Announcement Announcement Module
Collapse
No announcement yet.
Need Sample JdbcDaoImpl Application Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Need Sample JdbcDaoImpl Application

    Hello friends

    I am pretty new to this part of Spring. I am now trying to learn how to implement acegi security in a login jsp page. I got a sample program for login using InMemoryDaoImpl. Now I would like to migrate to JdbcDaoImpl.Can anyone send me sample program which uses JdbcDaoImpl and help me.

    Thanks in advance
    Bala

  • #2
    The Contacts Sample which ships with Acegi Security shows how to use JDBC authentication. You basically just inject the JDBC provider into your DaoAuthenticationProvider, instead of the in-memory provider.

    Comment


    • #3
      I *just* did this

      Hey bacha,

      Check out http://hispacta.blogspot.com and look at my last 2 posts on how to convert from inMemoryDaoImpl to jdbcDaoImpl.

      Note that in my situation, the AuthenticationManager is provided as a web service, so there might be some slight differences.

      Email me at [email protected] if you need more help.

      Comment


      • #4
        Doubt

        Hello Friends

        As I told you earlier I was working to convert the inMemory application I downloaded from web to Jdbc. The inMemory samples applicationContext.xml file has the following codes


        <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderMana ger">
        <property name="providers">
        <list>
        <ref bean="daoAuthenticationProvider"/>
        <ref local="anonymousAuthenticationProvider"/>
        </list>
        </property>
        </bean>

        <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthe nticationProvider">
        <property name="authenticationDao">
        <ref local="memoryAuthenticationDao"/>
        </property>
        </bean>

        <bean id="memoryAuthenticationDao" class="net.sf.acegisecurity.providers.dao.memory.I nMemoryDaoImpl">
        <property name="userMap">
        <value>mark=java,ROLE_ADMIN,ROLE_USER</value>
        </property>
        </bean>


        They are specifying that the username=mark and his passowrd is java.

        Should I inject the dataSource along with my query into the place where they have hardcoded the username and password. Is that all the change I should make? Or should I make anymore changes to migrate from inMemeory to Jdbc?
        Can you spend some time for me if I send you the sample program or post it somewhere?

        Thanx in advance
        Bala

        Comment


        • #5
          Switch out the provider

          Hi Bala,

          In your "daoAuthenticationProvider" bean, change the property of the authenticationDao from "memoryAuthenticationDao" to "jdbcDaoImpl"

          Then add this bean to your configuration:

          Code:
          	<bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
          		<property name="dataSource"><ref bean="yourDataSource"/></property>
          	</bean>
          Then define the "yourDataSource" bean. For example, you might have something like this:

          Code:
              <bean id="yourDataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
                  <property name="driverClassName">
                      <value>org.hsqldb.jdbcDriver</value>
                  </property>
                  <property name="url">
                      <value>jdbc:hsqldb:mem:contacts</value>
                  </property>
                  <property name="username">
                      <value>sa</value>
                  </property>
                  <property name="password">
                      <value></value>
                  </property>
              </bean>
          Inside that dataSource, Acegi is going to expect to be able to run these 2 SQL queries to get the username, password and granted authorities. If your database schema already exists and/or you don't like this schema, you can override what SQL statements Acegi uses (check out hispacta.blogspot.com for an example of what I had to do).

          Anyway, the 2 SQL queries Acegi is expecting to run are:

          1) DEF_USERS_BY_USERNAME_QUERY = "SELECT username,password,enabled FROM users WHERE username = ?";

          2) DEF_AUTHORITIES_BY_USERNAME_QUERY = "SELECT username,authority FROM authorities WHERE username = ?";

          Does this make sense?

          Comment


          • #6
            Filters

            Hello

            As you said I changed the code according to the steps you showed in the blog. The original example had

            Code:
              <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
                  <property name="authenticationDao">
                     <ref local="memoryAuthenticationDao"/>
                  </property>
               </bean>
               
               <bean id="memoryAuthenticationDao" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
                  <property name="userMap">
                    <value>mark=password,ROLE_ADMIN,ROLE_USER</value>
                  </property>
               </bean>
            now I changed it to

            Code:
            <bean id="jdbcAuthenticationDao" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
            		<property name="dataSource">
            			<ref bean="dataSource" />
            		</property>
            		<property name="usersByUsernameQuery">
            			<value>Select login, password FROM student WHERE login=?</value>
            		</property>
            		<property name="authoritiesByUsernameQuery">
            			<value>SELECT login,authority FROM authorities WHERE login = ?</value>
            		</property>
            	</bean>

            now in the original program they have declared a SecurityEnforcementFilter bean like

            Code:
            <bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
                  <property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
                  <property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>
               </bean>
            The FilterSecurityInterceptor is defined as

            Code:
              <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
                  <property name="authenticationManager"><ref bean="authenticationManager"/></property>
                  <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
                  <property name="objectDefinitionSource">
                     <value>
            			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
            			    PATTERN_TYPE_APACHE_ANT
            			    /acegilogin.jsp*=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
            			    /secured*=ROLE_ADMIN
            			    /**=ROLE_USER
                     </value>
                  </property>
               </bean>
            and the AuthenticationProcessingFilterEntryPoint as following


            Code:
             <bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                  <property name="loginFormUrl"><value>/acegilogin.jsp</value></property>
                  <property name="forceHttps"><value>false</value></property>
              </bean>
            now the problem I face is that net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter has been replaced by org.acegisecurity.ui.ExceptionTranslationFilter and it does not accept a FilterSecurityInterceptor. So what changes should I make in the old code to run the code.

            And also can you please suggest what are all the other changes I should make to make it up and running.

            Please take a look at the original applicationContext.xml and modified applicationContext.xml and suggest me what changes should I make.

            Thanks in advance
            Bala

            Comment


            • #7
              Acegi Jdbc authentication

              I can't loggon with jdbc acegi authentication from acegi sourceforge. Is there someone have a simple tutorial to this...

              Comment


              • #8
                The Contacts Sample which ships with Acegi Security uses JDBC authentication. Try looking there.

                Comment


                • #9
                  Hello Bala

                  I viewed both your xml files. Couldn't figure out anything wrong. Your application must work.

                  Comment

                  Working...
                  X