GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Updated heavy-duty sample to be able to build it.

3.0.x
Luke Taylor 17 years ago
parent
929b6bb1a0
commit
f38c0eb675
13 changed files with 287 additions and 294 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 100
      sandbox/heavyduty/pom.xml
  2. 4
      sandbox/heavyduty/src/main/java/bigbank/BankDaoStub.java
  3. 8
      sandbox/heavyduty/src/main/java/bigbank/BankService.java
  4. 10
      sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java
  5. 6
      sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java
  6. 16
      sandbox/heavyduty/src/main/java/heavyduty/web/TestMultiActionController.java
  7. 11
      sandbox/heavyduty/src/main/java/sample/TestVoter.java
  8. 18
      sandbox/heavyduty/src/main/java/sample/dao/impl/GenericDAOImpl.java
  9. 12
      sandbox/heavyduty/src/main/java/sample/service/UserService.java
  10. 22
      sandbox/heavyduty/src/main/java/sample/service/impl/UserServiceImpl.java
  11. 110
      sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml
  12. 262
      sandbox/heavyduty/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
  13. 2
      sandbox/heavyduty/src/main/webapp/WEB-INF/web.xml

100
sandbox/heavyduty/pom.xml
Unescape View File

@ -8,24 +8,20 @@ @@ -8,24 +8,20 @@
<dependencies>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<artifactId>spring-security-web</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<artifactId>spring-security-ldap</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>org.springframework.core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>org.springframework.context</artifactId>
<version>${spring.version}</version>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>org.springframework.web</artifactId>
@ -40,60 +36,62 @@ @@ -40,60 +36,62 @@
<groupId>org.springframework</groupId>
<artifactId>org.springframework.jdbc</artifactId>
<scope>runtime</scope>
<version>${spring.version}</version>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>org.springframework.orm</artifactId>
<version>${spring.version}</version>
</dependency>
<!--
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<artifactId>org.springframework.context</artifactId>
<version>${spring.version}</version>
</dependency>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>org.springframework.aop</artifactId>
<scope>runtime</scope>
<version>${spring.version}</version>
</dependency>
-->
<dependency>
<groupId>org.freemarker</groupId>
<artifactId>freemarker</artifactId>
<scope>runtime</scope>
<version>2.3.12</version>
</dependency>
<dependency>
<groupId>hsqldb</groupId>
<artifactId>hsqldb</artifactId>
<version>1.8.0.7</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<version>3.3.2.GA</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>1.3.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<optional>true</optional>
<version>1.5.4</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>1.5.4</version>
</dependency>
</dependency>
<dependency>
<groupId>hsqldb</groupId>
<artifactId>hsqldb</artifactId>
<version>1.8.0.7</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<version>3.3.2.GA</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>1.4.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<scope>provided</scope>
<version>2.4</version>
</dependency>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
@ -104,7 +102,7 @@ @@ -104,7 +102,7 @@
<groupId>taglibs</groupId>
<artifactId>standard</artifactId>
<scope>runtime</scope>
<version>1.1.2</version>
<version>1.1.2</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
@ -123,18 +121,18 @@ @@ -123,18 +121,18 @@
<artifactId>slf4j-log4j12</artifactId>
<version>1.4.3</version>
<scope>runtime</scope>
</dependency>
</dependency>
<dependency>
<groupId>org.springframework.ldap</groupId>
<artifactId>spring-ldap</artifactId>
<version>1.2.1</version>
</dependency>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<scope>runtime</scope>
<version>1.2.14</version>
</dependency>
</dependency>
</dependencies>
<build>
@ -155,7 +153,7 @@ @@ -155,7 +153,7 @@
<downloadSources>true</downloadSources>
<wtpversion>2.0</wtpversion>
</configuration>
</plugin>
</plugin>
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>maven-jetty-plugin</artifactId>
@ -183,8 +181,8 @@ @@ -183,8 +181,8 @@
</plugin>
</plugins>
</build>
<properties>
<spring.version>2.5.6</spring.version>
<properties>
<spring.version>3.0.0.M2</spring.version>
<spring.security.version>3.0.0.CI-SNAPSHOT</spring.security.version>
</properties>

