Announcement Announcement Module
Collapse
No announcement yet.
Security config in parent context Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security config in parent context

    We have a project where the modules are layered in different contexts in a hierarchical fashion much like an "extended" version of the blog.springsource.com/2007/06/11/using-a-shared-parent-application-context-in-a-multi-war-spring-application/ strategy (add http at beginning of link).

    Top level:
    common-module with DB connection and transaction configuration, etc
    Code:
    <beans>
    <bean id="commonContext" class="ClassPathXmlApplicationContext">
      <constructor-arg>
        <list>
          <value>classpath:META-INF/spring/config.xml</value>
          <value>classpath:META-INF/spring/cachemanager.xml</value>
    	  <value>classpath:META-INF/spring/datasource.xml</value>
    	  <value>classpath:META-INF/spring/transaction.xml</value>
        </list>
      </constructor-arg>
    </bean>
    </beans>

    Level 2:
    security-module - All Spring security related custom classes and configuration (using namespace configuration)

    Code:
    <beans>
    <bean id="securityContext" class="ClassPathXmlApplicationContext">
      <constructor-arg>
        <list>
          <value>classpath:META-INF/spring/security-general.xml</value>
          <value>classpath:META-INF/spring/security-acl.xml</value>
        </list>
      </constructor-arg>
    		
      <!-- Parent context -->
      <constructor-arg ref="commonContext" />
    </bean>
    </beans>
    Level 3:
    application1-module - This module defines all business operations and the services' methods (some of them) here have specified <sec:intercept> for method level security.

    Code:
    <beans>
      <bean id="businessappContext" class="ClassPathXmlApplicationContext">
        <constructor-arg>
          <list>
            <value>classpath:META-INF/spring/businessapp-config.xml</value>
            <value>classpath:META-INF/spring/businessapp-dao.xml</value>
            <value>classpath:META-INF/spring/businessapp-cache.xml</value>
            <value>classpath:META-INF/spring/businessapp-services.xml</value>
          </list>
        </constructor-arg>
    		
        <!-- Parent context -->
        <constructor-arg ref="securityContext" />
      </bean>	
    </beans>
    Unfortunatly it wont work as the spring security automatic configuration can't find some of the needed beans, seamingly beacause the configuration was done in the parent context...?
    Is there a work-around for this problem?

    EDIT: I commented out the <sec:intercept>'s and then the the next problem was this when trying to log in:
    Code:
    2008-10-05 12:23:59,359 -  WARN [http-8080-1] [org.springframework.security.event.authentication.LoggerListener:60] - Authentication event AuthenticationFailureProviderNotFoundEvent: morten; details: [email protected]: RemoteIpAddress: 127.0.0.1; SessionId: EC29ADFB6D0F196122B9BC843DD1E030; exception: No AuthenticationProvider found for org.springframework.security.providers.UsernamePasswordAuthenticationToken
    yet again this is beacuse of problems with the wiring of the beans.

    I just want to add that this application works flawlessly if just use imports of the spring configs for all modules, but I would like to save resources and startup time by sharing the modules possible.

    Any help greatly appreciated!
    Last edited by Xaer; Oct 5th, 2008, 06:31 AM.

  • #2
    Please?

    Bump: I just realized I forgot the magic word...

    Comment

    Working...
    X