Announcement Announcement Module
Collapse
No announcement yet.
Rich client example Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Rich client example

    Hello, I have seen that rich client are fully supported.

    "Client-server rich clients are also fully supported. In the client-side application context a RemoteAuthenticationManager is configured. This RemoteAuthenticationManager receives Authentication request objects and passes the contained username and password to a corresponding server-side web service. The server-side web service then builds a new Authentication request object containing the passed username and password, before passing it to a server-side AuthenticationManager. If successful, a list of GrantedAuthoritys is passed back to the RemoteAuthenticationManager. This allows the rich client to make authorization decisions such as the visibility of GUI actions. The rich client will also typically set each remoting proxy factory with the validated username and password."

    We develop a distributed application with hibernate and spring in a tomcat environnement, and the client part is in swing. The remoting protocol is http-invoker . Is there a simple hello world login example with spring anywhere.

    Is that kind of configuration with servlet filter is suitable for remote login?
    If yes, how can we check exceptions rather than to redirect to an url?


    applicationcontext.xml
    Code:
     <bean id="memoryAuthenticationDao" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
            <property name="userMap">
                <value>
                matthew=contegix,ROLE_ADMIN
                </value>
            </property>
        </bean>
        <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
            <property name="authenticationDao">
                <ref local="memoryAuthenticationDao"/>
            </property>
        </bean>
        <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
            <property name="providers">
                <list>
                    <ref bean="daoAuthenticationProvider"/>
                </list>
            </property>
        </bean>
    
        <bean id="authenticationProcessingFilter" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
            <property name="authenticationManager">
                <ref bean="authenticationManager"/>
            </property>
            <property name="authenticationFailureUrl">
                <value>/login.jsp?error=1</value>
            </property>
            <property name="defaultTargetUrl">
                <value>/</value>
            </property>
            <property name="filterProcessesUrl">
                <value>/j_acegi_security_check</value>
            </property>
        </bean>

    web.xml
    Code:
    <filter>
            <filter-name>SecurityFilter</filter-name>
            <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
            <init-param>
                <param-name>targetClass</param-name>
                <param-value>
            net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter
                </param-value>
            </init-param>
        </filter>
    
        <filter-mapping>
            <filter-name>SecurityFilter</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
    Thank you

  • #2
    This thread gives a bit more of an overview: http://forum.springframework.org/showthread.php?t=11638.

    Also see http://forum.springframework.org/showthread.php?t=12155.

    Together I think you'll find these threads are what you need. :-)
    Last edited by robyn; May 19th, 2006, 06:24 AM.

    Comment


    • #3
      Ok thank you for you answer ben. I'm now on a better way.
      The authentication process works know but only when i make a direct call to RemoteAuthenticationManager.
      Here is my test code
      Code:
      public class RemoteLoginTest extends TestCase &#123;
          private static Logger logger = Logger.getLogger&#40;RemoteLoginTest.class.getName&#40;&#41;&#41;;
          private final static String CTX = "be/fgov/caamihziv/mdf/usermanagement/service/" +
                                                "clientContext.xml";
           public void testRemoteLogin&#40;&#41;&#123;
              ClassPathXmlApplicationContext ctx;
              ctx = new ClassPathXmlApplicationContext&#40;CTX&#41;;
              AuthenticationManager authenticationManager=&#40;AuthenticationManager&#41;    ctx.getBean&#40;"authenticationManager"&#41;;
              UsernamePasswordAuthenticationToken request=new UsernamePasswordAuthenticationToken&#40;"marissa","koala"&#41;;
              try&#123;
                  Authentication result=authenticationManager.authenticate&#40;request&#41;;
              &#125;catch&#40;AuthenticationException an&#41;&#123;
                  an.printStackTrace&#40;&#41;;
              &#125;
          &#125;
      
      &#125;
      and the client context
      Code:
      <beans>
      
           <!--ACEGY CONFIGURATION-->
          <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
              <property name="providers">
                  <list>
                      <ref bean="remoteAuthenticationProvider"/>
                  </list>
              </property>
          </bean>
      
          <bean id="remoteAuthenticationProvider" class="net.sf.acegisecurity.providers.rcp.RemoteAuthenticationProvider">
              <property name="remoteAuthenticationManager">
                  <ref bean="remoteAuthenticationManager"/>
              </property>
          </bean>
      
          <bean id="remoteAuthenticationManager" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
              <property name="serviceInterface">
                  <value>net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManager</value>
              </property>
              <property name="serviceUrl">
                  <value>http&#58;//localhost&#58;8080/MDF/remoting/RemoteAuthenticationManager</value>
              </property>
              <property name="httpInvokerRequestExecutor">
                   <ref bean="authenticationRequestExecutor"/>
              </property>
          </bean>
      
          <bean id="authenticationRequestExecutor" class="net.sf.acegisecurity.ui.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor"></bean>
          <!--END OF ACEGI CONFIGURATION-->
      
          <bean id="group" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
              <property name="serviceUrl">
                  <value>http&#58;//localhost&#58;8080/MDF/remoting/GroupService-hessian</value>
              </property>
              <property name="serviceInterface">
                  <value>be.fgov.caamihziv.mdf.usermanagement.service.GroupService</value>
              </property>        
          </bean>
      </beans>
      But when I make a remote cal on group i would expect an exception if i did not login before. Well this is not the case, i still can make remote call on the group bean. Like if my filter did not catch the request. I supose it's a little configuration issue but as I'm not realy used to servlet help would be nice.