4
sandbox/heavyduty/src/main/java/bigbank/BankDaoStub.java
Unescape View File

@ -5,8 +5,8 @@ import java.util.Map; @@ -5,8 +5,8 @@ import java.util.Map;
public class BankDaoStub implements BankDao {
private long id = 0;
private Map accounts = new HashMap();
private Map<Long, Account> accounts = new HashMap<Long, Account>();
public void createOrUpdateAccount(Account account) {
if (account.getId() == -1) {
id++;

8
sandbox/heavyduty/src/main/java/bigbank/BankService.java
Unescape View File

@ -1,15 +1,15 @@ @@ -1,15 +1,15 @@
package bigbank;
import org.springframework.security.annotation.Secured;
import org.springframework.security.access.annotation.Secured;
public interface BankService {
@Secured("IS_AUTHENTICATED_ANONYMOUSLY")
public Account readAccount(Long id);
@Secured("IS_AUTHENTICATED_ANONYMOUSLY")
public Account[] findAccounts();
@Secured("ROLE_TELLER")
public Account post(Account account, double amount);
}

10
sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java
Unescape View File

@ -1,11 +1,11 @@ @@ -1,11 +1,11 @@
package heavyduty.security.ui;
import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
public class HeavyDutyAuthenticationProcessingFilter extends AuthenticationProcessingFilter {
}

6
sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java
Unescape View File

@ -1,9 +1,9 @@ @@ -1,9 +1,9 @@
package heavyduty.security.ui;
import org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint;
import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint;
public class HeavyDutyEntryPoint extends AuthenticationProcessingFilterEntryPoint {
}

16
sandbox/heavyduty/src/main/java/heavyduty/web/TestMultiActionController.java
Unescape View File

@ -18,33 +18,33 @@ import org.springframework.web.servlet.mvc.multiaction.MultiActionController; @@ -18,33 +18,33 @@ import org.springframework.web.servlet.mvc.multiaction.MultiActionController;
*/
public class TestMultiActionController extends MultiActionController {
public static final String VIEW_NAME = "multi-action-test";
public String login(HttpServletRequest request, HttpServletResponse response) {
return "login";
}
public void step1(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String[] x = request.getParameterValues("x");
logger.info("x= " + (x == null ? "null" : Arrays.asList(x)));
String[] y = request.getParameterValues("y");
logger.info("y = " + (y == null ? "null" : Arrays.asList(y)));
logger.info("y = " + (y == null ? "null" : Arrays.asList(y)));
request.getRequestDispatcher("/testMulti.htm?action=step1xtra&x=5&x=5").forward(request, response);
}
public ModelAndView step1xtra(HttpServletRequest request, HttpServletResponse response) throws ServletRequestBindingException {
logger.info("x = " + Arrays.asList(request.getParameterValues("x")));
return createView("step2");
}
}
public ModelAndView step2(HttpServletRequest request, HttpServletResponse response) throws ServletRequestBindingException {
return createView("step1");
}
private ModelAndView createView(String name) {
Map model = new HashMap();
Map<String, String> model = new HashMap<String, String>();
model.put("nextAction", name);
return new ModelAndView(VIEW_NAME, model);
}
}

11
sandbox/heavyduty/src/main/java/sample/TestVoter.java
Unescape View File

@ -1,12 +1,11 @@ @@ -1,12 +1,11 @@
package sample;
import java.lang.annotation.Annotation;
import java.util.List;
import org.aopalliance.intercept.MethodInvocation;
import org.springframework.security.Authentication;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.vote.AccessDecisionVoter;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.vote.AccessDecisionVoter;
import org.springframework.security.core.Authentication;
public class TestVoter implements AccessDecisionVoter {
@ -14,14 +13,14 @@ public class TestVoter implements AccessDecisionVoter { @@ -14,14 +13,14 @@ public class TestVoter implements AccessDecisionVoter {
return true;
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
return MethodInvocation.class.isAssignableFrom(clazz);
}
public int vote(Authentication authentication, Object object, List<ConfigAttribute> config) {
MethodInvocation mi = (MethodInvocation) object;
Annotation[][] annotations = mi.getMethod().getParameterAnnotations();
mi.getMethod().getParameterAnnotations();
return ACCESS_GRANTED;

