServicesBeanDef; |
||||
} |
||||
|
||||
} |
||||
@ -1,33 +0,0 @@
@@ -1,33 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.springframework.beans.factory.xml.BeanDefinitionParser; |
||||
import org.springframework.beans.factory.xml.NamespaceHandlerSupport; |
||||
|
||||
/** |
||||
* {@link org.springframework.beans.factory.xml.NamespaceHandler} for the '<code>security</code>' namespace. |
||||
* @author vpuri |
||||
* |
||||
* @since |
||||
*/ |
||||
public class SecurityNamespaceHandler extends NamespaceHandlerSupport { |
||||
|
||||
/** |
||||
* Register the {@link BeanDefinitionParser BeanDefinitionParsers} for the |
||||
* '<code>context-integration</code>', ' and '<code></code>' elements. |
||||
*/ |
||||
public void init() { |
||||
registerBeanDefinitionParser("principal-repository", new PrincipalRepositoryBeanDefinitionParser()); |
||||
registerBeanDefinitionParser("session-context-integration", new ContextIntegrationBeanDefinitionParser()); |
||||
registerBeanDefinitionParser("authentication-repository", new AuthenticationRepositoryBeanDefinitionParser()); |
||||
registerBeanDefinitionParser("authentication-mechanism", new AuthenticationMechanismBeanDefinitionParser()); |
||||
registerBeanDefinitionParser("authentication-remember-me-services", new RememberMeServicesBeanDefinitionParser()); |
||||
registerBeanDefinitionParser("authentication-remember-me-filter", new RememberMeFilterBeanDefinitionParser()); |
||||
registerBeanDefinitionParser("logout-support", new LogoutFilterBeanDefinitionParser()); |
||||
registerBeanDefinitionParser("exception-translation", new ExceptionTranslationFilterBeanDefinitionParser()); |
||||
registerBeanDefinitionParser("authentication-form", new AuthenticationProcessingFilterBeanDefinitionParser()); |
||||
} |
||||
|
||||
} |
||||
@ -1,444 +0,0 @@
@@ -1,444 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?> |
||||
|
||||
<xsd:schema xmlns="http://www.springframework.org/schema/security" |
||||
xmlns:xsd="http://www.w3.org/2001/XMLSchema" |
||||
targetNamespace="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
elementFormDefault="qualified" attributeFormDefault="unqualified"> |
||||
|
||||
<xsd:import namespace="http://www.springframework.org/schema/util" /> |
||||
|
||||
<xsd:element name="session-context-integration"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="id" type="xsd:ID"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
The unique identifier for a bean. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
|
||||
<xsd:attribute name="sessionCreation" |
||||
default="ifRequired"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
Indicates if this filter can create a HttpSession if |
||||
needed (sessions are always created sparingly, but setting this value to |
||||
false will prohibit sessions from ever being created). |
||||
Defaults to true. Do not set to false if |
||||
you have set forceEagerSessionCreation to true , |
||||
as the properties would be in conflict. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
<xsd:simpleType> |
||||
<xsd:restriction base="xsd:string"> |
||||
<xsd:enumeration value="ifRequired" /> |
||||
<xsd:enumeration value="never" /> |
||||
<xsd:enumeration value="always" /> |
||||
</xsd:restriction> |
||||
</xsd:simpleType> |
||||
</xsd:attribute> |
||||
|
||||
<xsd:attribute name="forceEagerSessionCreation" |
||||
default="false" type="defaultable-boolean" use="optional"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
Indicates if this filter is required to create a <code>HttpSession</code> |
||||
for every request before proceeding through the filter chain, even if the |
||||
<code>HttpSession</code> would not ordinarily have been created. By |
||||
default this is <code>false</code>, which is entirely appropriate for |
||||
most circumstances as you do not want a <code>HttpSession</code> |
||||
created unless the filter actually needs one. It is envisaged the main |
||||
situation in which this property would be set to <code>true</code> is |
||||
if using other filters that depend on a <code>HttpSession</code> |
||||
already existing, such as those which need to obtain a session ID. This |
||||
is only required in specialised cases, so leave it set to |
||||
<code>false</code> unless you have an actual requirement and are |
||||
conscious of the session creation overhead. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
<xsd:attribute name="cloneFromHttpSession" default="false" |
||||
type="defaultable-boolean" use="optional"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
Indicates whether the <code>SecurityContext</code> will be cloned from |
||||
the <code>HttpSession</code>. The default is to simply reference (ie |
||||
the default is <code>false</code>). The default may cause issues if |
||||
concurrent threads need to have a different security identity from other |
||||
threads being concurrently processed that share the same |
||||
<code>HttpSession</code>. In most normal environments this does not |
||||
represent an issue, as changes to the security identity in one thread is |
||||
allowed to affect the security identitiy in other threads associated with |
||||
the same <code>HttpSession</code>. For unusual cases where this is not |
||||
permitted, change this value to <code>true</code> and ensure the |
||||
{@link #context} is set to a <code>SecurityContext</code> that |
||||
implements {@link Cloneable} and overrides the <code>clone()</code> |
||||
method. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
|
||||
<xsd:element name="authentication-remember-me-filter" |
||||
type="RememberMeFilter" /> |
||||
|
||||
<xsd:complexType name="RememberMeFilter"> |
||||
<xsd:attribute name="id" type="xsd:ID"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
The unique identifier for a bean. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
<xsd:attribute name="rememberMeServicesBeanRef" |
||||
type="xsd:string" use="optional" /> |
||||
</xsd:complexType> |
||||
|
||||
<xsd:element name="authentication-remember-me-services" |
||||
type="RememberMeServices" /> |
||||
|
||||
<xsd:complexType name="RememberMeServices"> |
||||
<xsd:attribute name="id" type="xsd:ID"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
The unique identifier for a bean. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
<xsd:attribute name="key" type="xsd:string" use="optional" /> |
||||
<xsd:attribute name="principalRepositoryBeanRef" |
||||
type="xsd:string" use="optional" /> |
||||
</xsd:complexType> |
||||
|
||||
<!-- Logout Filter --> |
||||
<xsd:element name="logout-support"> |
||||
<xsd:complexType> |
||||
<!-- Write other attributes --> |
||||
<xsd:attribute name="id" type="xsd:ID"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
The unique identifier for a bean. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
<xsd:attribute name="redirectAfterLogoutUrl" |
||||
type="xsd:string" default="/" /> |
||||
<xsd:attribute name="logoutUrl" type="xsd:string" |
||||
default="/logout" /> |
||||
<xsd:anyAttribute namespace="##other" processContents="lax"/> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
|
||||
|
||||
<!-- Exception Translation Filter --> |
||||
<xsd:element name="exception-translation" |
||||
type="ExceptionTranslation" /> |
||||
|
||||
<xsd:complexType name="ExceptionTranslation"> |
||||
<xsd:all> |
||||
<xsd:element ref="entry-point" maxOccurs="1" /> |
||||
<xsd:element ref="access-denied" maxOccurs="1" |
||||
minOccurs="0" /> |
||||
</xsd:all> |
||||
<xsd:attribute name="id" type="xsd:ID"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