      Here are my server config files :

      web.xml

      Code:
      <context-param>
        <param-name>log4jConfigLocation</param-name>
        <param-value>classpath&#58;/log4j.properties</param-value>
      	</context-param>
      
      	<!--
      	  - Location of the XML file that defines the root application context.
      	  - Applied by ContextLoaderServlet.
      		-
      		- Can be set to "/WEB-INF/applicationContext-hibernate.xml" for the Hibernate
      		- implementation, "/WEB-INF/applicationContext-ojb.xml" for the Apache OJB one,
      		- or "/WEB-INF/applicationContext-jdbc.xml" for the JDBC one.
      	  -->
      	<context-param>
      		<param-name>contextConfigLocation</param-name>
      		<param-value>classpath&#58;/applicationContext.xml</param-value>
      	</context-param>
      
      	<!--
      	  - Loads the root application context of this web app at startup,
      	  - by default from "/WEB-INF/applicationContext.xml".
      		- Note that it is preferable to use ContextLoaderListener in a servlet container
      		- that follows the Servlet 2.4 initialization order &#40;many Servlet 2.3 containers do&#41;.
      		-
      	  - Use WebApplicationContextUtils.getWebApplicationContext&#40;servletContext&#41;
      	  - to access it anywhere in the web application, outside of the framework.
      	  -
      	  - The root context is the parent of all servlet-specific contexts.
      	  - This means that its beans are automatically available in these child contexts,
      	  - both for getBean&#40;name&#41; calls and &#40;external&#41; bean references.
          -->
          <!--ACEGI CONFIGURATION-->
            <filter>
                 <filter-name>Acegi_HTTP_BASIC_Authorization_Filter</filter-name>
                 <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
                 <init-param>
                   <param-name>targetClass</param-name>
                   <param-value>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</param-value>
                 </init-param>
               </filter>
      
               <filter>
                 <filter-name>Acegi_Security_System_for_Spring_HttpSession_Integration_Filter</filter-name>
                 <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
                 <init-param>
                   <param-name>targetClass</param-name>
                   <param-value>net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter</param-value>
                 </init-param>
                </filter>
      
         <!--  <filter>
              <filter-name>Acegy_http_request_security_filter</filter-name>
              <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
              <init-param>
                   <param-name>targetClass</param-name>
                   <param-value>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</param-value>
              </init-param>
          </filter>-->
      
               <filter-mapping>
                 <filter-name>Acegi_HTTP_BASIC_Authorization_Filter</filter-name>
                 <url-pattern>/*</url-pattern>
               </filter-mapping>
      
               <filter-mapping>
                 <filter-name>Acegi_Security_System_for_Spring_HttpSession_Integration_Filter</filter-name>
                 <url-pattern>/*</url-pattern>
               </filter-mapping>
      
        <!--    <filter-mapping>
                 <filter-name>Acegy_http_request_security_filter</filter-name>
                 <url-pattern>/*</url-pattern>
               </filter-mapping> -->
      
           <!--END OF ACEGI CONFIGURATION-->
      
          <!-- Listener to initialize the spring application context -->
            <listener>
              <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
            </listener>
      
      
      
      	<!--<servlet>
      		<servlet-name>context</servlet-name>
      		<servlet-class>org.springframework.web.context.ContextLoaderServlet</servlet-class>
      		<load-on-startup>1</load-on-startup>
      	</servlet>-->
      
      	<!--
      		- Dispatcher servlet definition for HTTP remoting via Hessian, Burlap, and
      		- Spring's HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
      		-->
      	<servlet>
      		<servlet-name>remoting</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>20</load-on-startup>
       </servlet>
      
       <!--
        - Dispatcher servlet mapping for HTTP remoting via Hessian, Burlap, and
        - Spring's HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
        -->
       <servlet-mapping>
        <servlet-name>remoting</servlet-name>
        <url-pattern>/remoting/*</url-pattern>
       </servlet-mapping>
      
       <session-config>
        <session-timeout>10</session-timeout>
       </session-config>
      applicationcontext

      Code:
      <bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
              <property name="location">
                  <value>classpath&#58;/jdbc.properties</value>
              </property>
          </bean>
      
          <!--ACEGI CONFIGURATION-->
          <bean id="remoteAuthenticationManager" class="net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManagerImpl">
              <property name="authenticationManager">
                  <ref bean="authenticationManager"/>
              </property>
          </bean>
      
          <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
              <property name="providers">
                  <list>
                      <ref local="daoAuthenticationProvider"/>
                  </list>
              </property>
          </bean>
      
          <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
              <property name="authenticationDao">
                  <ref local="inMemoryDaoImpl"/>
              </property>
          </bean>
      
          <bean id="inMemoryDaoImpl" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
              <property name="userMap">
                  <value>
                      marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
                      dianne=emu,ROLE_TELLER
                      scott=wombat,ROLE_TELLER
                      peter=opal,disabled,ROLE_TELLER
                  </value>
              </property>
          </bean>
      
      
          <bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
              <property name="allowIfAllAbstainDecisions">
                  <value>false</value>
              </property>
              <property name="decisionVoters">
                  <list>
                      <ref local="roleVoter"/>
                  </list>
              </property>
          </bean>
      
          <bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
      
      
          <bean id="basicProcessingFilter" class="net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter">
              <property name="authenticationManager">
                  <ref local="authenticationManager"/>
              </property>
              <property name="authenticationEntryPoint">
                  <ref local="basicProcessingFilterEntryPoint"/>
              </property>
          </bean>
      
          <bean id="basicProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
              <property name="realmName">
                  <value>Contacts Realm</value>
              </property>
          </bean>
      
          <bean id="httpSessionIntegrationFilter" class="net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter"/>
          <!--<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter"/>-->
      