18
sandbox/heavyduty/src/main/java/sample/dao/impl/GenericDAOImpl.java
Unescape View File

@ -24,7 +24,7 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable> @@ -24,7 +24,7 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable>
/**
* Minimal constructor
*
*
* @param t
* type POJO hibernate
*/
@ -34,12 +34,11 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable> @@ -34,12 +34,11 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable>
/**
* read data
*
*
* @param id
* data id
* @return data
*/
@SuppressWarnings("unchecked")
public T read(PK id) {
if (id == null) {
throw new IllegalArgumentException("Id cannot be null or empty");
@ -54,7 +53,7 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable> @@ -54,7 +53,7 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable>
/**
* persist data
*
*
* @param transientInstance
* data to persist
* @see sido.common.dao.GenericDAO#persist(T)
@ -68,9 +67,9 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable> @@ -68,9 +67,9 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable>
}
/**
*
*
* attach clean
*
*
* @param instance
* data to attach
* @see sido.common.dao.GenericDAO#refresh(T)
@ -85,7 +84,7 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable> @@ -85,7 +84,7 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable>
/**
* delete
*
*
* @param persistentInstance
* data to delete
* @see sido.common.dao.GenericDAO#delete(T)
@ -100,13 +99,12 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable> @@ -100,13 +99,12 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable>
/**
* merge
*
*
* @param detachedInstance
* data to merge
* @return the merged data
* @see sido.common.dao.GenericDAO#merge(T)
*/
@SuppressWarnings("unchecked")
public T merge(T detachedInstance) {
if (LOG.isDebugEnabled()) {
LOG.debug("merging instance of "
@ -123,4 +121,4 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable> @@ -123,4 +121,4 @@ public class GenericDAOImpl<T extends Serializable, PK extends Serializable>
}
}
}

12
sandbox/heavyduty/src/main/java/sample/service/UserService.java
Unescape View File

@ -1,16 +1,16 @@ @@ -1,16 +1,16 @@
package sample.service;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
public interface UserService extends UserDetailsService {
/**
* Register a new User in database
* @param username
*/
public UserDetails register(String username, String password);
}

22
sandbox/heavyduty/src/main/java/sample/service/impl/UserServiceImpl.java
Unescape View File

@ -1,18 +1,16 @@ @@ -1,18 +1,16 @@
/**
*
*
*/
package sample.service.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.AuthenticationException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import sample.dao.UserDAO;
@ -21,7 +19,7 @@ import sample.service.UserService; @@ -21,7 +19,7 @@ import sample.service.UserService;
/**
* @author A207119
*
*
*/
@Component
@Transactional
@ -39,9 +37,9 @@ public class UserServiceImpl implements UserService { @@ -39,9 +37,9 @@ public class UserServiceImpl implements UserService {
try {
User user = userDAO.findByUsername(username);
return new org.springframework.security.userdetails.User(user
return new org.springframework.security.core.userdetails.User(user
.getUsername(), user.getPassword(), true, true, true, true,
new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_USER") });
AuthorityUtils.createAuthorityList("ROLE_USER"));
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throw new UsernameNotFoundException("No matching account", e);
@ -51,9 +49,9 @@ public class UserServiceImpl implements UserService { @@ -51,9 +49,9 @@ public class UserServiceImpl implements UserService {
public UserDetails register(String username, String password) {
User user = new User(username, password);
userDAO.persist(user);
return new org.springframework.security.userdetails.User(user
return new org.springframework.security.core.userdetails.User(user
.getUsername(), user.getPassword(), true, true, true, true,
new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_USER") });
AuthorityUtils.createAuthorityList("ROLE_USER"));
}

