Announcement Announcement Module
No announcement yet.
How do you remove manually configed security to use roo's security setup Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • How do you remove manually configed security to use roo's security setup

    I have gone through setting up security manually by adding entries to web.xml and creating and applicationContext-security.xml and changing my pom. Not to mention creating a custom AuthenticationProvider, and using @Secured on some methods. However, there are some things I am having problems with such as logout, etc. I wanted to just move to the roo generated version by using security setup. However, the command is not available (Command 'security setup' was found but is not currently available). I have removed the entries in web xml for the filter chain - I have renamed applicationConetxt-security.xml to applicationXXXContext-security.xml.bak. I have cleaned, assembled, packaged, restarted roo. Does anyone know what I am missing? should I kill the security entries in my pom?

    Help would be appreciated.

  • #2
    POM was the answer

    It appears roo also looks at the POM.xml. Once I removed the security dependencies in the pom, I was able to run "security setup"

    So to restate - I had setup security previously, but wanted to do it with roo, so in order to let roo run security setup (besides setting up controllers first), I had to:

    Remove-rename applicationContext-security.xml
    remove the secuity filters from web.xml
    remove dependencies on spring secuity from the pom.


    • #3
      Good to know what it uses to determine lockouts.


      • #4
        No 100.000% sure about all three

        I do know that the pom is what was holding me back. From other posts, it seems that the web.xml needs to be clear of security. Also, I thought it just made sense to remove the applicationContext-security.xml. However I made both of those changes before the pom. So I am not 100% certain they are required... Did not feel like experimenting by adding them back, etc. But since the security setup action modifies/creates these files, it makes most sense to do this. Not to mention it also modifies the pom.