          <!--END OF ACEGI CONFIGURATION-->
      
      
          <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
              <property name="driverClassName">
                  <value>$&#123;jdbc.driverClassName&#125;</value>
              </property>
              <property name="url">
                  <value>$&#123;jdbc.url&#125;</value>
              </property>
              <property name="username">
                  <value>$&#123;jdbc.username&#125;</value>
              </property>
              <property name="password">
                  <value>$&#123;jdbc.password&#125;</value>
              </property>
          </bean>
      
          <bean id="sessionFactory" class="org.springframework.orm.hibernate.LocalSessionFactoryBean">
              <property name="dataSource">
                  <ref local="dataSource"/>
              </property>
              <property name="mappingResources">
                  <list>
                      <value>be/fgov/caamihziv/mdf/usermanagement/User.hbm.xml</value>
                      <value>be/fgov/caamihziv/mdf/usermanagement/Group.hbm.xml</value>
                      <value>be/fgov/caamihziv/mdf/usermanagement/RegionalOffice.hbm.xml</value>
                      <value>be/fgov/caamihziv/mdf/usermanagement/InsuranceAgency.hbm.xml</value>
                      <value>be/fgov/caamihziv/mdf/usermanagement/Member.hbm.xml</value>
                  </list>
              </property>
              <property name="hibernateProperties">
                  <props>
                      <prop key="hibernate.dialect">$&#123;hibernate.dialect&#125;</prop>
                      <prop key="hibernate.show_sql">true</prop>
                      <prop key="hibernate.hbm2ddl.auto">create-drop</prop>
                  </props>
              </property>
          </bean>
      
          <!-- Transaction manager for a single Hibernate SessionFactory &#40;alternative to JTA&#41; -->
          <bean id="transactionManager" class="org.springframework.orm.hibernate.HibernateTransactionManager">
              <property name="sessionFactory">
                  <ref local="sessionFactory"/>
              </property>
          </bean>
      
          <!--
      	    - A parent bean definition which is a base definition for transaction proxies.
      		- It is markes as abstract, since it is never supposed to be instantiated itself.
      		- We set shared transaction attributes here, following our naming patterns.
      		- The attributes can still be overridden in child bean definitions.
          -->
          <!-- <bean id="mdf" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
               <property name="transactionManager">
                   <ref local="transactionManager"/>
               </property>
               <property name="target">
                   <ref local="mdfTarget"/>
               </property>
               <property name="transactionAttributes">
                   <props>
                       <prop key="get*">PROPAGATION_REQUIRED,readOnly</prop>
                       <prop key="find*">PROPAGATION_REQUIRED,readOnly</prop>
                       <prop key="load*">PROPAGATION_REQUIRED,readOnly</prop>
                       <prop key="add*">PROPAGATION_REQUIRED</prop>
                   </props>
               </property>
           </bean>
      
           <bean id="mdfTarget" class="be.fgov.caamihziv.mdf.usermanagement.service.UserServiceImpl">
               <property name="sessionFactory">
                   <ref local="sessionFactory"/>
               </property>
           </bean>   -->
      
          <bean id="groupTarget" class="be.fgov.caamihziv.mdf.usermanagement.service.GroupServiceImpl">
              <property name="groupDao">
                  <ref local="groupDao"/>
              </property>
              <property name="userDao">
                  <ref local="userDao"/>
              </property>
              <property name="regionalOfficeDao">
                  <ref local="regionalOfficeDao"/>
              </property>
              <property name="insuranceAgencyDao">
                  <ref local="insuranceAgencyDao"/>
              </property>
              <property name="memberDao">
                  <ref local="memberDao"/>
              </property>
          </bean>
      
          <bean id="group" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
              <property name="transactionManager">
                  <ref local="transactionManager"/>
              </property>
              <property name="target">
                  <ref local="groupTarget"/>
              </property>
              <property name="transactionAttributes">
                  <props>
                      <prop key="get*">PROPAGATION_REQUIRED,readOnly</prop>
                      <prop key="find*">PROPAGATION_REQUIRED,readOnly</prop>
                      <prop key="load*">PROPAGATION_REQUIRED,readOnly</prop>
                      <prop key="del*">PROPAGATION_REQUIRED</prop>
                      <prop key="add*">PROPAGATION_REQUIRED</prop>
                      <prop key="upd*">PROPAGATION_REQUIRED</prop>
                      <prop key="login">PROPAGATION_REQUIRED,readOnly</prop>
                  </props>
              </property>
          </bean>
      
          <bean id="groupDao" class="be.fgov.caamihziv.mdf.usermanagement.service.GroupDaoImpl">
              <property name="sessionFactory">
                  <ref local="sessionFactory"/>
              </property>
          </bean>
          <bean id="userDao" class="be.fgov.caamihziv.mdf.usermanagement.service.UserDaoImpl">
              <property name="sessionFactory">
                  <ref local="sessionFactory"/>
              </property>
          </bean>
      
          <bean id="regionalOfficeDao" class="be.fgov.caamihziv.mdf.usermanagement.service.RegionalOfficeDaoImpl">
              <property name="sessionFactory">
                  <ref local="sessionFactory"/>
              </property>
          </bean>
          <bean id="insuranceAgencyDao" class="be.fgov.caamihziv.mdf.usermanagement.service.InsuranceAgencyDaoImpl">
              <property name="sessionFactory">
                  <ref local="sessionFactory"/>
              </property>
          </bean>
          <bean id="memberDao" class="be.fgov.caamihziv.mdf.usermanagement.service.MemberDaoImpl">
              <property name="sessionFactory">
                  <ref local="sessionFactory"/>
              </property>
          </bean>
      remote-servlet

