Announcement Announcement Module
Collapse
No announcement yet.
use RC2 where is SecurityEnforcementFilter ?? Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • use RC2 where is SecurityEnforcementFilter ??

    I use RC2 but I found that there is no org.acegisecurity.intercept.web.SecurityEnforcemen tFilter
    at all??
    And i use exceptionTranslationFilter to redirect to login url
    but after i complete i find that the acegisecurity doesn't work..
    I define
    <property name="objectDefinitionSource">
    <value>CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISO N
    PATTERN_TYPE_APACHE_ANT
    /index.htm=ROLE_ADMIN
    </value>
    </property>

    but i still can access index.htm without login..
    when i go to the login.jsp page and click login..
    it always return an 404 error
    The requested resource (/TestAcegi/j_acegi_security_check) is not available.
    It seem that the acegi security completely doesn't work........

    <code>
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">

    <beans>

    <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager ">
    <property name="providers">
    <list>
    <ref bean="daoAuthenticationProvider" />
    </list>
    </property>
    </bean>


    <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheMa nagerFactoryBean" />

    <bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFa ctoryBean">
    <property name="cacheManager">
    <ref local="cacheManager" />
    </property>
    <property name="cacheName">
    <value>userCache</value>
    </property>
    </bean>

    <bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCac heBasedUserCache">
    <property name="cache">
    <ref local="userCacheBackend" />
    </property>
    </bean>

    <bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.Md5Pas swordEncoder" />

    <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContex tIntegrationFilter"></bean>

    <!-- Note the order that entries are placed against the objectDefinitionSource is critical.
    The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
    Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
    <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecur ityInterceptor">
    <property name="authenticationManager">
    <ref bean="authenticationManager" />
    </property>
    <property name="accessDecisionManager">
    <ref local="httpRequestAccessDecisionManager" />
    </property>
    <property name="objectDefinitionSource">
    <value>CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISO N
    PATTERN_TYPE_APACHE_ANT
    /index.htm=ROLE_ADMIN</value>
    </property>
    </bean>

    <bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
    <property name="allowIfAllAbstainDecisions">
    <value>false</value>
    </property>
    <property name="decisionVoters">
    <list>
    <ref bean="roleVoter" />
    </list>
    </property>
    </bean>

    <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter">
    <property name="rolePrefix">
    <value>ROLE_</value>
    </property>
    </bean>


    <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationP rocessingFilter">
    <property name="authenticationManager">
    <ref bean="authenticationManager" />
    </property>
    <property name="authenticationFailureUrl">
    <value>/loginFailed.html</value>
    </property>
    <property name="defaultTargetUrl">
    <value>/</value>
    </property>
    <property name="filterProcessesUrl">
    <value>/j_acegi_security_check</value>
    </property>
    </bean>

    <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
    <property name="filterInvocationDefinitionSource">
    <value>CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISO N PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,authenticat ionProcessingFilter,exceptionTranslationFilter</value>
    </property>
    </bean>

    <bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemo ryDaoImpl">
    <property name="userMap">
    <value>admin=admin,ROLE_ADMIN fenix=fenix,ROLE_USER</value>
    </property>
    </bean>

    <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFi lter">
    <property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>
    </bean>




    <bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationP rocessingFilterEntryPoint">
    <property name="loginFormUrl">
    <value>/login.jsp</value>
    </property>
    <property name="forceHttps">
    <value>false</value>
    </property>
    </bean>

    <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenti cationProvider">
    <property name="userDetailsService">
    <ref bean="inMemoryDaoImpl" />
    </property>

    </bean>

    <!-- View Resolver definition -->
    <bean id="xmlViewResolver"
    class="org.springframework.web.servlet.view.XmlVie wResolver">
    <property name="location">
    <value>/WEB-INF/view-servlet.xml</value>
    </property>
    </bean>

    <bean id="simpleUrlMapping"
    class="org.springframework.web.servlet.handler.Sim pleUrlHandlerMapping">
    <property name="mappings">
    <props>
    <prop key="/index.htm">indexController</prop>
    </props>
    </property>
    </bean>

    <bean id="indexController"
    class="springweb.controller.IndexController">
    <property name="greeting">
    <value>Welcome to the Demo App!!</value>
    </property>
    </bean>

    </beans>

    </code>

  • #2
    There are some name changes and relocations of classes (yes, even between RC's...) Read more here: http://acegisecurity.org/upgrade/upgrade-090-100.html

    /Per

    Comment


    • #3
      There is no FilterSecurityInterceptor in your FilterChainProxy. See 1.0.0 RC2's Contacts Sample for a guide and also the release notes mentioned.

      Comment

      Working...
      X