The unique identifier for a bean. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
</xsd:complexType> |
||||
|
||||
<xsd:element name="entry-point"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="entryPointBeanRef" type="xsd:string" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
|
||||
<xsd:element name="access-denied"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="accessDeniedUrl" type="xsd:string" |
||||
use="optional" /> |
||||
<xsd:attribute name="accessDeniedBeanRef" type="xsd:string" |
||||
use="optional" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
|
||||
<!-- AuthenticationProcessigFilter --> |
||||
<xsd:element name="authentication-form" |
||||
type="AuthenticationProcessingFilter" /> |
||||
|
||||
<xsd:complexType name="AuthenticationProcessingFilter"> |
||||
<xsd:attribute name="id" type="xsd:ID"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
The unique identifier for a bean. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
<xsd:attribute name="authenticationUrl" type="xsd:string" |
||||
use="required"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
The URL destination that this filter intercepts and processes (usually something like |
||||
/login) |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
<xsd:attribute name="defaultTargetUrl" type="xsd:string" |
||||
use="required"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
Where to redirect the browser to if authentication is successful but ACEGI_SAVED_REQUEST_KEY is |
||||
null |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
<xsd:attribute name="errorFormUrl" type="xsd:string" |
||||
use="required"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
Where to redirect the browser to if authentication fails. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
</xsd:complexType> |
||||
|
||||
|
||||
|
||||
<xsd:element name="authentication-mechanism" |
||||
type="AuthenticationManager" /> |
||||
|
||||
<xsd:complexType name="AuthenticationManager"> |
||||
<xsd:sequence> |
||||
<xsd:element ref="authentication-jdbc" minOccurs="0" |
||||
maxOccurs="1" /> |
||||
<xsd:element ref="authentication-ldap" minOccurs="0" |
||||
maxOccurs="1" /> |
||||
</xsd:sequence> |
||||
<xsd:attribute name="id" type="xsd:ID"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
The unique identifier for a bean. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
</xsd:complexType> |
||||
|
||||
<xsd:element name="authentication-jdbc"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="ref" type="xsd:string" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
|
||||
<xsd:element name="authentication-ldap"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="ref" type="xsd:string" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<xsd:element name="principal-repository" type="PrincipalRepository" /> |
||||
|
||||
<xsd:complexType name="PrincipalRepository"> |
||||
<xsd:choice> |
||||
<xsd:element ref="jdbc" minOccurs="0" maxOccurs="1" /> |
||||
<xsd:element ref="ldap" minOccurs="0" maxOccurs="1" /> |
||||
<xsd:element ref="properties" minOccurs="0" maxOccurs="1" /> |
||||
<xsd:element ref="user-definition" minOccurs="0" |
||||
maxOccurs="unbounded" /> |
||||
</xsd:choice> |
||||
<xsd:attribute name="id" type="xsd:ID"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
The unique identifier for a bean. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
</xsd:complexType> |
||||
|
||||
<xsd:element name="jdbc"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="dataSourceBeanRef" type="xsd:string" /> |
||||
<xsd:attribute name="authoritiesByUsernameQuery" |
||||
type="xsd:string" use="optional" /> |
||||
<xsd:attribute name="jdbcTemplateBeanRef" type="xsd:string" |
||||
use="optional" /> |
||||
<xsd:attribute name="rolePrefix" type="xsd:string" |
||||
use="optional" /> |
||||
<xsd:attribute name="usernameBasedPrimaryKey" |
||||
type="xsd:boolean" use="optional" /> |
||||
<xsd:attribute name="usersByUsernameQuery" type="xsd:string" |
||||
use="optional" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
|
||||
|
||||
<xsd:element name="ldap"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="not-yet-defined" type="xsd:string" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
|
||||
<xsd:element name="properties"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="resource" type="xsd:string" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
|
||||
<xsd:element name="user-definition"> |
||||
<xsd:complexType> |
||||
<xsd:sequence> |
||||
<xsd:element name="granted-authority" minOccurs="0" |
||||
maxOccurs="unbounded"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="authority" |
||||
type="xsd:string" use="required" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
<xsd:element name="granted-authority-ref" minOccurs="0" |
||||
maxOccurs="unbounded"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="authorityBeanRef" |
||||
type="xsd:string" use="required" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
</xsd:sequence> |
||||
<xsd:attribute name="username" type="xsd:string" |
||||
use="required" /> |
||||
<xsd:attribute name="password" type="xsd:string" /> |
||||
<xsd:attribute name="enabled" type="xsd:boolean" /> |
||||
<xsd:anyAttribute namespace="##local" |
||||
processContents="strict" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
|
||||
|
||||
<xsd:element name="authentication-repository" |
||||
type="AuthenticationRepositoryType" /> |
||||
|
||||
<xsd:complexType name="AuthenticationRepositoryType"> |
||||
<xsd:sequence> |
||||
<xsd:element name="salt-source" type="SaltSource" |
||||
minOccurs="0" maxOccurs="1" /> |
||||
<xsd:element name="password-encoder" type="PasswordEncoder" |
||||
minOccurs="0" maxOccurs="1" /> |
||||
</xsd:sequence> |
||||
<xsd:attributeGroup ref="AuthenticationRepositoryAttributes" /> |
||||
</xsd:complexType> |
||||
|
||||
<!-- <security:salt-source source="systemwide|reflection" salt="salt"/> --> |
||||
<xsd:complexType name="SaltSource"> |
||||
<xsd:sequence> |
||||
<xsd:choice minOccurs="0" maxOccurs="1"> |
||||
<xsd:element name="system-wide"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="systemWideSalt" |
||||
type="xsd:string" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
<xsd:element name="reflection"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="userPropertyToUse" |
||||
type="xsd:string" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
</xsd:choice> |
||||
</xsd:sequence> |
||||
<xsd:attribute name="saltSourceBeanRef" type="xsd:string" |
||||
use="optional" /> |
||||
</xsd:complexType> |
||||
|
||||
<xsd:complexType name="PasswordEncoder"> |
||||
<xsd:sequence> |
||||
<xsd:choice minOccurs="0" maxOccurs="1"> |
||||
<xsd:element name="encoder"> |
||||
<xsd:complexType> |
||||
<xsd:attribute name="method" type="encoders" /> |
||||
</xsd:complexType> |
||||
</xsd:element> |
||||
</xsd:choice> |
||||
</xsd:sequence> |
||||
<xsd:attribute name="encoderBeanRef" type="xsd:string" |
||||
use="optional" /> |
||||
</xsd:complexType> |
||||
|
||||
<xsd:attributeGroup name="AuthenticationRepositoryAttributes"> |
||||
<xsd:attribute name="id" type="xsd:ID"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
The unique identifier for a bean. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
<xsd:attribute name="repositoryBeanRef" type="xsd:string"> |
||||
<xsd:annotation> |
||||
<xsd:documentation> |
||||
<![CDATA[ |
||||
Reference of a bean. |
||||
]]> |
||||
</xsd:documentation> |
||||
</xsd:annotation> |