      Code:
      <beans>
      
           <!--HTTPEXPORTER for the usermanagement service -->
          <bean name="/GroupService-hessian" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
        <property name="service"><ref bean="group"/></property>
        <property name="serviceInterface">
         <value>be.fgov.caamihziv.mdf.usermanagement.service.GroupService</value>
        </property>
       </bean>
          <!--HTTPEXPORTER for the loing-->
          <bean name="/RemoteAuthenticationManager" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
              <property name="service"><ref bean="remoteAuthenticationManager"/></property>
              <property name="serviceInterface"><value>net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManager</value></property>
          </bean>
      </beans>
      I have seen in the doc that SecurityEnforcementFilter is necessary because it provides the bridge between incoming requests and the FilterSecurityInterceptor instance.

      Is this my problem?? And if yes what should I specify at authenticationEntrypoint ??
      Thank you in advance for this and your great job

      Comment


      • #4
        You need to move your httpInvokerRequestExecutor out of the remoteAuthenticationManager bean and into your "group" bean. You'll add that httpInvokerRequestExecutor property to any subsequent HttpInvokerProxyFactoryBean instances you create as well.

        The call to the RemoteAuthenticationManager is done insecure, meaning you do not want to override the httpInokerRequestExecutor. Any other usages of HttpInvokderProxyFactoryBean will need the Acegi AuthenticationSimpleHttpInvokerRequestExecutor in order to pass up the credentials.

        Now, there's some missing parts here....
        In your RemoteLoginTest code you are properly calling the authenticate method, but your not storing the result in the SecureContext..

        For example...
        Code:
                SecureContext secureContext = &#40;SecureContext&#41; ContextHolder.getContext&#40;&#41;;
                if &#40;secureContext == null&#41; &#123;
                    secureContext = new SecureContextImpl&#40;&#41;;
                    ContextHolder.setContext&#40;secureContext&#41;;
                &#125;
        
                Authentication result = manager.authenticate&#40;authentication&#41;;
        
                secureContext.setAuthentication&#40;result&#41;;
        The code above is for your testing, I'm not positive it's the way your client app should actually be doing it...

        Also, your going to want to look at the way your server side is configured. You do not want the RemoteAuthenticationManager on the server side to be protected by any means of HTTP security. Where as you do want your other services behind the security filters.

        I, for example, have two seperate Dispatcher servlets configured. One for open items, and one for secure items.



        Code:
            <servlet>
                <servlet-name>remote</servlet-name>
                <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
                <load-on-startup>1</load-on-startup>
            </servlet>
        
            <servlet>
                <servlet-name>secure-remote</servlet-name>
                <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
                <load-on-startup>2</load-on-startup>
            </servlet>
        
            <servlet-mapping>
                <servlet-name>remote</servlet-name>
                <url-pattern>/services/*</url-pattern>
            </servlet-mapping>
        
            <servlet-mapping>
                <servlet-name>secure-remote</servlet-name>
                <url-pattern>/secure/services/*</url-pattern>
            </servlet-mapping>
        That allows me to declare things in remote-servlet.xml and secure-remote-servlet.xml...

        The WebApplicationContext on the server side is filtered with the FilterSecurityInterceptor as such...
        Code:
            <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
                <property name="authenticationManager">
                    <ref local="authenticationManager"/>
                </property>
                <property name="accessDecisionManager">
                    <ref local="accessDecisionManager"/>
                </property>
                <property name="objectDefinitionSource">
                    <value>
        			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
        			    PATTERN_TYPE_APACHE_ANT
        				/secure/**=ROLE_USER
                    </value>
                </property>
            </bean>

        I apologize if this seems somewhat rushed, I'm trying to spill as much info as I can, I'm in a bit of a hurry right now. I hope this babble helps somewhat.

        Also, Ben is off on vacation or somethin for about the next week, just so ya know why he hasn't replied himself.

        --Ray

        Comment


        • #5
          Thanks a lot for your answer RayKrueger. I have changed my config as you said, and it already looks better but I have still the problem. I looks like I don't pass through the filter (but I don't think so) or that the point would should trigger the security check is not trigered. I think i missed a link between some beans.

          I put my change, so that if you have the time you can maybe help me.
          In the client context I have added the httpInvokerRequestExecutor to group service and changed the url to secure/remoting/
          Code:
           <!--ACEGY CONFIGURATION-->
              <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
                  <property name="providers">
                      <list>
                          <ref bean="remoteAuthenticationProvider"/>
                      </list>
                  </property>
              </bean>
          
              <bean id="remoteAuthenticationProvider" class="net.sf.acegisecurity.providers.rcp.RemoteAuthenticationProvider">
                  <property name="remoteAuthenticationManager">
                      <ref bean="remoteAuthenticationManager"/>
                  </property>
              </bean>
          
              <bean id="remoteAuthenticationManager" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
                  <property name="serviceInterface">
                      <value>net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManager</value>
                  </property>
                  <property name="serviceUrl">
                      <value>http&#58;//localhost&#58;8080/MDF/remoting/RemoteAuthenticationManager</value>
                  </property>
              </bean>
          
              <bean id="authenticationRequestExecutor" class="net.sf.acegisecurity.ui.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor"></bean>
              <!--END OF ACEGI CONFIGURATION-->
          
