Announcement Announcement Module
Collapse
No announcement yet.
authorities deletion, why?? Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • authorities deletion, why??

    Hi,

    when acegi authenticates and authorized the user, i allways get the log messages that the user authorities where deletet and then inserted, but why ??

    deleting and then inserting this is unnecessary imo,

    thanks,
    yours sincerely gideon

    Code:
    Hibernate: select user0_.id as id0_, ...
    LN tester
    LN [de.sl.mv.model.user.User@a97f68]
    LN 1
    Hibernate: select authoritie0_.user_id as user1_0_, authoritie0_.authority as authority0_ from user_authorities authoritie0_ where authoritie0_.user_id=?
    2006-05-09 14:13:01,203 WARN [org.acegisecurity.event.authentication.LoggerListener] - <Authentication event AuthenticationSuccessEvent: tester; details: org.acegisecurity.ui.WebAuthenticationDetails@fffd148a: RemoteIpAddress: 127.0.0.1; SessionId: 8D409E73C9737D6D6E2092F0093EDAB4>
    2006-05-09 14:13:01,203 WARN [org.acegisecurity.event.authentication.LoggerListener] - <Authentication event InteractiveAuthenticationSuccessEvent: tester; details: org.acegisecurity.ui.WebAuthenticationDetails@fffd148a: RemoteIpAddress: 127.0.0.1; SessionId: 8D409E73C9737D6D6E2092F0093EDAB4>
    Hibernate: delete from user_authorities where user_id=? and authority=?
    Hibernate: insert into user_authorities (user_id, authority) values (?, ?)
    Hibernate: insert into user_authorities (user_id, authority) values (?, ?)

  • #2
    I don't think we have any hibernate support for loading authorities, so it seems unlikely that Acegi is responsible for the deletions and inserts... Perhaps you could explain where those calls made from?

    Comment


    • #3
      Hi,

      ok i can't see something in my code which will explian the deletetions, because my code extends acegi i suspect that acegi do this.

      i only have this problem with the userAuthorization, all other hibernateCalls on any objects etc works as they should.

      i can't explain why the authorities where first delete here????
      maybe you will find something

      thanks
      ys Gideon

      here is my code:


      UserDetails:

      Code:
      
      import java.io.Serializable;
      import java.util.Date;
      import java.util.HashSet;
      import java.util.Set;
      
      import de.sl.mv.model.picture.Picture;
      import de.sl.mv.model.picture.PictureLibrary;
      import de.sl.mv.model.picture.SharedPictureLibrary;
      
      import org.acegisecurity.userdetails.UserDetails;
      
      /**
       * @author Gideon
       *
       */
      public class User implements Serializable, UserDetails{
      
          /**
           * 
           */
          private static final long serialVersionUID = -6617635886317069163L;
      
          private int id;
          
          private String name;// = new String("");
          private String surname;//  = new String("");
          private String email;//  = new String("");
          private String loginName;
          private String password;//  = new String("");
          private Address address = new Address();
          private Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
          
      
          public String getPassword() {
              return this.password;
          }
          public void setPassword(String password) {
              this.password = password;
          }
      
          /* (non-Javadoc)
           * @see org.acegisecurity.userdetails.UserDetails#isAccountNonExpired()
           */
          public boolean isAccountNonExpired() {
              // TODO Auto-generated method stub
              return true;
          }
          /* (non-Javadoc)
           * @see org.acegisecurity.userdetails.UserDetails#isAccountNonLocked()
           */
          public boolean isAccountNonLocked() {
              // TODO Auto-generated method stub
              return true;
          }
          
          /* (non-Javadoc)
           * @see org.acegisecurity.userdetails.UserDetails#getAuthorities()
           */
          public GrantedAuthority[] getAuthorities() {
              return this.authorities.toArray(new GrantedAuthority[] {});
          }
          
          public void  setAuthoritiesInternal(Set<GrantedAuthority> authorities) {
              this.authorities = authorities;
          }
          
          /* (non-Javadoc)
           * @see org.acegisecurity.userdetails.UserDetails#getAuthorities()
           */
          public Set<GrantedAuthority> getAuthoritiesInternal() {
              return this.authorities;
          }
          
          public void addGrantedAuthority(GrantedAuthority grantedAuthority)
          {
              this.authorities.add(grantedAuthority);
          }
          
          /* (non-Javadoc)
           * @see org.acegisecurity.userdetails.UserDetails#isCredentialsNonExpired()
           */
          public boolean isCredentialsNonExpired() {
              return true;
          }
          /* (non-Javadoc)
           * @see org.acegisecurity.userdetails.UserDetails#isEnabled()
           */
          public boolean isEnabled() {
              return true;
          }
          /* (non-Javadoc)
           * @see org.acegisecurity.userdetails.UserDetails#getUsername()
           */
          public String getUsername() {
              return this.loginName;
          }
      }
      GrantedAuthority:

      Code:
      import java.io.Serializable;
      
      /**
       * @author Gideon
       *
       */
      public class GrantedAuthority implements org.acegisecurity.GrantedAuthority, Serializable {
      
          /**
           * 
           */
          private static final long serialVersionUID = -9048883578631674344L;
          private String authority;
          
          public void setAuthority(String authority)
          {
              this.authority = authority;
          }
          /* (non-Javadoc)
           * @see org.acegisecurity.GrantedAuthority#getAuthority()
           */
          public String getAuthority() {
              return this.authority;
          }
      
      }
      here is my HibernateDao:

      Code:
      /* (non-Javadoc)
           * @see org.acegisecurity.userdetails.UserDetailsService#loadUserByUsername(java.lang.String)
           */
          public UserDetails loadUserByUsername(String loginName) throws UsernameNotFoundException, DataAccessException {
              Collection col = getHibernateTemplate().find("from User user where user.loginName like ?", loginName);
              if (col.isEmpty())
                  return new User();
              else
              {
                  return (User)col.iterator().next();
              }
          }

      and here is my Hibernatemapping:

      Code:
      <class name="de.sl.mv.model.user.User" table="users">
      			<id name="id" column="id" unsaved-value="0">
      				<generator class="identity" />
      			</id>
      			<property name="name" column="name" />
      			<property name="surname" column="surname" />
      			<property name="telefon" column="telefon" />
      			<property name="loginName" column="loginName"  unique="true"/>
      			<property name="password" column="password" />
      			
      		    <component name="address" class="de.sl.mv.model.user.Address">
      		        <property name="city" column="city"/>
      		        <property name="housenumber" column="housenumber"/>
      		        <property name="plz" column="plz"/>
      		        <property name="street" column="street"/>
      		    </component>
      		    <set name="authoritiesInternal" lazy="true" table="user_authorities">
      		       	<key column="user_id"/>
      		       	<composite-element class="de.sl.mv.model.user.GrantedAuthority">
      		    		<property name="authority" column="authority" not-null="true"/>
      		    	</composite-element>		    	
      		    </set>
      			
      			
      			
      
      		</class>

      Comment

      Working...
      X