Announcement Announcement Module
Collapse
No announcement yet.
cannot extend DaoAuthenticationProvider Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • cannot extend DaoAuthenticationProvider

    I am trying to convert an application that uses Acegi 0.9.0 to Spring Security 2.0.5

    Import for DAO authentication provider modified from:
    import net.sf.acegisecurity.providers.dao.AuthenticationD ao; (interface)
    to:
    import org.springframework.security.providers.dao.DaoAuth enticationProvider; (class)

    I have an abstract class BaseDAOHibernate that extends HibernateDaoSupport. I then have a class UserDAOHibernate that extends BaseDAOHibernate, and implements interface UserDAO.

    Interface UserDAO simply has a loadUserByUsername() method and used to extend interface AuthenticationDao, but now I cannot extend DaoAuthenticationProvider because DaoAuthenticationProvider is not an interface.

    What is the best way to modify my archictecture to utilize the new Spring Security DaoAuthenticationProvider?

  • #2
    Implement UserDetailsService and inject your implementation into DaoAuthenticationProvider. Or implement AuthenticationProvider directly.

    Comment


    • #3
      cannot extend DaoAuthenticationProvider

      Luke - Thank you for responding.

      Could you pls be a little more specific about how to inject my implementation into DaoAuthenticationProvider.

      Comment


      • #4
        Dependency injections is a core part of the Spring framework. You really need to understand Spring properly before using Spring Security:

        http://static.springsource.org/sprin...s-introduction

        Comment


        • #5
          cannot extend DaoAuthenticationProvider

          I just wanted to verify that you were talking about entries in the security application context.

          Comment


          • #6
            There isn't really a security application context as such. The security components are all just standard Spring beans and part of the normal application context that Spring loads.

            Comment


            • #7
              cannot extend DaoAuthenticationProvider

              Ok...Thanks.

              Do you happen to know the Spring Security equivalents of the following:

              net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter
              org.springframework.security.intercept.web.???

              net.sf.acegisecurity.ui.webapp.SiteminderAuthentic ationProcessingFilter
              org.springsecurity.security.ui.webapp.???

              Not showing up in 2.0.5 javadoc:

              http://static.springsource.org/sprin...ocs/index.html

              Comment


              • #8
                There aren't direct equivalents. Acegi 0.9 is very old and a lot of things have changed since then. FilterSecurityInterceptor is the closest thing to SecurityEnforcementFilter, but is used in combination with ExceptionTranslationFilter.

                Siteminder would be supported by the RequestHeaderPreAuthenticatedProcessingFilter:

                http://static.springsource.org/sprin...e/preauth.html

                Comment


                • #9
                  cannot extend DaoAuthenticationProvider

                  Thanks again...I will try these.

                  Lastly, do I need to replace authz.tld with secuity.tld...and if so, do you know where I can download/find security.tld?

                  Comment


                  • #10
                    cannot extend DaoAuthenticationProvider

                    How do I replace this:

                    <bean id="authenticationProcessingFilter" class="net.sf.acegisecurity.ui.webapp.SiteminderAu thenticationProcessingFilter">
                    <property name="authenticationManager"><ref bean="authenticationManager"/></property>
                    <property name="authenticationFailureUrl"><value>/login.jsp?login_error=1</value></property>
                    <property name="defaultTargetUrl"><value>/security.do?method=getMainMenu</value></property>
                    <property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
                    <property name="siteminderUsernameHeaderKey"><value>SM_USER</value></property>
                    <property name="siteminderPasswordHeaderKey"><value>SM_USER</value></property>
                    <property name="formUsernameParameterKey"><value>j_username</value></property>
                    <property name="formPasswordParameterKey"><value>j_password</value></property>
                    </bean>

                    with this:

                    <bean id="authenticationProcessingFilter" class="org.springframework.security.ui.preauth.hea der.RequestHeaderPreAuthenticatedProcessingFilter" >
                    <security:custom-filter position="PRE_AUTH_FILTER" />
                    <property name="authenticationManager"><ref bean="authenticationManager"/></property>
                    <property name="principalRequestHeader"><value>SM_USER</value></property>
                    </bean>

                    Comment

                    Working...
                    X