              <bean id="group" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
                  <property name="serviceUrl">
                      <value>http&#58;//localhost&#58;8080/MDF/secure/remoting/GroupService-hessian</value>
                  </property>
                  <property name="serviceInterface">
                      <value>be.fgov.caamihziv.mdf.usermanagement.service.GroupService</value>
                  </property>
                 <property name="httpInvokerRequestExecutor">
                       <ref bean="authenticationRequestExecutor"/>
                  </property>
              </bean>
          I have now a a secure_servlet_remoting_context that look like :

          Code:
           <bean name="/GroupService-hessian" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
            <property name="service"><ref bean="group"/></property>
            <property name="serviceInterface">
             <value>be.fgov.caamihziv.mdf.usermanagement.service.GroupService</value>
            </property>
           </bean>
          I have added a new servlet dispatcher in my web.xml
          Code:
            <servlet>
            <servlet-name>secure_remoting</servlet-name>
            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
            <load-on-startup>20</load-on-startup>
           </servlet>
           <servlet-mapping>
            <servlet-name>secure_remoting</servlet-name>
            <url-pattern>/secure/remoting/*</url-pattern>
           </servlet-mapping>
          and changed the filter mapping

          Code:
           <filter-mapping>
                     <filter-name>Acegi_HTTP_BASIC_Authorization_Filter</filter-name>
                     <url-pattern>/secure/remoting/*</url-pattern>
                   </filter-mapping>
          
                   <filter-mapping>
                     <filter-name>Acegi_Security_System_for_Spring_HttpSession_Integration_Filter</filter-name>
                     <url-pattern>/secure/remoting/*</url-pattern>
                   </filter-mapping>
          and finally (pfiou it's a long story, I hope you do not bother) :roll:

          I have added securityEnforcementFilter and filterInvocationInterceptor to my application context
          Code:
           <bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
                <property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
                <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
             </bean>
              <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
                      <property name="authenticationManager">
                          <ref local="authenticationManager"/>
                      </property>
                      <property name="accessDecisionManager">
                          <ref local="accessDecisionManager"/>
                      </property>
                      <property name="objectDefinitionSource">
                          <value>
                           CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                           PATTERN_TYPE_APACHE_ANT
                          /secure/**=ROLE_USER
                          </value>
                      </property>
                  </bean>
          It looks like a better configuration but I still can make a direct call to my group service without any exception.

          Thank you

          Comment


          • #6
            Ok I got It. Thanks again RayKrueger. You put me on the good way.

            I forgot to add the securityEnforcementFilter in mys web.xml

            Code:
             <filter>
                    <filter-name>Acegy_http_request_security_filter</filter-name>
                    <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
                    <init-param>
                         <param-name>targetClass</param-name>
                         <param-value>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</param-value>
                    </init-param>
                </filter>
            
              <filter-mapping>
                       <filter-name>Acegy_http_request_security_filter</filter-name>
                       <url-pattern>/secure/remoting/*</url-pattern>
                     </filter-mapping>
            Now it works perfectly. It's an amazing package.
            I'll put all my configs file on the forum later on so, for future rich client / acegi users.

            Bye until the nex question

            Comment


            • #7
              Here is my implementation but I think there is a better way to do it with autoproxying if you have a lot of class which need proxy (Maybe there are beans declare that are not needed, I did not have the time to read the doc on everything I took from the sample example)

              applicationcontext.xml

              Code:
              <?xml version="1.0" encoding="UTF-8"?>
              <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http&#58;//www.springframework.org/dtd/spring-beans.dtd">
              
              <beans>
              
              
                  <bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
                      <property name="location">
                          <value>classpath&#58;/jdbc.properties</value>
                      </property>
                  </bean>
              
              
                  <!--ACEGI CONFIGURATION-->
              
                    <!-- RunAsManager -->
                 <bean id="runAsManager" class="net.sf.acegisecurity.runas.RunAsManagerImpl">
                    <property name="key"><value>my_run_as_password</value></property>
                 </bean>
                  <!-- TEST-->
              
              	<bean id="runAsAuthenticationProvider" class="net.sf.acegisecurity.runas.RunAsImplAuthenticationProvider">
                   	<property name="key"><value>my_run_as_password</value></property>
               	</bean>
              
              	<bean id="authByAdapterProvider" class="net.sf.acegisecurity.adapters.AuthByAdapterProvider">
                		<property name="key"><value>my_password</value></property>
               	</bean>
              
                  <!--END OF TEST-->
              
                   <bean id="remoteAuthenticationManager" class="net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManagerImpl">
                      <property name="authenticationManager">
                          <ref bean="authenticationManager"/>
                      </property>
                  </bean>
              
                  <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
                      <property name="providers">
                          <list>
                              <ref local="daoAuthenticationProvider"/>
                              <ref local="runAsAuthenticationProvider"/>
                        <ref local="authByAdapterProvider"/>
                          </list>
                      </property>
                  </bean>
              
                  <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
                      <property name="authenticationDao">
                          <ref local="inMemoryDaoImpl"/>
                      </property>
                  </bean>
              
                  <bean id="inMemoryDaoImpl" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
                      <property name="userMap">
                          <value>
                              admin=admin,ROLE_USER,ROLE_SUPERVISOR
                              dianne=emu,ROLE_USER
                              scott=wombat,ROLE_TELLER
                              peter=opal,disabled,ROLE_TELLER
                          </value>
                      </property>
                  </bean>
              
              
                  <bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
                      <property name="allowIfAllAbstainDecisions">
                          <value>false</value>
                      </property>
                      <property name="decisionVoters">
                          <list>
                              <ref local="roleVoter"/>
                          </list>
                      </property>
                  </bean>
              