||||
</xsd:attribute> |
||||
</xsd:attributeGroup> |
||||
|
||||
<!-- simple internal types --> |
||||
<xsd:simpleType name="defaultable-boolean"> |
||||
<xsd:restriction base="xsd:NMTOKEN"> |
||||
<xsd:enumeration value="true" /> |
||||
<xsd:enumeration value="false" /> |
||||
</xsd:restriction> |
||||
</xsd:simpleType> |
||||
|
||||
|
||||
|
||||
<xsd:simpleType name="encoders"> |
||||
<xsd:restriction base="xsd:NMTOKEN"> |
||||
<xsd:enumeration value="md5" /> |
||||
<xsd:enumeration value="md5Hex" /> |
||||
<xsd:enumeration value="sha" /> |
||||
<xsd:enumeration value="shaHex" /> |
||||
<xsd:enumeration value="custom" /> |
||||
</xsd:restriction> |
||||
</xsd:simpleType> |
||||
|
||||
|
||||
|
||||
|
||||
</xsd:schema> |
||||
@ -1,25 +0,0 @@
@@ -1,25 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.context.ApplicationContext; |
||||
import org.springframework.context.support.ClassPathXmlApplicationContext; |
||||
|
||||
import junit.framework.TestCase; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class AuthenticationProcessingFilterNamespaceTests extends TestCase { |
||||
|
||||
public void testAuthenticationFilterBeanDefinition() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext( |
||||
"org/acegisecurity/config/authentication-form-filter.xml"); |
||||
ConfigurableListableBeanFactory factory = (ConfigurableListableBeanFactory) context |
||||
.getAutowireCapableBeanFactory(); |
||||
} |
||||
|
||||
} |
||||
@ -1,120 +0,0 @@
@@ -1,120 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import junit.framework.TestCase; |
||||
|
||||
import org.acegisecurity.providers.AuthenticationProvider; |
||||
import org.acegisecurity.providers.dao.DaoAuthenticationProvider; |
||||
import org.acegisecurity.providers.dao.SaltSource; |
||||
import org.acegisecurity.providers.encoding.Md5PasswordEncoder; |
||||
import org.acegisecurity.providers.encoding.PasswordEncoder; |
||||
import org.acegisecurity.providers.encoding.PlaintextPasswordEncoder; |
||||
import org.acegisecurity.userdetails.jdbc.JdbcDaoImpl; |
||||
import org.springframework.beans.PropertyValue; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.beans.factory.config.RuntimeBeanReference; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.context.ApplicationContext; |
||||
import org.springframework.context.support.ClassPathXmlApplicationContext; |
||||
import org.springframework.util.Assert; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class AuthenticationRepositoryParserTest extends TestCase { |
||||
|
||||
public void testAuthenticationRepositoryDefaultWithAutoUserdetails() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext( |
||||
"org/acegisecurity/config/authentication-dao-defaults.xml"); |
||||
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context |
||||
.getAutowireCapableBeanFactory(); |
||||
|
||||
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class); |
||||
assertEquals(1, names.length); |
||||
|
||||
// check bean class
|
||||
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]); |
||||
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass()); |
||||
|
||||
DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository"); |
||||
Assert.isAssignable(JdbcDaoImpl.class, provider.getUserDetailsService().getClass()); |
||||
|
||||
} |
||||
|
||||
public void testCollaboratorsAsInnerBeans() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext( |
||||
"org/acegisecurity/config/authentication-innerbeans.xml"); |
||||
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context |
||||
.getAutowireCapableBeanFactory(); |
||||
// get the main bean definition, there should be only one
|
||||
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class); |
||||
assertEquals(1, names.length); |
||||
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]); |
||||
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass()); |
||||
|
||||
// get the 2 inner beans
|
||||
PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource"); |
||||
assertEquals("saltSource", saltSourceBean.getName()); |
||||
|
||||
// get the BeanDefinition
|
||||
RootBeanDefinition saltsourceDef = (RootBeanDefinition) saltSourceBean.getValue(); |
||||
Assert.isAssignable(SaltSource.class, saltsourceDef.getBeanClass()); |
||||
|
||||
PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder"); |
||||
assertEquals("passwordEncoder", encoder.getName()); |
||||
|
||||
// get the BeanDefinition
|
||||
RootBeanDefinition encoderDef = (RootBeanDefinition) encoder.getValue(); |
||||
Assert.isAssignable(PasswordEncoder.class, encoderDef.getBeanClass()); |
||||
|
||||
assertEquals("incorrect bean class name", encoderDef.getBeanClassName(), Md5PasswordEncoder.class.getName()); |
||||
} |
||||
|
||||
public void testCollaboratorsAsBeanRef() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext( |
||||
"org/acegisecurity/config/authentication-beanRef-attributes.xml"); |
||||
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context |
||||
.getAutowireCapableBeanFactory(); |
||||
// get the main bean definition, there should be only one
|
||||
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class); |
||||
assertEquals(1, names.length); |
||||
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]); |
||||
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass()); |
||||
|
||||
// get the referred collaborators
|
||||
|
||||
PropertyValue userDetailsBean = definition.getPropertyValues().getPropertyValue("userDetailsService"); |
||||
assertEquals("userDetailsService", userDetailsBean.getName()); |
||||
|
||||
PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource"); |
||||
assertEquals("saltSource", saltSourceBean.getName()); |
||||
|
||||
// get the BeanDefinition
|
||||
RuntimeBeanReference saltsourceDef = (RuntimeBeanReference) saltSourceBean.getValue(); |
||||
assertEquals("refToSaltSource", saltsourceDef.getBeanName()); |
||||
|
||||
PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder"); |
||||
assertEquals("passwordEncoder", encoder.getName()); |
||||
|
||||
// get the BeanDefinition
|
||||
RuntimeBeanReference encoderDef = (RuntimeBeanReference) encoder.getValue(); |
||||
assertEquals("refToPasswordEncoder", encoderDef.getBeanName()); |
||||
|
||||
DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository"); |
||||
assertTrue(provider.getPasswordEncoder() instanceof PasswordEncoder); |
||||
assertEquals(Md5PasswordEncoder.class, provider.getPasswordEncoder().getClass()); |
||||
} |
||||
|
||||
public void testAutodetectionOfUserDetailsService() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext( |
||||
"org/acegisecurity/config/authentication-defaults.xml"); |
||||
DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository"); |
||||
assertNotNull(provider.getUserDetailsService()); |
||||
assertNull(provider.getSaltSource()); |
||||
assertEquals(PlaintextPasswordEncoder.class, provider.getPasswordEncoder().getClass()); |
||||
|
||||
} |
||||
} |
||||
@ -1,47 +0,0 @@
@@ -1,47 +0,0 @@
|
||||
package org.acegisecurity.config; |
||||
|
||||
import javax.servlet.Filter; |
||||
|
||||
import junit.framework.TestCase; |
||||
|
||||
import org.acegisecurity.ui.ExceptionTranslationFilter; |
||||
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint; |
||||
import org.springframework.beans.PropertyValue; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.beans.factory.config.RuntimeBeanReference; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.context.ApplicationContext; |
||||
import org.springframework.context.support.ClassPathXmlApplicationContext; |
