You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
149 lines
5.0 KiB
149 lines
5.0 KiB
<html> |
|
<head> |
|
<title>Tutorial: Adding Security to Spring Petclinic</title> |
|
</head> |
|
|
|
<body> |
|
<h1>Tutorial: Adding Security to Spring Petclinic</h1> |
|
<h2>Background requirements</h2> |
|
|
|
<p>To complete this tutorial, you will require a servlet container (such as Tomcat) |
|
and a general understanding of using Spring without Acegi Security. The Petclinic |
|
sample itself is part of Spring and should help you learn Spring. We suggest you |
|
only try to learn one thing at a time, and start with Spring/Petclinic before |
|
Acegi Security. |
|
</p> |
|
|
|
<h2>Download</h2> |
|
<ul> |
|
<li>Spring 2.0 M4 with dependencies ZIP file</li> |
|
<li>Acegi Security 1.0.0</li> |
|
</ul> |
|
|
|
<p> |
|
Unzip both files. After unzipping Acegi Security, you'll need to unzip the |
|
acegi-security-sample-tutorial.war file, because we need some files that are |
|
included within it. In the code below, we'll refer to the respective unzipped |
|
locations as %spring% and %acegi% (with the latter variable referring to the |
|
unzipped WAR, not the original ZIP). There is no need to setup any environment |
|
variables to complete the tutorial. |
|
</p> |
|
|
|
<h2>Setup database</h2> |
|
|
|
<p>Start the Hypersonic server (this is just normal Petclinic configuration): |
|
<pre> |
|
cd %spring%\samples\petclinic\db\hsqldb |
|
server |
|
</pre> |
|
</p> |
|
|
|
<p> |
|
Insert some data (again, normal Petclinic configuration): |
|
<pre> |
|
cd %spring%\samples\petclinic |
|
build setupDB |
|
</pre> |
|
</p> |
|
|
|
<h2>Setup Petclinic's web.xml</h2> |
|
|
|
<p>Edit %spring%\samples\petclinic\war\WEB-INF\web.xml and insert the following block of code. |
|
<pre> |
|
<filter> |
|
<filter-name>Acegi Filter Chain Proxy</filter-name> |
|
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class> |
|
<init-param> |
|
<param-name>targetClass</param-name> |
|
<param-value>org.acegisecurity.util.FilterChainProxy</param-value> |
|
</init-param> |
|
</filter> |
|
|
|
<filter-mapping> |
|
<filter-name>Acegi Filter Chain Proxy</filter-name> |
|
<url-pattern>/*</url-pattern> |
|
</filter-mapping> |
|
</pre> |
|
Next, locate the "contextConfigLocation" parameter, and add a new line into the existing param-value. |
|
The resulting block will look like this: |
|
<pre> |
|
<context-param> |
|
<param-name>contextConfigLocation</param-name> |
|
<param-value> |
|
/WEB-INF/applicationContext-jdbc.xml |
|
/WEB-INF/applicationContext-acegi-security.xml |
|
</param-value> |
|
</context-param> |
|
</pre> |
|
</p> |
|
|
|
<h2>Add the necessary files</h2> |
|
|
|
<p> |
|
We now need to put some extra files into Petclinic. The following commands should work: |
|
<pre> |
|
copy %acegi%\acegilogin.jsp %spring%\samples\petclinic\war |
|
copy %acegi%\WEB-INF\users.properties %spring%\samples\petclinic\war\WEB-INF |
|
copy %acegi%\WEB-INF\applicationContext-acegi-security.xml %spring%\samples\petclinic\war\WEB-INF |
|
copy %acegi%\WEB-INF\lib\acegi-security-1.0.0.jar %spring%\samples\petclinic\war\WEB-INF\lib |
|
copy %acegi%\WEB-INF\lib\oro-2.0.8.jar %spring%\samples\petclinic\war\WEB-INF\lib |
|
copy %acegi%\WEB-INF\lib\commons-codec-1.3.jar %spring%\samples\petclinic\war\WEB-INF\lib |
|
</pre> |
|
</p> |
|
|
|
<p> |
|
To make it easier to experiment with the application, let's edit |
|
%spring%\samples\petclinic\war\WEB-INF\jsp\footer.jsp. Add a new "logout" link, as shown: |
|
<pre> |
|
<table style="width:100%"><tr> |
|
<td><A href="<c:url value="/welcome.htm"/>">Home</A></td> |
|
<td><A href="<c:url value="/j_acegi_logout"/>">Logout</A></td> |
|
<td style="text-align:right;color:silver">PetClinic :: a Spring Framework demonstration</td> |
|
</tr></table> |
|
|
|
</pre> |
|
|
|
</p> |
|
|
|
<h2>Modify the allowed URLs</h2> |
|
|
|
<p> |
|
Our last step is to specify which URLs require authorization and which do not. Let's |
|
edit %spring%\samples\petclinic\war\WEB-INF\applicationContext-acegi-security.xml. |
|
Scroll to the bottom and locate the bean definition for FilterSecurityInterceptor. |
|
Edit its objectDefinitionSource property so that it reflects the following: |
|
<pre> |
|
<property name="objectDefinitionSource"> |
|
<value> |
|
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON |
|
PATTERN_TYPE_APACHE_ANT |
|
/acegilogin.jsp=IS_AUTHENTICATED_ANONYMOUSLY |
|
/**=IS_AUTHENTICATED_REMEMBERED |
|
</value> |
|
</property> |
|
</pre> |
|
</p> |
|
|
|
<h2>Build and deploy the Petclinic WAR file</h2> |
|
|
|
<p> |
|
Use the Ant build and deploy to your servlet container: |
|
<pre> |
|
cd %spring%\samples\petclinic |
|
build warfile |
|
copy dist\petclinic.war %TOMCAT_HOME%\webapps |
|
</pre> |
|
</p> |
|
|
|
<p>Finally, start your container and try to visit the home page. |
|
Your request should be intercepted and you will be forced to login.</p> |
|
|
|
<h2>What now?</h2> |
|
<p> |
|
These steps can be applied to your own application. Although we do suggest |
|
that you visit <a href="http://acegisecurity.org">http://acegisecurity.org</a> |
|
and in particular review the "Suggested Steps" for getting started with Acegi |
|
Security.</p> |
|
|
|
</body> |
|
</html> |