                 <bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
              
              
                  <bean id="basicProcessingFilter" class="net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter">
                      <property name="authenticationManager">
                          <ref local="authenticationManager"/>
                      </property>
                      <property name="authenticationEntryPoint">
                          <ref local="basicProcessingFilterEntryPoint"/>
                      </property>
                  </bean>
              
                  <bean id="basicProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
                      <property name="realmName">
                          <value>Contacts Realm</value>
                      </property>
                  </bean>
              
                  <bean id="httpSessionIntegrationFilter" class="net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter"/>
                  <!--<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter"/>-->
              
                  <!--END OF ACEGI CONFIGURATION-->
              
              
                  <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
                      <property name="driverClassName">
                          <value>$&#123;jdbc.driverClassName&#125;</value>
                      </property>
                      <property name="url">
                          <value>$&#123;jdbc.url&#125;</value>
                      </property>
                      <property name="username">
                          <value>$&#123;jdbc.username&#125;</value>
                      </property>
                      <property name="password">
                          <value>$&#123;jdbc.password&#125;</value>
                      </property>
                  </bean>
              
                  <bean id="sessionFactory" class="org.springframework.orm.hibernate.LocalSessionFactoryBean">
                      <property name="dataSource">
                          <ref local="dataSource"/>
                      </property>
                      <property name="mappingResources">
                          <list>
                              <value>be/fgov/caamihziv/fdm/usermanagement/User.hbm.xml</value>
                              <value>be/fgov/caamihziv/fdm/usermanagement/Group.hbm.xml</value>
                              <value>be/fgov/caamihziv/fdm/usermanagement/RegionalOffice.hbm.xml</value>
                              <value>be/fgov/caamihziv/fdm/usermanagement/InsuranceAgency.hbm.xml</value>
                              <value>be/fgov/caamihziv/fdm/membermanagement/Member.hbm.xml</value>
                              <value>be/fgov/caamihziv/fdm/membermanagement/registrationmanagement/RegistrationMotives.hbm.xml</value>
                          </list>
                      </property>
                      <property name="hibernateProperties">
                          <props>
                              <prop key="hibernate.dialect">$&#123;hibernate.dialect&#125;</prop>
                              <prop key="hibernate.show_sql">true</prop>
                              <prop key="hibernate.hbm2ddl.auto">create-drop</prop>
                          </props>
                      </property>
                  </bean>
              
                  <!-- Transaction manager for a single Hibernate SessionFactory &#40;alternative to JTA&#41; -->
                  <bean id="transactionManager" class="org.springframework.orm.hibernate.HibernateTransactionManager">
                      <property name="sessionFactory">
                          <ref local="sessionFactory"/>
                      </property>
                  </bean>
                  <!-- ===================== SECURITY DEFINITIONS ======================= -->
              
                 <bean id="UserManagementSecurityManager" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
                    <property name="authenticationManager"><ref local="authenticationManager"/></property>
                    <property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
                    <property name="runAsManager"><ref local="runAsManager"/></property>
                    <property name="objectDefinitionSource">
                       <value>
                              be.fgov.caamihziv.fdm.usermanagement.service.UserManagementService.*=ROLE_SUPERVISOR
                       </value>
                    </property>
                 </bean>
              
                  <bean id="UserManagementManager" class="org.springframework.aop.framework.ProxyFactoryBean">
                    <property name="proxyInterfaces"><value>be.fgov.caamihziv.fdm.usermanagement.service.UserManagementService</value></property>
                    <property name="interceptorNames">
                       <list>
                          <idref local="UserManagementSecurityManager"/>
                       </list>
                    </property>
                    <property name="target">
                            <ref bean="groupTarget"/>
                    </property>
                 </bean>
                  <!--BUSINESS DEFINITION-->
              
                  <bean id="groupTarget" class="be.fgov.caamihziv.fdm.usermanagement.service.UserManagementServiceImpl">
                      <!--<property name="proxyInterfaces"><value>be.fgov.caamihziv.fdm.usermanagement.service.UserManagementService</value></property>-->
                      <property name="groupDao">
                          <ref local="groupDao"/>
                      </property>
                      <property name="userDao">
                          <ref local="userDao"/>
                      </property>
                      <property name="regionalOfficeDao">
                          <ref local="regionalOfficeDao"/>
                      </property>
                      <property name="insuranceAgencyDao">
                          <ref local="insuranceAgencyDao"/>
                      </property>
                  </bean>
              
                  <bean id="group" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
              
                      <property name="transactionManager">
                          <ref local="transactionManager"/>
                      </property>
                      <property name="target">
                          <ref local="UserManagementManager"/>
                      </property>
                      <property name="transactionAttributes">
                          <props>
                              <prop key="get*">PROPAGATION_REQUIRED,readOnly</prop>
                              <prop key="find*">PROPAGATION_REQUIRED,readOnly</prop>
                              <prop key="load*">PROPAGATION_REQUIRED,readOnly</prop>
                              <prop key="del*">PROPAGATION_REQUIRED</prop>
                              <prop key="add*">PROPAGATION_REQUIRED</prop>
                              <prop key="upd*">PROPAGATION_REQUIRED</prop>
                              <prop key="login">PROPAGATION_REQUIRED,readOnly</prop>
                          </props>
                      </property>
              
              
                  </bean>
              
                  <bean id="groupDao" class="be.fgov.caamihziv.fdm.usermanagement.service.GroupDaoImpl">
                      <property name="sessionFactory">
                          <ref local="sessionFactory"/>
                      </property>
                  </bean>
                  <bean id="userDao" class="be.fgov.caamihziv.fdm.usermanagement.service.UserDaoImpl">
                      <property name="sessionFactory">
                          <ref local="sessionFactory"/>
                      </property>
                  </bean>
              
