Announcement Announcement Module
Collapse
No announcement yet.
Tutorial / Examples at your disposal Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Tutorial / Examples at your disposal

    Hello,

    1. Acegi is indeed a versatile, very flexible, but/and/though complex security framework.
    IMHO, the reference documentation is *almost* out of reach for newcomers, and the reference contacts example *absolutely* out of reach. Both are however absolutely necessary: we have to have a reference doc and a reference example.
    The reference doc (parts of it) is alas out of sync with the API, for instance *SecurityEnforcementFilter* is still used throughout the doc while it no longer exists.

    2. To further promote Acegi in my organisation I had to write a tutorial intended to newcomers. Currently I have two contrived samples working with Acegi 1.0: "ATI-Acegi-Web1" and "ATI-Acegi-Method1". I plan to add a sample featuring ACLs, and extending these basic samples with more advanced features later on.

    "ATI-Acegi-Web1" features the simplest web app:
    - URLs are protected via FilterSecurityInterceptor
    - Authentication is performed the simplest way via InMemoryDaoImpl in the config file

    "ATI-Acegi-Method1" features the simplest sample to protect methods:
    - Methods are protected via MethodSecurityInterceptor
    - Authentication is performed via InMemoryDaoImpl

    Please find attached these 2 samples without the JARs (which are listed in WEB-INF\lib\README.txt and available in the contacts sample).
    Nota: Although "ATI-Acegi-Method1" is not a web application, the JARs are kept in WEB-INF\lib as well, so that I may use the same "build.xml" file for both samples.
    - [ati-acegi-web1-1.0-nolib.zip] contains the deployed webapp
    - [ati-acegi-method1-src-1.0-nolib.zip] contains the Java classes and TestCase to protect methods.

    Currently the explanation of these samples is in... French.
    Should you be interested in it, I might export my Confluence (excellent wiki!) pages to PDF or HTML.
    The samples are however so contrived that one could easily do without further explanation.

    If I someone is interested in hosting the samples, I might provide the (small) Eclipse projects also.

    Hope this help.
    Cheers,

    -- Savrak

  • #2
    Thanks for putting together the examples as I'm sure people will find them useful. It's nice to see someone taking action to help out (rather than just generally moaning, as some seem to do) .

    Originally posted by Savrak

    The reference doc (parts of it) is alas out of sync with the API, for instance *SecurityEnforcementFilter* is still used throughout the doc while it no longer exists.
    At least this should no longer be the case, as I removed any references to SecurityEnforcementFilter yesterday. If anyone has any other specific issues with the reference docs then please post an issue in Jira.

    Comment


    • #3
      Would you mind adding this to JIRA and I will be pleased to put it into the Acegi Security codebase to help newcomers.

      Comment


      • #4
        thanks Savrak

        Your examples was just what I needed.
        SecurityEnforcementFilter was driving me nuts!

        I suggest making sure his examples are easily accessible from the main site.
        Most of the links to tutorials from the site reference an older version of acegi.

        Comment


        • #5
          Updating to Spring 2.0.2

          This example works with Spring 1.2.8.

          If I update the example in this post to Spring 2.0.2, and place a file called readme.txt in the secure directory, I get the behavior exhibited here:

          http://forum.springframework.org/showthread.php?t=36263

          I believe this is problem related to the new scopes that Spring 2.0.2 introduced. Does anyone have a working spring config file for acegi security (applicationContext-acegi-security.xml) that works with Spring 2.0.2?

          Thanks.

          Comment


          • #6
            I'm running the example with Spring 2.x. I'm not seeing the problems you are describing.

            Comment


            • #7
              Karl, thanks for the reply. Are you running it from Tomcat or Jetty?

              I see these problems on Websphere. I believe it's a problem related to the plugin between Apache and Websphere. But it seemed to work fine under 1.2.8 of Spring.

              We've been troubleshooting this one for a while, but I will revisit it.

              Comment


              • #8
                I was running it on Tomcat but I've just tried it on Jetty before and didn't see any problems. I would think your hunch is right.

                Comment


                • #9
                  Issue resolved

                  We resolved this issue. It turns out that it was a configuration parameter in the Websphere Plugin related to the edge caching service that we didn't know about that was causing the problem.

                  Comment


                  • #10
                    Example Webapp - Mavenized

                    I've taken the example webapp and created a pom that will pull down the required dependencies for the application automatically.

                    Just run:
                    Code:
                    mvn install
                    to build the war file which will show up in the target directory.

                    If you want to import it into eclipse, run:
                    Code:
                    mvn eclipse:eclipse -Dwtpversion=1.5 -DdownloadSources=true
                    Have Fun

                    Comment

                    Working...
                    X