110
sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml
Unescape View File

@ -12,33 +12,33 @@ @@ -12,33 +12,33 @@
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
<!--b:import resource="appContext-misc.xml"/-->
<context:component-scan base-package='sample'/>
<global-method-security secured-annotations="enabled" access-decision-manager-ref="methodAccessMgr">
<protect-pointcut expression="execution(* sample.service.UserService+.*(..))"
access="ROLE_LOGGEDIN" />
</global-method-security>
<aop:aspectj-autoproxy/>
<b:bean id="methodAccessMgr" class="org.springframework.security.vote.AffirmativeBased">
<b:property name="decisionVoters">
<b:list>
<b:bean class="sample.TestVoter"/>
</b:list>
</b:property>
</b:bean>
<context:component-scan base-package='sample'/>
<global-method-security secured-annotations="enabled" access-decision-manager-ref="methodAccessMgr">
<protect-pointcut expression="execution(* sample.service.UserService+.*(..))"
access="ROLE_LOGGEDIN" />
</global-method-security>
<aop:aspectj-autoproxy/>
<b:bean id="methodAccessMgr" class="org.springframework.security.access.vote.AffirmativeBased">
<b:property name="decisionVoters">
<b:list>
<b:bean class="sample.TestVoter"/>
</b:list>
</b:property>
</b:bean>
<http>
<intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
<intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_REMEMBERED" />
<intercept-url pattern="/testMulti.htm*" access="IS_AUTHENTICATED_FULLY" />
<!-- Disable web URI authorization, as we're using <global-method-security> and have @Secured the services layer instead
<intercept-url pattern="/testMulti.htm*" access="IS_AUTHENTICATED_FULLY" />
<!-- Disable web URI authorization, as we're using <global-method-security> and have @Secured the services layer instead
<intercept-url pattern="/listAccounts.html" access="IS_AUTHENTICATED_REMEMBERED" />
<intercept-url pattern="/post.html" access="ROLE_TELLER" />
-->
@ -57,25 +57,25 @@ @@ -57,25 +57,25 @@
<!-- Uncomment to limit the number of sessions a user can have -->
<concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true" session-registry-ref='sessionRegistry'/>
</http>
<authentication-manager alias="authenticationManager" />
<b:bean id='tokenRepo' class='org.springframework.security.ui.rememberme.InMemoryTokenRepositoryImpl'/>
<b:bean id='tokenRepo' class='org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl'/>
<!-- Traditional Session Control Beans -->
<!--
<!--
<b:bean id='sessionControlFilter' class="org.springframework.security.concurrent.ConcurrentSessionFilter">
<custom-filter position="CONCURRENT_SESSION_FILTER"/>
<b:property name="sessionRegistry" ref='sessionRegistry'/>
</b:bean>
<b:bean id='sessionController' class="org.springframework.security.concurrent.ConcurrentSessionControllerImpl">