||||
|
||||
public class ExceptionTranslationParserTests extends TestCase { |
||||
|
||||
public void testParsingBeanReferences() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext( |
||||
"org/acegisecurity/config/exception-translation-beanref.xml"); |
||||
ConfigurableListableBeanFactory factory = (ConfigurableListableBeanFactory) context |
||||
.getAutowireCapableBeanFactory(); |
||||
String[] beanNames = factory.getBeanNamesForType(Filter.class); |
||||
assertEquals(1, beanNames.length); |
||||
RootBeanDefinition def = (RootBeanDefinition) factory.getBeanDefinition(beanNames[0]); |
||||
assertEquals(ExceptionTranslationFilter.class.getName(), def.getBeanClassName()); |
||||
// check collaborators
|
||||
PropertyValue accessDeniedHandler = def.getPropertyValues().getPropertyValue("accessDeniedHandler"); |
||||
assertNotNull(accessDeniedHandler); |
||||
assertEquals(accessDeniedHandler.getValue(), new RuntimeBeanReference("theBeanToUse")); |
||||
PropertyValue entryPoint = def.getPropertyValues().getPropertyValue("authenticationEntryPoint"); |
||||
assertNotNull(entryPoint); |
||||
assertEquals(entryPoint.getValue(), new RuntimeBeanReference("authenticationProcessingFilterEntryPoint")); |
||||
} |
||||
|
||||
public void testRuntimeBeanDependencies() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext( |
||||
"org/acegisecurity/config/exception-translation-beanref.xml"); |
||||
ExceptionTranslationFilter filter = (ExceptionTranslationFilter) context.getBean("exceptionTranslationFilter"); |
||||
AuthenticationProcessingFilterEntryPoint entryPoint = (AuthenticationProcessingFilterEntryPoint) filter |
||||
.getAuthenticationEntryPoint(); |
||||
assertEquals("/acegilogin.jsp", entryPoint.getLoginFormUrl()); |
||||
assertFalse(entryPoint.getForceHttps()); |
||||
|
||||
} |
||||
|
||||
} |
||||
@ -1,44 +0,0 @@
@@ -1,44 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import javax.servlet.Filter; |
||||
|
||||
import org.acegisecurity.context.HttpSessionContextIntegrationFilter; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.context.ApplicationContext; |
||||
import org.springframework.context.support.ClassPathXmlApplicationContext; |
||||
|
||||
|
||||
import junit.framework.TestCase; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class HttpSessionContextIntegrationParserTest extends TestCase { |
||||
|
||||
public void testApplicationContext() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/session-context-integration-defaults.xml"); |
||||
ConfigurableListableBeanFactory clbf = |
||||
(ConfigurableListableBeanFactory)context.getAutowireCapableBeanFactory(); |
||||
|
||||
String[] names = clbf.getBeanNamesForType(Filter.class); |
||||
assertEquals(1, names.length); |
||||
|
||||
// check bean name
|
||||
RootBeanDefinition definition = (RootBeanDefinition)clbf.getBeanDefinition(names[0]); |
||||
assertEquals(HttpSessionContextIntegrationFilter.class, definition.getBeanClass()); |
||||
|
||||
// check properties
|
||||
//get the bean
|
||||
HttpSessionContextIntegrationFilter filter = (HttpSessionContextIntegrationFilter)context.getBean("httpSessionContextIntegrationFilter"); |
||||
assertFalse(filter.isAllowSessionCreation()); |
||||
assertNotNull(definition.getPropertyValues().getPropertyValue("allowSessionCreation")); |
||||
assertFalse(filter.isForceEagerSessionCreation()); |
||||
assertFalse(filter.isCloneFromHttpSession()); |
||||
} |
||||
|
||||
} |
||||
@ -1,29 +0,0 @@
@@ -1,29 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import java.util.Map; |
||||
|
||||
import junit.framework.TestCase; |
||||
|
||||
import org.acegisecurity.ui.logout.LogoutHandler; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.context.ApplicationContext; |
||||
import org.springframework.context.support.ClassPathXmlApplicationContext; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class LogoutFilterBeanDefinitionParserTests extends TestCase { |
||||
|
||||
public void testLogoutFilter() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext( |
||||
"org/acegisecurity/config/logout-filter-with-handlers.xml"); |
||||
ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory(); |
||||
Map m = bf.getBeansOfType(LogoutHandler.class); |
||||
assertEquals(2, m.size()); |
||||
} |
||||
|
||||
} |
||||
@ -1,66 +0,0 @@
@@ -1,66 +0,0 @@
|
||||
/** |
||||
* |
||||
*/ |
||||
package org.acegisecurity.config; |
||||
|
||||
import junit.framework.TestCase; |
||||
|
||||
import org.acegisecurity.GrantedAuthority; |
||||
import org.acegisecurity.GrantedAuthorityImpl; |
||||
import org.acegisecurity.userdetails.User; |
||||
import org.acegisecurity.userdetails.UserDetailsService; |
||||
import org.acegisecurity.userdetails.memory.InMemoryDaoImpl; |
||||
import org.acegisecurity.userdetails.memory.UserMap; |
||||
import org.springframework.beans.PropertyValue; |
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; |
||||
import org.springframework.beans.factory.support.RootBeanDefinition; |
||||
import org.springframework.context.ApplicationContext; |
||||
import org.springframework.context.support.ClassPathXmlApplicationContext; |
||||
|
||||
/** |
||||
* @author vpuri |
||||
* |
||||
*/ |
||||
public class PrincipalRepositoryNamespaceTests extends TestCase { |
||||
|
||||
public void testParserWithUserDefinition() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext( |
||||
"org/acegisecurity/config/principal-repository-user-map.xml"); |
||||
|
||||
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context |
||||
.getAutowireCapableBeanFactory(); |
||||
|
||||
String[] names = clbf.getBeanNamesForType(UserDetailsService.class); |
||||
assertEquals(1, names.length); |
||||
|
||||
RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]); |
||||
assertEquals(InMemoryDaoImpl.class, definition.getBeanClass()); |
||||
|
||||
UserMap map = new UserMap(); |
||||
|
||||
GrantedAuthority[] authotities = { new GrantedAuthorityImpl("ROLE_YO"), new GrantedAuthorityImpl("ROLE_YOYO") }; |
||||
|
||||
User user = new User("vishal", "nottellingya", true, true, true, true, authotities); |
||||
|
||||
map.addUser(user); |
||||
|
||||
assertPropertyValues(map, definition, "userMap"); |
||||
|
||||
} |
||||
|
||||
private void assertPropertyValues(UserMap assertionValue, RootBeanDefinition definition, String property) { |
||||
PropertyValue propertyValue = definition.getPropertyValues().getPropertyValue(property); |
||||
assertNotNull(propertyValue); |
||||
assertTrue(propertyValue.getValue() instanceof UserMap); |
||||
UserMap users = (UserMap) propertyValue.getValue(); |
||||
assertTrue(assertionValue.getUserCount() == users.getUserCount()); |
||||
assertEquals(assertionValue.getUser("vishal"), users.getUser("vishal")); |
||||
assertTrue(users.getUser("vishal").isEnabled()); |
||||
assertTrue(users.getUser("vishal").isAccountNonExpired()); |
||||
assertTrue(users.getUser("vishal").isAccountNonLocked()); |
||||
assertTrue(users.getUser("vishal").isCredentialsNonExpired()); |
||||
assertEquals(2, users.getUser("vishal").getAuthorities().length); |
||||
assertEquals(new GrantedAuthorityImpl("ROLE_YO"), users.getUser("vishal").getAuthorities()[0]); |
||||
assertEquals(new GrantedAuthorityImpl("ROLE_YOYO"), users.getUser("vishal").getAuthorities()[1]); |
||||
} |
||||
} |
||||
@ -1,16 +0,0 @@
@@ -1,16 +0,0 @@
|
||||
package org.acegisecurity.config; |
||||
|
||||
import junit.framework.TestCase; |
||||
|
||||
import org.springframework.context.ApplicationContext; |
||||
import org.springframework.context.support.ClassPathXmlApplicationContext; |
