Announcement Announcement Module
No announcement yet.
cannot extend DaoAuthenticationProvider Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • cannot extend DaoAuthenticationProvider

    I am trying to convert an application that uses Acegi 0.9.0 to Spring Security 2.0.5

    Import for DAO authentication provider modified from:
    import net.sf.acegisecurity.providers.dao.AuthenticationD ao; (interface)
    import enticationProvider; (class)

    I have an abstract class BaseDAOHibernate that extends HibernateDaoSupport. I then have a class UserDAOHibernate that extends BaseDAOHibernate, and implements interface UserDAO.

    Interface UserDAO simply has a loadUserByUsername() method and used to extend interface AuthenticationDao, but now I cannot extend DaoAuthenticationProvider because DaoAuthenticationProvider is not an interface.

    What is the best way to modify my archictecture to utilize the new Spring Security DaoAuthenticationProvider?

  • #2
    Implement UserDetailsService and inject your implementation into DaoAuthenticationProvider. Or implement AuthenticationProvider directly.


    • #3
      cannot extend DaoAuthenticationProvider

      Luke - Thank you for responding.

      Could you pls be a little more specific about how to inject my implementation into DaoAuthenticationProvider.


      • #4
        Dependency injections is a core part of the Spring framework. You really need to understand Spring properly before using Spring Security:


        • #5
          cannot extend DaoAuthenticationProvider

          I just wanted to verify that you were talking about entries in the security application context.


          • #6
            There isn't really a security application context as such. The security components are all just standard Spring beans and part of the normal application context that Spring loads.


            • #7
              cannot extend DaoAuthenticationProvider


              Do you happen to know the Spring Security equivalents of the following:

              net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter

              net.sf.acegisecurity.ui.webapp.SiteminderAuthentic ationProcessingFilter

              Not showing up in 2.0.5 javadoc:



              • #8
                There aren't direct equivalents. Acegi 0.9 is very old and a lot of things have changed since then. FilterSecurityInterceptor is the closest thing to SecurityEnforcementFilter, but is used in combination with ExceptionTranslationFilter.

                Siteminder would be supported by the RequestHeaderPreAuthenticatedProcessingFilter:



                • #9
                  cannot extend DaoAuthenticationProvider

                  Thanks again...I will try these.

                  Lastly, do I need to replace authz.tld with secuity.tld...and if so, do you know where I can download/find security.tld?


                  • #10
                    cannot extend DaoAuthenticationProvider

                    How do I replace this:

                    <bean id="authenticationProcessingFilter" class="net.sf.acegisecurity.ui.webapp.SiteminderAu thenticationProcessingFilter">
                    <property name="authenticationManager"><ref bean="authenticationManager"/></property>
                    <property name="authenticationFailureUrl"><value>/login.jsp?login_error=1</value></property>
                    <property name="defaultTargetUrl"><value>/</value></property>
                    <property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
                    <property name="siteminderUsernameHeaderKey"><value>SM_USER</value></property>
                    <property name="siteminderPasswordHeaderKey"><value>SM_USER</value></property>
                    <property name="formUsernameParameterKey"><value>j_username</value></property>
                    <property name="formPasswordParameterKey"><value>j_password</value></property>

                    with this:

                    <bean id="authenticationProcessingFilter" class=" der.RequestHeaderPreAuthenticatedProcessingFilter" >
                    <security:custom-filter position="PRE_AUTH_FILTER" />
                    <property name="authenticationManager"><ref bean="authenticationManager"/></property>
                    <property name="principalRequestHeader"><value>SM_USER</value></property>