<b:property name='sessionRegistry' ref='sessionRegistry'/>
</b:bean>
-->
<b:bean id='sessionRegistry' class="org.springframework.security.concurrent.SessionRegistryImpl"/>
-->
<b:bean id='sessionRegistry' class="org.springframework.security.authentication.concurrent.SessionRegistryImpl"/>
<!--
<b:bean id="customAuthFilter" class="heavyduty.security.ui.HeavyDutyAuthenticationProcessingFilter">
<custom-filter position="AUTHENTICATION_PROCESSING_FILTER"/>
@ -86,45 +86,45 @@ @@ -86,45 +86,45 @@
<b:bean id="customEntryPoint" class="heavyduty.security.ui.HeavyDutyEntryPoint">
<b:property name="loginFormUrl" value="/login.jsp"/>
</b:bean>
-->
<!--
-->
<!--
<b:bean id="loginPageGenerator" class="org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter">
<custom-filter after="AUTHENTICATION_PROCESSING_FILTER"/>
<b:constructor-arg ref="customAuthFilter"/>
</b:bean>
-->
<authentication-provider user-service-ref="daoUserService">
<password-encoder hash="md5" />
</authentication-provider>
<authentication-provider user-service-ref="daoUserService">
<password-encoder hash="md5" />
</authentication-provider>
<authentication-provider>
<password-encoder hash="md5"/>
<user-service>
<user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
<user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
<user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
<user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
<user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
<ldap-server id="ldapServer"/>
</user-service>
</authentication-provider>
<ldap-server id="ldapServer"/>
<!-- b:bean id="mbeanServer" class="org.springframework.jmx.support.MBeanServerFactoryBean"/ -->
<b:bean id="exporter" class="org.springframework.jmx.export.MBeanExporter">
<b:property name="beans">
<b:map>
<b:entry key="bean:name=ldapContextSource" value-ref="ldapServer"/>
</b:map>
</b:property>
<b:property name="assembler">
<b:bean class="org.springframework.jmx.export.assembler.MethodNameBasedMBeanInfoAssembler">
<b:property name="managedMethods" value="setPassword,setUserDn,getUrls,setUrl,setUrls,setPooled,isPooled,setBase,getBaseLdapPathAsString"/>
</b:bean>
</b:property>
<!-- b:property name="server" ref="mbeanServer"/-->
</b:bean>
</b:beans>
<b:bean id="exporter" class="org.springframework.jmx.export.MBeanExporter">
<b:property name="beans">
<b:map>
<b:entry key="bean:name=ldapContextSource" value-ref="ldapServer"/>
</b:map>
</b:property>
<b:property name="assembler">
<b:bean class="org.springframework.jmx.export.assembler.MethodNameBasedMBeanInfoAssembler">
<b:property name="managedMethods" value="setPassword,setUserDn,getUrls,setUrl,setUrls,setPooled,isPooled,setBase,getBaseLdapPathAsString"/>
</b:bean>
</b:property>
<!-- b:property name="server" ref="mbeanServer"/-->
</b:bean>
</b:beans>