||||
|
||||
public class RememberMeBeanDefinitionParserTest extends TestCase { |
||||
|
||||
public void testParserDefaults() { |
||||
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/principal-repository-properties.xml"); |
||||
|
||||
|
||||
} |
||||
|
||||
} |
||||
@ -1,21 +0,0 @@
@@ -1,21 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<!-- AuthenticationEntryPoints handled across the system via Ordered interface; every Acegi entry point has an order; the highest order wins and |
||||
is used as the entry point by ExceptionTranslationFilter; for things like BasicAuthenticationfilter, they're smart enough to know they need a |
||||
BasicAuthenticationProcessingFilterEntryPoint, so they use that one; here we have an entryPointOrder to say when we make the BasicEntryPoint, |
||||
we will call setOrder(2) such that this app effectively will use somehing with a higher order as the app-wide default --> |
||||
<security:authentication-basic id="id" |
||||
realmName="Spring Security Application" entryPointOrder="2" /> |
||||
|
||||
</beans> |
||||
@ -1,53 +0,0 @@
@@ -1,53 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<security:authentication-repository id="authenticationRepository" repositoryBeanRef="refToUserDetailsService"> |
||||
<security:salt-source saltSourceBeanRef="refToSaltSource"/> |
||||
<security:password-encoder encoderBeanRef="refToPasswordEncoder"/> |
||||
</security:authentication-repository> |
||||
|
||||
<bean id="refToUserDetailsService" |
||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> |
||||
<property name="dataSource"> |
||||
<ref bean="dataSource" /> |
||||
</property> |
||||
</bean> |
||||
|
||||
<bean id="dataSource" |
||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource"> |
||||
<property name="driverClassName"> |
||||
<value>org.hsqldb.jdbcDriver</value> |
||||
</property> |
||||
<property name="url"> |
||||
<value>jdbc:hsqldb:mem:test</value> |
||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> --> |
||||
</property> |
||||
<property name="username"> |
||||
<value>sa</value> |
||||
</property> |
||||
<property name="password"> |
||||
<value></value> |
||||
</property> |
||||
</bean> |
||||
|
||||
<bean id="refToSaltSource" |
||||
class="org.acegisecurity.providers.dao.salt.SystemWideSaltSource"> |
||||
<property name="systemWideSalt"> |
||||
<value>12345</value> |
||||
</property> |
||||
</bean> |
||||
|
||||
<bean id="refToPasswordEncoder" |
||||
class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" /> |
||||
|
||||
</beans> |
||||
@ -1,54 +0,0 @@
@@ -1,54 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<!-- Case 1: defaults (userDetailsService mandatory)--> |
||||
<!-- autocreate userDetailsService with dataSource(search in ctx) injected --> |
||||
|
||||
<security:authentication-repository id="authenticationRepository"> |
||||
<security:password-encoder encoderBeanRef="passwordEncoder" /> |
||||
</security:authentication-repository> |
||||
|
||||
<bean id="userDetailsService" |
||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> |
||||
<property name="dataSource"> |
||||
<ref bean="dataSource" /> |
||||
</property> |
||||
</bean> |
||||
|
||||
<bean id="dataSource" |
||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource"> |
||||
<property name="driverClassName"> |
||||
<value>org.hsqldb.jdbcDriver</value> |
||||
</property> |
||||
<property name="url"> |
||||
<value>jdbc:hsqldb:mem:test</value> |
||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> --> |
||||
</property> |
||||
<property name="username"> |
||||
<value>sa</value> |
||||
</property> |
||||
<property name="password"> |
||||
<value></value> |
||||
</property> |
||||
</bean> |
||||
|
||||
<bean id="saltSource" |
||||
class="org.acegisecurity.providers.dao.salt.SystemWideSaltSource"> |
||||
<property name="systemWideSalt"> |
||||
<value>12345</value> |
||||
</property> |
||||
</bean> |
||||
|
||||
<bean id="passwordEncoder" |
||||
class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" /> |
||||
</beans> |
||||
@ -1,40 +0,0 @@
@@ -1,40 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<security:authentication-repository id="authenticationRepository"/> |
||||
|
||||
<bean id="userDetailsService" |
||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> |
||||
<property name="dataSource"> |
||||
<ref bean="dataSource" /> |
||||
</property> |
||||
</bean> |
||||
|
||||
<bean id="dataSource" |
||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource"> |
||||
<property name="driverClassName"> |
||||
<value>org.hsqldb.jdbcDriver</value> |
||||
</property> |
||||
<property name="url"> |
||||
<value>jdbc:hsqldb:mem:test</value> |
||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> --> |
||||
</property> |
||||
<property name="username"> |
||||
<value>sa</value> |
||||
</property> |
||||
<property name="password"> |
||||
<value></value> |
||||
</property> |
||||
</bean> |
||||
|
||||
</beans> |
||||
@ -1,57 +0,0 @@
@@ -1,57 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
|
||||
<!-- the URLs are all mandatory and have no defaults (well, except authenticationUrl) --> |
||||
<security:authentication-form id="authenticationProcessinFilter" |
||||
authenticationUrl="/login" defaultTargetUrl="/login.html" |
||||
errorFormUrl="error.html" /> |
||||
|
||||
<!-- make it optional, if not supplied autodetect all auth-providers from app ctx, using Ordered to resolve their order --> |
||||
<security:authentication-mechanism id="authenticationManager"> |
||||
<security:authentication-jdbc ref="authenticationRepository"/> |
||||
</security:authentication-mechanism> |
||||
|
||||
<!-- dao authentication provider --> |
||||
<security:authentication-repository id="authenticationRepository" repositoryBeanRef="userDetailsService"/> |
||||
|
||||
<security:authentication-remember-me-services |
||||
id="rememberMeServices" key="someValue" /> |
||||
|
||||
<bean id="userDetailsService" |
||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> |
||||
<property name="dataSource"> |
||||
<ref bean="dataSource" /> |
||||
</property> |
||||
</bean> |
||||
|
||||
<bean id="dataSource" |
||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource"> |
||||
<property name="driverClassName"> |
||||
<value>org.hsqldb.jdbcDriver</value> |
||||
</property> |
||||
<property name="url"> |
||||
<value>jdbc:hsqldb:mem:test</value> |
||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> --> |
||||
</property> |
||||
<property name="username"> |
||||
<value>sa</value> |
||||
</property> |
||||
<property name="password"> |
||||
<value></value> |
||||
</property> |
||||
</bean> |
||||
|
||||
|
||||
</beans> |
||||
|
||||
@ -1,50 +0,0 @@
@@ -1,50 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<!-- Case 1: defaults (userDetailsService mandatory)--> |
||||
<!-- autocreate userDetailsService with dataSource(search in ctx) injected --> |
||||
|
||||
<security:authentication-repository id="authenticationRepository"> |
||||
<security:salt-source> |
||||
<security:system-wide systemWideSalt="12345" /> |
||||
</security:salt-source> |
||||
<security:password-encoder> |
||||
<security:encoder method="md5" /> |
||||
</security:password-encoder> |
||||
</security:authentication-repository> |
||||
|
||||
<bean id="AnyBeanIdAsThisBeanWillBeAutoDetectedAndInjectedInauthenticationRepositoryUsingAutoWireByType" |
||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> |
||||
<property name="dataSource"> |
||||
<ref bean="dataSource" /> |
||||
</property> |
||||
</bean> |
||||
|
||||
<bean id="dataSource" |