                  <bean id="regionalOfficeDao" class="be.fgov.caamihziv.fdm.usermanagement.service.RegionalOfficeDaoImpl">
                      <property name="sessionFactory">
                          <ref local="sessionFactory"/>
                      </property>
                  </bean>
                  <bean id="insuranceAgencyDao" class="be.fgov.caamihziv.fdm.usermanagement.service.InsuranceAgencyDaoImpl">
                      <property name="sessionFactory">
                          <ref local="sessionFactory"/>
                      </property>
                  </bean>
              
                  <bean id="memberTarget" class="be.fgov.caamihziv.fdm.membermanagement.service.MemberManagementServiceImpl">
                      <property name="memberDao">
                          <ref local="memberDao"/>
                      </property>
                  </bean>
              
                  <bean id="member" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
                      <property name="transactionManager">
                          <ref local="transactionManager"/>
                      </property>
                      <property name="target">
                          <ref local="memberTarget"/>
                      </property>
                      <property name="transactionAttributes">
                          <props>
                              <prop key="get*">PROPAGATION_REQUIRED,readOnly</prop>
                              <prop key="find*">PROPAGATION_REQUIRED,readOnly</prop>
                              <prop key="load*">PROPAGATION_REQUIRED,readOnly</prop>
                              <prop key="add*">PROPAGATION_REQUIRED</prop>
                              <prop key="upd*">PROPAGATION_REQUIRED</prop>
                          </props>
                      </property>
                  </bean>
              
                  <bean id="memberDao" class="be.fgov.caamihziv.fdm.membermanagement.service.MemberDaoImpl">
                      <property name="sessionFactory">
                          <ref local="sessionFactory"/>
                      </property>
                  </bean>
              
                  <bean id="registrationTarget" class="be.fgov.caamihziv.fdm.membermanagement.registrationmanagement.service.RegistrationManagementServiceImpl">
                      <property name="registrationMotivesDao">
                          <ref local="registrationMotivesDao"/>
                      </property>
                  </bean>
              
                  <bean id="registration" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
                      <property name="transactionManager">
                          <ref local="transactionManager"/>
                      </property>
                      <property name="target">
                          <ref local="registrationTarget"/>
                      </property>
                      <property name="transactionAttributes">
                          <props>
                              <prop key="get*">PROPAGATION_REQUIRED,readOnly</prop>
                              <prop key="find*">PROPAGATION_REQUIRED,readOnly</prop>
                              <prop key="load*">PROPAGATION_REQUIRED,readOnly</prop>
                              <prop key="add*">PROPAGATION_REQUIRED</prop>
                              <prop key="upd*">PROPAGATION_REQUIRED</prop>
                          </props>
                      </property>
                  </bean>
              
                  <bean id="registrationMotivesDao" class="be.fgov.caamihziv.fdm.membermanagement.registrationmanagement.service.RegistrationMotivesDaoImpl">
                      <property name="sessionFactory">
                          <ref local="sessionFactory"/>
                      </property>
                  </bean>
              
              
                    <!-- ===================== HTTP REQUEST SECURITY ==================== -->
              
                     <!-- BASIC Regular Expression Syntax &#40;for beginners&#41;&#58;
              
                      \A means the start of the string &#40;ie the beginning of the URL&#41;
                      \Z means the end of the string &#40;ie the end of the URL&#41;
                      .  means any single character
                      *  means null or any number of repetitions of the last expression &#40;so .* means zero or more characters&#41;
              
                      Some examples&#58;
              
                      Expression&#58;   \A/my/directory/.*\Z
                      Would match&#58;    /my/directory/
                                      /my/directory/hello.html
              
                      Expression&#58;   \A/.*\Z
                      Would match&#58;    /hello.html
                                      /
              
                      Expression&#58;   \A/.*/secret.html\Z
                      Would match&#58;    /some/directory/secret.html
                                      /another/secret.html
                      Not match&#58;      /anothersecret.html &#40;missing required /&#41;-->
              
                  <bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
                    <property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
                    <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
                 </bean>
                  <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
                          <property name="authenticationManager">
                              <ref local="authenticationManager"/>
                          </property>
                          <property name="accessDecisionManager">
                              <ref local="accessDecisionManager"/>
                          </property>
                          <property name="objectDefinitionSource">
                              <value>
                               CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                               PATTERN_TYPE_APACHE_ANT
                              /secure/**=ROLE_USER
                              </value>
                          </property>
                      </bean>
              
              </beans>
              
              -->
              Web.xml
              Code:
              <?xml version="1.0" encoding="UTF-8"?>
              <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http&#58;//java.sun.com/dtd/web-app_2_3.dtd">
              <web-app>
               <display-name>CAAMI-HZIV FDM</display-name>
              
               <description>Fichiers des Membres</description>
              
              
               <!--
                 - Location of the Log4J config file, for initialization and refresh checks.
              	  - Applied by Log4jConfigListener.
              	  -->
              	<context-param>
              		<param-name>log4jConfigLocation</param-name>
              		<param-value>classpath&#58;/log4j.properties</param-value>
              	</context-param>
              
              	<!--
                 - Location of the XML file that defines the root application context.
                 - Applied by ContextLoaderServlet.
                -
                - Can be set to "/WEB-INF/applicationContext-hibernate.xml" for the Hibernate
                - implementation, "/WEB-INF/applicationContext-ojb.xml" for the Apache OJB one,
                - or "/WEB-INF/applicationContext-jdbc.xml" for the JDBC one.
                 -->
               <context-param>
                <param-name>contextConfigLocation</param-name>
                <param-value>classpath&#58;/applicationContext.xml</param-value>
               </context-param>
              
