Announcement Announcement Module
Collapse
No announcement yet.
Need Sample JdbcDaoImpl Application Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Need Sample JdbcDaoImpl Application

    Hello friends

    I am pretty new to this part of Spring. I am now trying to learn how to implement acegi security in a login jsp page. I got a sample program for login using InMemoryDaoImpl. Now I would like to migrate to JdbcDaoImpl.Can anyone send me sample program which uses JdbcDaoImpl and help me.

    Thanks in advance
    Bala

  • #2
    The Contacts Sample which ships with Acegi Security shows how to use JDBC authentication. You basically just inject the JDBC provider into your DaoAuthenticationProvider, instead of the in-memory provider.

    Comment


    • #4
      Doubt

      Hello Friends

      As I told you earlier I was working to convert the inMemory application I downloaded from web to Jdbc. The inMemory samples applicationContext.xml file has the following codes


      <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderMana ger">
      <property name="providers">
      <list>
      <ref bean="daoAuthenticationProvider"/>
      <ref local="anonymousAuthenticationProvider"/>
      </list>
      </property>
      </bean>

      <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthe nticationProvider">
      <property name="authenticationDao">
      <ref local="memoryAuthenticationDao"/>
      </property>
      </bean>

      <bean id="memoryAuthenticationDao" class="net.sf.acegisecurity.providers.dao.memory.I nMemoryDaoImpl">
      <property name="userMap">
      <value>mark=java,ROLE_ADMIN,ROLE_USER</value>
      </property>
      </bean>


      They are specifying that the username=mark and his passowrd is java.

      Should I inject the dataSource along with my query into the place where they have hardcoded the username and password. Is that all the change I should make? Or should I make anymore changes to migrate from inMemeory to Jdbc?
      Can you spend some time for me if I send you the sample program or post it somewhere?

      Thanx in advance
      Bala

      Comment


      • #5
        Switch out the provider

        Hi Bala,

        In your "daoAuthenticationProvider" bean, change the property of the authenticationDao from "memoryAuthenticationDao" to "jdbcDaoImpl"

        Then add this bean to your configuration:

        Code:
        	<bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
        		<property name="dataSource"><ref bean="yourDataSource"/></property>
        	</bean>
        Then define the "yourDataSource" bean. For example, you might have something like this:

        Code:
            <bean id="yourDataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
                <property name="driverClassName">
                    <value>org.hsqldb.jdbcDriver</value>
                </property>
                <property name="url">
                    <value>jdbc:hsqldb:mem:contacts</value>
                </property>
                <property name="username">
                    <value>sa</value>
                </property>
                <property name="password">
                    <value></value>
                </property>
            </bean>
        Inside that dataSource, Acegi is going to expect to be able to run these 2 SQL queries to get the username, password and granted authorities. If your database schema already exists and/or you don't like this schema, you can override what SQL statements Acegi uses (check out hispacta.blogspot.com for an example of what I had to do).

        Anyway, the 2 SQL queries Acegi is expecting to run are:

        1) DEF_USERS_BY_USERNAME_QUERY = "SELECT username,password,enabled FROM users WHERE username = ?";

        2) DEF_AUTHORITIES_BY_USERNAME_QUERY = "SELECT username,authority FROM authorities WHERE username = ?";

        Does this make sense?

        Comment


        • #6
          Filters

          Hello

          As you said I changed the code according to the steps you showed in the blog. The original example had

          Code:
            <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
                <property name="authenticationDao">
                   <ref local="memoryAuthenticationDao"/>
                </property>
             </bean>
             
             <bean id="memoryAuthenticationDao" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
                <property name="userMap">
                  <value>mark=password,ROLE_ADMIN,ROLE_USER</value>
                </property>
             </bean>
          now I changed it to

          Code:
          <bean id="jdbcAuthenticationDao" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
          		<property name="dataSource">
          			<ref bean="dataSource" />
          		</property>
          		<property name="usersByUsernameQuery">
          			<value>Select login, password FROM student WHERE login=?</value>
          		</property>
          		<property name="authoritiesByUsernameQuery">
          			<value>SELECT login,authority FROM authorities WHERE login = ?</value>
          		</property>
          	</bean>

          now in the original program they have declared a SecurityEnforcementFilter bean like

          Code:
          <bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
                <property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
                <property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>
             </bean>
          The FilterSecurityInterceptor is defined as

          Code:
            <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
                <property name="authenticationManager"><ref bean="authenticationManager"/></property>
                <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
                <property name="objectDefinitionSource">
                   <value>
          			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
          			    PATTERN_TYPE_APACHE_ANT
          			    /acegilogin.jsp*=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
          			    /secured*=ROLE_ADMIN
          			    /**=ROLE_USER
                   </value>
                </property>
             </bean>
          and the AuthenticationProcessingFilterEntryPoint as following


          Code:
           <bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                <property name="loginFormUrl"><value>/acegilogin.jsp</value></property>
                <property name="forceHttps"><value>false</value></property>
            </bean>
          now the problem I face is that net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter has been replaced by org.acegisecurity.ui.ExceptionTranslationFilter and it does not accept a FilterSecurityInterceptor. So what changes should I make in the old code to run the code.

          And also can you please suggest what are all the other changes I should make to make it up and running.

          Please take a look at the original applicationContext.xml and modified applicationContext.xml and suggest me what changes should I make.

          Thanks in advance
          Bala

          Comment


          • #7
            Acegi Jdbc authentication

            I can't loggon with jdbc acegi authentication from acegi sourceforge. Is there someone have a simple tutorial to this...

            Comment


            • #8
              The Contacts Sample which ships with Acegi Security uses JDBC authentication. Try looking there.

              Comment


              • #9
                Hello Bala

                I viewed both your xml files. Couldn't figure out anything wrong. Your application must work.

                Comment

                Working...
                X