||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource"> |
||||
<property name="driverClassName"> |
||||
<value>org.hsqldb.jdbcDriver</value> |
||||
</property> |
||||
<property name="url"> |
||||
<value>jdbc:hsqldb:mem:test</value> |
||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> --> |
||||
</property> |
||||
<property name="username"> |
||||
<value>sa</value> |
||||
</property> |
||||
<property name="password"> |
||||
<value></value> |
||||
</property> |
||||
</bean> |
||||
|
||||
</beans> |
||||
@ -1,37 +0,0 @@
@@ -1,37 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
|
||||
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it; |
||||
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for |
||||
other props; i do not mind if you move the access denied stuff to a sub-element --> |
||||
<security:exception-translation id="exceptionTranslationFilter"> |
||||
<security:entry-point |
||||
entryPointBeanRef="authenticationProcessingFilterEntryPoint" /> |
||||
</security:exception-translation> |
||||
|
||||
<bean id="theBeanToUse" |
||||
class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> |
||||
<property name="errorPage" value="/accessDenied.jsp" /> |
||||
</bean> |
||||
|
||||
<bean id="authenticationProcessingFilterEntryPoint" |
||||
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> |
||||
<property name="loginFormUrl"> |
||||
<value>/acegilogin.jsp</value> |
||||
</property> |
||||
<property name="forceHttps"> |
||||
<value>false</value> |
||||
</property> |
||||
</bean> |
||||
</beans> |
||||
@ -1,38 +0,0 @@
@@ -1,38 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
|
||||
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it; |
||||
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for |
||||
other props; i do not mind if you move the access denied stuff to a sub-element --> |
||||
<security:exception-translation id="exceptionTranslationFilter"> |
||||
<security:access-denied accessDeniedBeanRef="theBeanToUse" /> |
||||
<security:entry-point |
||||
entryPointBeanRef="authenticationProcessingFilterEntryPoint" /> |
||||
</security:exception-translation> |
||||
|
||||
<bean id="theBeanToUse" |
||||
class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> |
||||
<property name="errorPage" value="/accessDenied.jsp" /> |
||||
</bean> |
||||
|
||||
<bean id="authenticationProcessingFilterEntryPoint" |
||||
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> |
||||
<property name="loginFormUrl"> |
||||
<value>/acegilogin.jsp</value> |
||||
</property> |
||||
<property name="forceHttps"> |
||||
<value>false</value> |
||||
</property> |
||||
</bean> |
||||
</beans> |
||||
@ -1,34 +0,0 @@
@@ -1,34 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) --> |
||||
<!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown --> |
||||
<security:logout-support id="logoutFilter" logoutUrl="/logout" redirectAfterLogoutUrl="/"/> |
||||
|
||||
|
||||
|
||||
<security:authentication-remember-me-services |
||||
id="rememberMeServices" key="someValue" /> |
||||
|
||||
<bean id="SecurityContextLogoutHandler" |
||||
class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" /> |
||||
|
||||
<security:principal-repository id="userDetailsService"> |
||||
<security:user-definition username="vishal" |
||||
password="nottellingya" enabled="true"> |
||||
<security:granted-authority authority="ROLE_YO" /> |
||||
<security:granted-authority authority="ROLE_YOYO" /> |
||||
<!-- TODO: <security:granted-authority-ref authorityBeanRef="fooBarAuthority"/>--> |
||||
</security:user-definition> |
||||
</security:principal-repository> |
||||
</beans> |
||||
@ -1,44 +0,0 @@
@@ -1,44 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<!-- userDetailsService, This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various |
||||
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly. |
||||
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds --> |
||||
|
||||
<!--<security:security-autoconfig/> --> |
||||
|
||||
<security:principal-repository id="userDetailsService"> |
||||
<security:jdbc dataSourceBeanRef="dataSource"/> |
||||
</security:principal-repository> |
||||
|
||||
<bean id="dataSource" |
||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource"> |
||||
<property name="driverClassName"> |
||||
<value>org.hsqldb.jdbcDriver</value> |
||||
</property> |
||||
<property name="url"> |
||||
<value>jdbc:hsqldb:mem:test</value> |
||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> --> |
||||
</property> |
||||
<property name="username"> |
||||
<value>sa</value> |
||||
</property> |
||||
<property name="password"> |
||||
<value></value> |
||||
</property> |
||||
</bean> |
||||
|
||||
<!--<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate"> |
||||
<property name="dataSource" ref="dataSource"></property> |
||||
</bean>--> |
||||
</beans> |
||||
@ -1,22 +0,0 @@
@@ -1,22 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<!-- userDetailsService, This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various |
||||
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly. |
||||
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds --> |
||||
|
||||
<security:principal-repository id="userDetailsService"> |
||||
<security:properties resource="classpath:org/acegisecurity/config/user.properties"/> |
||||
</security:principal-repository> |
||||
|
||||
</beans> |
||||
@ -1,28 +0,0 @@
@@ -1,28 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<!-- userDetailsService, This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various |
||||
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly. |
||||
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds --> |
||||
|
||||
<security:principal-repository id="userDetailsService"> |
||||
<security:user-definition username="vishal" password="nottellingya" enabled="true"> |
||||
<security:granted-authority authority="ROLE_YO"/> |
||||
<security:granted-authority authority="ROLE_YOYO"/> |
||||
<!-- TODO: <security:granted-authority-ref authorityBeanRef="fooBarAuthority"/>--> |
||||
</security:user-definition> |
||||
</security:principal-repository> |
||||
|
||||
<!-- TODO: <security:granted-authority id="fooBarAuthority" authority="ROLE_FOOBAR"/> --> |
||||
|
||||
</beans> |
||||
@ -1,76 +0,0 @@
@@ -1,76 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<!-- ======================== AUTHENTICATION ======================= --> |
||||
|
||||
<!-- makes the filter, but does little else, as it auto-detects everything --> |
||||
<security:authentication-remember-me-filter id="rememberMeFilter" rememberMeServicesBeanRef="rememberMeServices" /> |
||||
|
||||
<!-- services should auto-detect UserDetails from app ctx if principalRepository was not specified; --> |
||||
<!-- key is optional; if unspecified, in the NamespaceHandler pick a rnd int and use for all unspecified key properties for acegi beans --> |
||||
<security:authentication-remember-me-services |
||||
id="rememberMeServices" key="someValue" |
||||
principalRepositoryBeanRef="userDetailsService" /> |
||||
|
||||
<!-- The rules are: |
||||
AuthenticationManager interface is implemented by ProviderManager |
||||
So if you have any auto-detection, create a ProviderManager definition |
||||
If ProviderManager.setProvider(List) is never called, auto-detect all AuthenticationProviders from app ctx, using Ordered to resolve their order |
||||
Every authentication mechanism OR provider must start with security:authentication-something |
||||
Use appropriate attrs and elements depending on provider or mechanism |