               <!--
                 - Loads the root application context of this web app at startup,
                 - by default from "/WEB-INF/applicationContext.xml".
              		- Note that it is preferable to use ContextLoaderListener in a servlet container
              		- that follows the Servlet 2.4 initialization order &#40;many Servlet 2.3 containers do&#41;.
              		-
              	  - Use WebApplicationContextUtils.getWebApplicationContext&#40;servletContext&#41;
              	  - to access it anywhere in the web application, outside of the framework.
              	  -
              	  - The root context is the parent of all servlet-specific contexts.
              	  - This means that its beans are automatically available in these child contexts,
              	  - both for getBean&#40;name&#41; calls and &#40;external&#41; bean references.
                  -->
                  <!--ACEGI CONFIGURATION-->
                    <filter>
                         <filter-name>Acegi_HTTP_BASIC_Authorization_Filter</filter-name>
                         <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
                         <init-param>
                           <param-name>targetClass</param-name>
                           <param-value>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</param-value>
                         </init-param>
                       </filter>
              
                       <filter>
                         <filter-name>Acegi_Security_System_for_Spring_HttpSession_Integration_Filter</filter-name>
                         <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
                         <init-param>
                           <param-name>targetClass</param-name>
                           <param-value>net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter</param-value>
                         </init-param>
                        </filter>
              
                   <filter>
                      <filter-name>Acegy_http_request_security_filter</filter-name>
                      <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
                      <init-param>
                           <param-name>targetClass</param-name>
                           <param-value>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</param-value>
                      </init-param>
                  </filter>
              
                       <filter-mapping>
                         <filter-name>Acegi_HTTP_BASIC_Authorization_Filter</filter-name>
                         <url-pattern>/secure/remoting/*</url-pattern>
                       </filter-mapping>
              
                       <filter-mapping>
                         <filter-name>Acegi_Security_System_for_Spring_HttpSession_Integration_Filter</filter-name>
                         <url-pattern>/secure/remoting/*</url-pattern>
                       </filter-mapping>
              
                      <filter-mapping>
                         <filter-name>Acegy_http_request_security_filter</filter-name>
                         <url-pattern>/secure/remoting/*</url-pattern>
                       </filter-mapping>
              
              
              
                  <!-- Listener to initialize the spring application context -->
                    <listener>
                      <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
                    </listener>
              
              
              
               <!--<servlet>
                <servlet-name>context</servlet-name>
                <servlet-class>org.springframework.web.context.ContextLoaderServlet</servlet-class>
                <load-on-startup>1</load-on-startup>
               </servlet>-->
              
               <!--
                - Dispatcher servlet definition for HTTP remoting via Hessian, Burlap, and
                - Spring's HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
                -->
               <servlet>
                <servlet-name>remoting</servlet-name>
                <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
                <load-on-startup>10</load-on-startup>
               </servlet>
              
                  <servlet>        
                <servlet-name>secure_remoting</servlet-name>
                <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
                <load-on-startup>20</load-on-startup>
               </servlet>
              
               <!--
                - Dispatcher servlet mapping for HTTP remoting via Hessian, Burlap, and
                - Spring's HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
                -->
               <servlet-mapping>
                <servlet-name>remoting</servlet-name>
                <url-pattern>/remoting/*</url-pattern>
               </servlet-mapping>
              
                  <servlet-mapping>
                <servlet-name>secure_remoting</servlet-name>
                <url-pattern>/secure/remoting/*</url-pattern>
               </servlet-mapping>
              
               <session-config>
                <session-timeout>10</session-timeout>
               </session-config>
              
              </web-app>
              servlet.xml
              Code:
              <?xml version="1.0" encoding="UTF-8" ?>
              <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http&#58;//www.springframework.org/dtd/spring-beans.dtd">
              
              <!--
               - Dispatcher servlet for HTTP remoting via Hessian, Burlap, and Spring's
               - HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
               -->
              <beans>
              
              
                  <!--HTTPEXPORTER for the login-->
                  <bean name="/RemoteAuthenticationManager" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
                      <property name="service">
                          <ref bean="remoteAuthenticationManager"/>
                      </property>
                      <property name="serviceInterface">
                          <value>net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManager</value>
                      </property>
                  </bean>
              </beans>
              secureservlet.xml
              Code:
              <?xml version="1.0" encoding="UTF-8" ?>
              <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http&#58;//www.springframework.org/dtd/spring-beans.dtd">
              
              <!--
               - Dispatcher servlet for HTTP remoting via Hessian, Burlap, and Spring's
               - HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
               -->
              <beans>
              
                   <!--HTTPEXPORTER for the usermanagement service -->
                  <bean name="/GroupService" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
                <property name="service"><ref bean="group"/></property>
                <property name="serviceInterface">
                 <value>be.fgov.caamihziv.fdm.usermanagement.service.UserManagementService</value>
                </property>
               </bean>
                  <bean name="/MemberManagementService" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
                <property name="service"><ref bean="member"/></property>
                <property name="serviceInterface">
                 <value>be.fgov.caamihziv.fdm.membermanagement.service.MemberManagementService</value>
                </property>
               </bean>
                  <bean name="/RegistrationManagementService" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
                <property name="service"><ref bean="registration"/></property>
                <property name="serviceInterface">
                 <value>be.fgov.caamihziv.fdm.membermanagement.registrationmanagement.service.RegistrationManagementService</value>
                </property>
               </bean>
              </beans>
              I hope this help.

              Comment


              • #8
                Thanks!

                Thanks!
                Gustavo

                Comment

                Working...
                X