Announcement Announcement Module
Collapse
No announcement yet.
Custom objectDefinitionSource for FilterSecurityInterceptor Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Custom objectDefinitionSource for FilterSecurityInterceptor

    Problem:
    Custom objectDefinitionSource for FilterSecurityInterceptor!

    Want to replace:
    Code:
                            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                            PATTERN_TYPE_APACHE_ANT
                                /secure/**=ROLE_SUPERVISOR,ROLE_TELLER
                                /test/**=ROLE_TELLER
                                /*.do?*=ROLE_SUPERVISOR,ROLE_TELLER
                                /*.do=ROLE_SUPERVISOR,ROLE_TELLER
    With a bean where I can set this attributes dynamically. At least where I can Decide witch kind of role we are going to set. This because we want to at some roles in our application.

    We did it already with the UserDetails, we get our user info + role en the permissions that belong to those roles. So we can change roles and permissions.

    But we don't know how to create our own objectDefinitionSource.

    've created my own objectDefinitionSource class that implements FilterInvocationDefinitionSource.

    But it needs to befilled with Cponfig Attributes ......etc.....

    Doesn't work can somebody kick us in to the right direction.??!!

  • #2
    Fixed turned out I was looking in the wrong direction.

    My object is now extending PathBasedFilterInvocationDefinitionMap.

    This is were I use addSecureUrl.

    Finally I made a bean of it setting the property
    Code:
    <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
            <property name="authenticationManager"><ref local="authenticationManager"/></property>
            <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
            <property name="objectDefinitionSource"><ref local="myObjectDefinitionSource"/></property>
        </bean>
    	
    	<bean id="myObjectDefinitionSource" class="com.thefactore.security.FFObjectDefinitionSource">
    		<property name="itemDAO"><ref bean="itemDAO"/></property>
    	</bean>

    Comment


    • #3
      Exactly, that's the way you do it.

      Comment


      • #4
        I had the same problem and I used a class MyPathBasedFilterInvocationDefinitionMap which extends PathBasedFilterInvocationDefinitionMap. Bu I wonder where
        addSecurlUrl() method can be called. I called it from
        the constructor of MyPathBasedFilterInvocationDefinitionMap
        but it did not seem smart to me. Any suggestions?

        Thanks...

        Comment


        • #5
          I have the same question. Where should I initialize my filter definition source map? Any help on this would be great.

          Thanks,

          -Xavier

          Comment


          • #6
            I had a similar requirement where the URLs and their authorizations were stored in an XML file.

            I extended FilterInvocationDefinitionSource and added an instance of PathBasedFilterInvocationDefinitionMap as a delegate. The ctor of this class read the XML data thru a DAO and called addSecureUrl().

            Code:
            public class XmlDefinitionSource implements FilterInvocationDefinitionSource {
            
                /**
                 * Underlying objectDefinitionSource object
                 */
                private PathBasedFilterInvocationDefinitionMap delegate = null;
                
                
                /**
                 * Creates a proxy to a PathBasedFilterInvocationDefinitionMap to delegate calls.
                 * Initializations of the delegate is done here.
                 * 
                 * @param authManager DAO handling URL/auth mappings
                 * @throws DAOException 
                 */
                public XmlDefinitionSource( RoleAuthorizationManager authManager ) throws DAOException {
                    
                    delegate = new PathBasedFilterInvocationDefinitionMap();
                    
                    // all URLs should be converted to lowercase before mapping
                    delegate.setConvertUrlToLowercaseBeforeComparison( true );
                    
                    // read from XML and populate ConfigAttributeDefinitions in delegate
                    String[] resources = authManager.getResources();
                    
                    for( int i = 0; i < resources.length; i++ ) {
                        
                    	String[] roles = authManager.getRolesForResource( resources[i] );
                    	
                    	// if there are roles registered for this resource
                    	if( roles.length != 0 ) {
                    		ConfigAttributeDefinition defn = 
                    						new ConfigAttributeDefinition();
                    		
                    		for( int j = 0; j < roles.length; j++ ) {
                        		defn.addConfigAttribute( new SecurityConfig(roles[j]) );
                    		}
                    		
                    		delegate.addSecureUrl( resources[i], defn );
                    	}
                    }
                }
            ....
            Hope this helps.

            Rgds

            Comment


            • #7
              Thanks for the info. I have a working version now that is using a DB.

              cheers,
              -Xavier

              Comment


              • #8
                Hi. I alreay have a working objectDefinitionSource and its loading the data from the DB. My question is: how can I clear de list of secure urls dynamically, so that I would be able to reload them again from the database in case I want to make a change, without restarting the application ? Thanks.

                Comment

                Working...
                X