||||
--> |
||||
<!-- make it optional, if not supplied autodetect all auth-providers from app ctx, using Ordered to resolve their order --> |
||||
<security:authentication-mechanism id="authenticationManager"> |
||||
<security:authentication-jdbc ref="authenticationRepository"/> |
||||
</security:authentication-mechanism> |
||||
|
||||
|
||||
<!--<bean id="authenticationManager" |
||||
class="org.acegisecurity.providers.ProviderManager"> |
||||
|
||||
<property name="providers"> |
||||
<list> |
||||
<ref local="authenticationRepository" /> |
||||
</list> |
||||
</property> |
||||
</bean>--> |
||||
|
||||
<!-- dao authentication provider --> |
||||
<security:authentication-repository id="authenticationRepository" /> |
||||
|
||||
|
||||
|
||||
<bean id="userDetailsService" |
||||
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> |
||||
<property name="dataSource"> |
||||
<ref bean="dataSource" /> |
||||
</property> |
||||
</bean> |
||||
|
||||
<bean id="dataSource" |
||||
class="org.springframework.jdbc.datasource.DriverManagerDataSource"> |
||||
<property name="driverClassName"> |
||||
<value>org.hsqldb.jdbcDriver</value> |
||||
</property> |
||||
<property name="url"> |
||||
<value>jdbc:hsqldb:mem:test</value> |
||||
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> --> |
||||
</property> |
||||
<property name="username"> |
||||
<value>sa</value> |
||||
</property> |
||||
<property name="password"> |
||||
<value></value> |
||||
</property> |
||||
</bean> |
||||
</beans> |
||||
@ -1,21 +0,0 @@
@@ -1,21 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
|
||||
<!-- introspect all bean definitions for an explicit object of a "required" type, and if not found, add it. You can turn OFF ones you dont want added via attributes --> |
||||
<security:security-autoconfig exceptionTranslation="disable" |
||||
sessionContextIntegration="disable" logoutSupport="disable" |
||||
filterChain="disable" servletRequestEmulation="disabled" |
||||
anonyomousRoleGranter="disabled" /> |
||||
|
||||
</beans> |
||||
@ -1,183 +0,0 @@
@@ -1,183 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<!-- introspect all bean definitions for an explicit object of a "required" type, and if not found, add it. You can turn OFF ones you dont want added via attributes --> |
||||
<security:security-autoconfig exceptionTranslation="disable" |
||||
sessionContextIntegration="disable" logoutSupport="disable" |
||||
filterChain="disable" servletRequestEmulation="disabled" |
||||
anonyomousRoleGranter="disabled" /> |
||||
|
||||
<!-- autodetect attribute is the default, and an exception is thrown if false, as the expectation is they will write their own legacy <beans> format |
||||
FilterChainProxy bean definition is dissatisfied with the auto approach. The auto approach simply creates a bean definition similar to that shown |
||||
below with the AUTODETECT_ALL_ORDERED_FILTERs. As suggested, this causes a runtime check of app ctx for all javax.servlet.Filter instances, and |
||||
for each that also implemented Ordered, these are automatically applied to the pattern shown (which is **/* in the case of autodetect=true).*--> |
||||
<security:filter-chain id="id" /> |
||||
<bean id="dcdc" class="FilterChainProxy"> |
||||
<property name="chainConfig"> |
||||
<value> |
||||
**/*=AUTODETECT_ALL_ORDERED_FILTERS |
||||
**/*=filter1,filter2,filter3 |
||||
</value> |
||||
</property> |
||||
</bean> |
||||
<!-- also provide an OrderedFilterAdapter, impls Filter and Ordered, and can be configured declaratively in Spring XML (eg SiteMesh), setOrder, setDelegate(Filter object) --> |
||||
|
||||
<!-- creates a bean definition for an AccessDecisionManager; strategy defaults to AffirmativeBased; |
||||
superclass AbstractAccessDecisionManager requires refactoring so if no setProvider(List) given, it introspects app ctx for all AccessDecisionVoters |
||||
and uses their Ordered interface to apply them; if one doesn't implement Ordered, assume it is Integer.MAX_VALUE --> |
||||
<security:authorization-manager id="id" |
||||
strategy="consensus|unanimous|affirmative" /> |
||||
|
||||
<!-- ======================== AUTHENTICATION ======================= --> |
||||
|
||||
<!-- sessionCreation defaults to ifRequired. --> |
||||
<security:session-context-integration |
||||
id="httpSessionContextIntegrationFilter" |
||||
sessionCreation="never|ifRequired|always" /> |
||||
|
||||
<!-- The rules are: |
||||
AuthenticationManager interface is implemented by ProviderManager |
||||
So if you have any auto-detection, create a ProviderManager definition |
||||
If ProviderManager.setProvider(List) is never called, auto-detect all AuthenticationProviders from app ctx, using Ordered to resolve their order |
||||
Every authentication mechanism OR provider must start with security:authentication-something |
||||
Use appropriate attrs and elements depending on provider or mechanism |
||||
--> |
||||
<security:authentication-repository id="id" |
||||
repositoryBeanRef="beanIdOfRepositoryIfUnspecifiedAutoDetectTheirUserDetailsInstance"> |
||||
<security:salt-source |
||||
saltSourceBeanRef="beanRefOfAnExternalEncoder" /> |
||||
<!-- or allow it to be written inline as an inner bean --> |
||||
<security:password-encoder |
||||
encoder="md5|md5Hex|sha|shaHex|custom" |
||||
encoderBeanRef="beanRefOfAnExternalEncoder" /> |
||||
<!-- same story here, inner beans allowed --> |
||||
</security:authentication-repository> |
||||
|
||||
<security:salt-source> |
||||
<security:system-wide systemWideSalt="12345" /> |
||||
<security-reflection userPropertyToUse="sss" /> |
||||
</security:salt-source> |
||||
|
||||
|
||||
<!-- the URLs are all mandatory and have no defaults (well, except authenticationUrl) --> |
||||
<security:authentication-form id="id" authenticationUrl="/login" |
||||
loginFormUrl="/login.html" errorFormUrl="error.html" /> |
||||
|
||||
<!-- AuthenticationEntryPoints handled across the system via Ordered interface; every Acegi entry point has an order; the highest order wins and |
||||
is used as the entry point by ExceptionTranslationFilter; for things like BasicAuthenticationfilter, they're smart enough to know they need a |
||||
BasicAuthenticationProcessingFilterEntryPoint, so they use that one; here we have an entryPointOrder to say when we make the BasicEntryPoint, |
||||
we will call setOrder(2) such that this app effectively will use somehing with a higher order as the app-wide default --> |
||||
<security:authentication-basic id="id" |
||||
realmName="Spring Security Application" entryPointOrder="2" /> |
||||
|
||||
<!-- This is used if they want an out-of-the-bx UserDetailsService; if they write their own, this goes away and they wire a legacy bean definition and then the various |
||||
beans depending on a UserDetailsService will auto-detect it at runtime OR provide a way of setUserDetailsService(UserDetailsService) if to specified explicitly. |
||||
If they fail to provide a repository, the security-autodetect will set one up for them with a few basic in-memory users and pwds --> |
||||
<security:principal-repository id="id"> |
||||
<security:ldap |
||||
x="you can do the attributes and suitable nested elements" /> |
||||
<security:jdbc |
||||
x="you can do the attributes and suitable nested elements" /> |
||||
<security:properties |
||||
location="resourceStringToPropertiesFile"> |
||||
<!-- if they specify a resource attrib, that means throw exception if they nest some user-definition data) --> |
||||
<security:user-definition username="ben" |
||||
password="nottellingYou" enabled="true" |