262
sandbox/heavyduty/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
Unescape View File

@ -18,35 +18,35 @@ @@ -18,35 +18,35 @@
<beans>
<bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value><![CDATA[
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
]]></value>
</property>
</bean>
<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>
<bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
<constructor-arg>
<list>
<ref bean="rememberMeServices"/>
<bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
</list>
</constructor-arg>
</bean>
<bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="authenticationFailureUrl" value="/acegilogin.jsp?login_error=1"/>
<property name="defaultTargetUrl" value="/"/>
<property name="filterProcessesUrl" value="/j_spring_security_check"/>
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
<bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value><![CDATA[
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
]]></value>
</property>
</bean>
<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>
<bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
<constructor-arg>
<list>
<ref bean="rememberMeServices"/>
<bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
</list>
</constructor-arg>
</bean>
<bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="authenticationFailureUrl" value="/acegilogin.jsp?login_error=1"/>
<property name="defaultTargetUrl" value="/"/>
<property name="filterProcessesUrl" value="/j_spring_security_check"/>
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
<bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
<property name="authenticationManager"><ref local="authenticationManager"/></property>
@ -57,105 +57,105 @@ @@ -57,105 +57,105 @@
<property name="realmName"><value>My Realm</value></property>
</bean>
<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter"/>
<bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
<bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter">
<property name="key" value="changeThis"/>
<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
</bean>
<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/acegilogin.jsp"/>
<property name="forceHttps" value="false"/>
</bean>
</property>
<property name="accessDeniedHandler">
<bean class="org.springframework.security.ui.AccessDeniedHandlerImpl">
<property name="errorPage" value="/accessDenied.jsp"/>
</bean>
</property>
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions" value="false"/>
<property name="decisionVoters">
<list>
<bean class="org.springframework.security.vote.RoleVoter"/>
<bean class="org.springframework.security.vote.AuthenticatedVoter"/>
</list>
</property>
</bean>
<bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value><![CDATA[
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/secure/extreme/**=ROLE_SUPERVISOR
/secure/**=IS_AUTHENTICATED_REMEMBERED
/**=IS_AUTHENTICATED_ANONYMOUSLY
]]></value>
</property>
</bean>
<bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="userDetailsService"/>
<property name="key" value="changeThis"/>
</bean>
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
<ref local="daoAuthenticationProvider"/>
<bean class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
<property name="key" value="changeThis"/>
</bean>
<bean class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
<property name="key" value="changeThis"/>
</bean>
</list>
</property>
</bean>
<bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService" ref="userDetailsService"/>
</bean>
<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
<bean id="userDetailsService" class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
<property name="userProperties">
<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="location" value="/WEB-INF/users.properties"/>
</bean>
</property>
</bean>
<!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
<bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener"/>
<bean id="daacc" class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"/>
<bean id="attributes" class="org.springframework.security.annotation.SecurityAnnotationAttributes"/>
<bean id="objectDefinitionSource" class="org.springframework.security.intercept.method.MethodDefinitionAttributes">
<property name="attributes"><ref local="attributes"/></property>
</bean>
<bean id="securityInterceptor" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="authenticationManager"><ref local="authenticationManager"/></property>
<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
<property name="objectDefinitionSource">
<ref local="objectDefinitionSource"/>
</property>
</bean>
</beans>
<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter"/>
<bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
<bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter">
<property name="key" value="changeThis"/>
<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
</bean>
<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/acegilogin.jsp"/>
<property name="forceHttps" value="false"/>
</bean>
</property>
<property name="accessDeniedHandler">
<bean class="org.springframework.security.ui.AccessDeniedHandlerImpl">
<property name="errorPage" value="/accessDenied.jsp"/>
</bean>
</property>
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions" value="false"/>
<property name="decisionVoters">
<list>
<bean class="org.springframework.security.access.vote.RoleVoter"/>
<bean class="org.springframework.security.access.vote.AuthenticatedVoter"/>
</list>
</property>
</bean>
<bean id="filterInvocationInterceptor" class="org.springframework.security.web.intercept.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value><![CDATA[
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/secure/extreme/**=ROLE_SUPERVISOR
/secure/**=IS_AUTHENTICATED_REMEMBERED
/**=IS_AUTHENTICATED_ANONYMOUSLY
]]></value>
</property>
</bean>
<bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="userDetailsService"/>
<property name="key" value="changeThis"/>
</bean>
<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<ref local="daoAuthenticationProvider"/>
<bean class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
<property name="key" value="changeThis"/>
</bean>
<bean class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationProvider">
<property name="key" value="changeThis"/>
</bean>
</list>
</property>
</bean>
<bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="userDetailsService" ref="userDetailsService"/>
</bean>
<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
<bean id="userDetailsService" class="org.springframework.security.core.userdetails.memory.InMemoryDaoImpl">
<property name="userProperties">
<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="location" value="/WEB-INF/users.properties"/>
</bean>
</property>
</bean>
<!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
<bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/>
<bean id="daacc" class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"/>
<bean id="attributes" class="org.springframework.security.access.annotation.SecurityAnnotationAttributes"/>
<bean id="securityMetadataSource" class="org.springframework.security.access.intercept.method.MethodDefinitionAttributes">
<property name="attributes"><ref local="attributes"/></property>
</bean>
<bean id="securityInterceptor" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="authenticationManager"><ref local="authenticationManager"/></property>
<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
<property name="securityMetadataSource">
<ref local="securityMetadataSource"/>
</property>
</bean>
</beans>

2
sandbox/heavyduty/src/main/webapp/WEB-INF/web.xml
Unescape View File

@ -62,7 +62,7 @@ @@ -62,7 +62,7 @@
- context. Optional unless concurrent session control is being used.
-->
<listener>
<listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
<!--

Write Preview
Loading…
Cancel
Save