||||
it="more stuff if you want"> |
||||
<security:granted-authority authority="ROLE_ANONYMOUS" /> |
||||
<ref bean="fooBarAuthority" /> |
||||
</security:user-definition> |
||||
</security:properties> |
||||
</security:principal-repository> |
||||
|
||||
<!-- makes the filter, but does little else, as it auto-detects everything --> |
||||
<security:authentication-remember-me-filter id="id" |
||||
rememberMeServicesBeanRef="theId" /> |
||||
|
||||
<!-- services should auto-detect UserDetails from app ctx if principalRepository was not specified; key is handled in same way as discussed earlier --> |
||||
<security:authentication-remember-me-services id="id" |
||||
key="someValue" principalRepositoryBeanRef="jdbcDaoImpl" /> |
||||
|
||||
<!-- key is optional; if unspecified, in the NamespaceHandler pick a rnd int and use for all unspecified key properties for acegi beans --> |
||||
<security:anonymous-role-granter id="id" key="someValue"> |
||||
<security:granted-authority authority="ROLE_ANONYMOUS" /> |
||||
<ref bean="fooBarAuthority" /> |
||||
</security:anonymous-role-granter> |
||||
|
||||
<security:granted-authority id="fooBarAuthority" |
||||
authority="ROLE_FOOBAR" /> |
||||
|
||||
<!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) --> |
||||
<!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown --> |
||||
<security:logout-support id="logoutFilter" |
||||
redirectAfterLogoutUrl="/" logoutUrl="/logout" /> |
||||
|
||||
|
||||
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== --> |
||||
|
||||
<!-- channel security out of scope; they use existing bean definition format; the channel filter will auto-detect and use Ordered interface as discussed above --> |
||||
|
||||
<!-- any kind of ACL support is out of scope; frankly it is too hard for 1.1.0 --> |
||||
|
||||
<!-- ensure element name is not overlapping with portlet or spring web flow or tapestry URI patterns, as this filter is incompatible with them --> |
||||
<security:authorization-http-url> |
||||
<security:url-mapping |
||||
source="xml - the default and no other options" |
||||
sourceBeanId="referenceToTheirObjectDefinitionSource"> |
||||
<!-- Specify security:uri-patterns in order of processing; each pattern must specify EITHER a regularExpression OR a path, but not both |
||||
and ALL patterns in the url-mapping MUST be of the SAME type (ie cannot mix a regular expression and Ant Path) - give exception if tried --> |
||||
<security:uri-pattern path="/index.jsp" |
||||
regularExpression="whatever"> |
||||
<security:configuration-attribute attribute="ROLE_A" /> |
||||
<ref |
||||
bean="someExternalConfigurationAttributeThatIsATopLevelBean" /> |
||||
</security:uri-pattern> |
||||
<security:uri-pattern path="/**" |
||||
regularExperssion="whatever"> |
||||
<security:configuration-attribute attribute="ROLE_A" /> |
||||
<ref |
||||
bean="someExternalConfigurationAttributeThatIsATopLevelBean" /> |
||||
</security:uri-pattern> |
||||
</security:url-mapping> |
||||
</security:authorization-http-url> |
||||
|
||||
<!-- the source refers to use of the relevant concete ObjectDefinitionSource; user can alternately specify their own instance and refer to it |
||||
via the sourceBeanId property; in that case they must specify "custom"; if unspecified, it means it's described as nested elements using the |
||||
security:method-pattern element, and you will therefore create it via the MethodDefinitionSourceEditor (that is what the default source=xml means, too) |
||||
For aspectj and springAop, that means create a MethodSecurityInterceptor and AspectJSecurityInterceptor bean definition respectively (in the case of |
||||
springAop, also create a MethodDefinitionSourceAdvisor); defaults to springAop=true, aspectJ=false --> |
||||
<security:authorization-joinpoint aspectj="false|true" |
||||
springAop="true|false"> |
||||
<security:url-mapping source="custom|xml|attributes|annotations" |
||||
sourceBeanId="referenceToTheirObjectDefinitionSource"> |
||||
<security:method-pattern |
||||
type="com.foo.Bar.whateverMethodNamePattern"> |
||||
<security:configuration-attribute attribute="ROLE_A" /> |
||||
<ref |
||||
bean="someExternalConfigurationAttributeThatIsATopLevelBean" /> |
||||
</security:method-pattern> |
||||
</security:url-mapping> |
||||
<!-- if get time, do a new security:pointcut-pattern --> |
||||
</security:authorization-joinpoint> |
||||
|
||||
|
||||
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it; |
||||
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for |
||||
other props; i do not mind if you move the access denied stuff to a sub-element --> |
||||
<security:exception-translation id="id" |
||||
accessDeniedUrl="/accessDenied.jsp" |
||||
accessDeniedBeanRef="theBeanToUse"> |
||||
<security:entry-point path="/acegilogin.jsp" https="boolean" /> |
||||
</security:exception-translation> |
||||
|
||||
</beans> |
||||
@ -1,63 +0,0 @@
@@ -1,63 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> |
||||
|
||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd --> |
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" --> |
||||
|
||||
<!-- ======================== AUTHENTICATION ======================= --> |
||||
|
||||
<!-- sessionCreation defaults to ifRequired(true) always(true) never(false) . --> |
||||
<security:session-context-integration id="httpSessionContextIntegrationFilter" sessionCreation="never" /> |
||||
|
||||
<!-- The rules are: |
||||
AuthenticationManager interface is implemented by ProviderManager |
||||
So if you have any auto-detection, create a ProviderManager definition |
||||
If ProviderManager.setProvider(List) is never called, auto-detect all AuthenticationProviders from app ctx, using Ordered to resolve their order |
||||
Every authentication mechanism OR provider must start with security:authentication-something |
||||
Use appropriate attrs and elements depending on provider or mechanism |
||||
--> |
||||
|
||||
|
||||
<!-- Case 1 |
||||
<security:authentication-repository id="id" repositoryBeanRef="userDetails"> |
||||
<security:salt-source |
||||
saltSourceBeanRef="beanRefOfAnExternalEncoder" /> |
||||
or allow it to be written inline as an inner bean |
||||
<security:password-encoder |
||||
encoder="md5|md5Hex|sha|shaHex|custom" |
||||
encoderBeanRef="beanRefOfAnExternalEncoder" /> |
||||
same story here, inner beans allowed |
||||
</security:authentication-repository> |
||||
|
||||
<bean id="userDetails" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> |
||||
<property name="dataSource"><ref bean="dataSource"/></property> |
||||
</bean> |
||||
|
||||
Case 2: autodetect userDetails |
||||
<security:authentication-repository id="id"> |
||||
<security:salt-source |
||||
saltSourceBeanRef="beanRefOfAnExternalEncoder" /> |
||||
or allow it to be written inline as an inner bean |
||||
<security:password-encoder |
||||
encoder="md5|md5Hex|sha|shaHex|custom" |
||||
encoderBeanRef="beanRefOfAnExternalEncoder" /> |
||||
same story here, inner beans allowed |
||||
</security:authentication-repository> |
||||
|
||||
Case 3: inner beans |
||||
<security:authentication-repository id="id" |
||||
ref="userDetails"> |
||||
<security:salt-source propertyName="propertyValue" /> |
||||
or allow it to be written inline as an inner bean |
||||
<security:password-encoder encoder="md5" /> |
||||
same story here, inner beans allowed |
||||
</security:authentication-repository> |
||||
--></beans> |
||||
|
||||
@ -1,2 +0,0 @@
@@ -1,2 +0,0 @@
|
||||
vishal=ity,ROLE_ADMIN |
||||
ity=vishal,ROLE_TELLER |
||||
Loading…
Reference in new issue