VIRGIN FOREST OF JAVA
不要埋头苦干,要学习,学习,再学习。。。。。
powered by R.Zeus

Acegi Secutiry is for URL-ROLE,and in Struts every method is mapping to a URL,so they are integrating is so perfect!

applicationContext-acegi-security.xml
---------------------------------------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">

<!--
 - A simple "base bones" Acegi Security configuration.
 -
 - The sample includes the "popular" features that people tend to use.
 - Specifically, form authentication, remember-me, and anonymous processing.
 - Other features aren't setup, as these can be added later by inserting
 - the relevant XML fragments as specified in the Reference Guide.
 -
 - To assist new users, the filters specified in the FilterChainProxy are
 - declared in the application context in the same order. Collaborators
 - required by those filters are placed at the end of the file.
 -
 - $Id: applicationContext-acegi-security.xml,v 1.1 2006/10/17 02:58:44 ronald.feng Exp $
-->

<beans>

    <bean id="filterChainProxy"
          class="org.acegisecurity.util.FilterChainProxy">
        <property name="filterInvocationDefinitionSource">
            <value>
                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                PATTERN_TYPE_APACHE_ANT
                /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
            </value>
        </property>
    </bean>

    <bean id="httpSessionContextIntegrationFilter"
          class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>

    <bean id="logoutFilter"
          class="org.acegisecurity.ui.logout.LogoutFilter">
        <constructor-arg value="/login.jsp"/>
        <!-- URL redirected to after logout -->
        <constructor-arg>
            <list>
                <ref bean="rememberMeServices"/>
                <bean
                        class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
            </list>
        </constructor-arg>
    </bean>

    <bean id="authenticationProcessingFilter"
          class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
        <property name="authenticationManager"
                  ref="authenticationManager"/>

        <property name="authenticationFailureUrl"
                  value="/login.jsp?login_error=1"/>
        <property name="defaultTargetUrl" value="/"/>
        <property name="filterProcessesUrl"
                  value="/j_acegi_security_check"/>
        <property name="rememberMeServices" ref="rememberMeServices"/>

    </bean>

    <bean id="securityContextHolderAwareRequestFilter"
          class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>

    <bean id="rememberMeProcessingFilter"
          class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
        <property name="authenticationManager"
                  ref="authenticationManager"/>
        <property name="rememberMeServices" ref="rememberMeServices"/>
    </bean>

    <bean id="anonymousProcessingFilter"
          class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
        <property name="key" value="changeThis"/>
        <property name="userAttribute"
                  value="anonymousUser,ROLE_ANONYMOUS"/>
    </bean>

    <bean id="exceptionTranslationFilter"
          class="org.acegisecurity.ui.ExceptionTranslationFilter">
        <property name="authenticationEntryPoint">
            <bean
                    class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                <property name="loginFormUrl" value="/login.jsp"/>
                <property name="forceHttps" value="false"/>
            </bean>
        </property>
        <property name="accessDeniedHandler">
            <bean
                    class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
                <property name="errorPage" value="/accessDenied.jsp"/>
            </bean>
        </property>
    </bean>

    <bean id="filterInvocationInterceptor"
          class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">

        <property name="authenticationManager"
                  ref="authenticationManager"/>

        <property name="accessDecisionManager">
            <bean class="org.acegisecurity.vote.AffirmativeBased">
                <property name="allowIfAllAbstainDecisions"
                          value="false"/>
                <property name="decisionVoters">
                    <list>
                        <bean class="org.acegisecurity.vote.RoleVoter"/>
                        <bean
                                class="org.acegisecurity.vote.AuthenticatedVoter"/>
                    </list>
                </property>

            </bean>
        </property>

        <property name="objectDefinitionSource">
            <value>
                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                PATTERN_TYPE_APACHE_ANT
                /images/**=IS_AUTHENTICATED_ANONYMOUSLY
                /css/**=IS_AUTHENTICATED_ANONYMOUSLY
                /scripts/**=IS_AUTHENTICATED_ANONYMOUSLY
                /login.jsp=IS_AUTHENTICATED_ANONYMOUSLY
                /error.jsp=IS_AUTHENTICATED_ANONYMOUSLY

                <!-- this for .do url!remember acegi is only for url and can filter for any url! -->
 <!-- or  staff/searchstaff.do=ROLE_ADMIN_TEST -->
                /staff/**=ROLE_ADMIN_TEST

            </value>
        </property>
       

    </bean>

    <bean id="rememberMeServices"
          class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
        <property name="userDetailsService" ref="userDetailsService"/>
        <property name="key" value="changeThis"/>
    </bean>

    <bean id="authenticationManager"
          class="org.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref local="daoAuthenticationProvider"/>
                <bean
                        class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
                    <property name="key" value="changeThis"/>
                </bean>
                <bean
                        class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
                    <property name="key" value="changeThis"/>
                </bean>
            </list>
        </property>
    </bean>

    <bean id="daoAuthenticationProvider"
          class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
        <property name="userDetailsService" ref="userDetailsService"/>
        <property name="userCache">
            <bean
                    class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
                <property name="cache">
                    <bean
                            class="org.springframework.cache.ehcache.EhCacheFactoryBean">
                        <property name="cacheManager">
                            <bean
                                    class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
                        </property>
                        <property name="cacheName" value="userCache"/>
                    </bean>
                </property>
            </bean>
        </property>
        <property name="passwordEncoder" ref="passwordEncoder"/>
    </bean>

    <bean id="passwordEncoder"

          class="org.acegisecurity.providers.encoding.Md5PasswordEncoder"/>

    <!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
    <!--<bean id="c"-->
    <!--class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">-->
    <!--<property name="userProperties">-->
    <!--<bean-->
    <!--class="org.springframework.beans.factory.config.PropertiesFactoryBean">-->
    <!--<property name="location"-->
    <!--value="/WEB-INF/users.properties" />-->
    <!--</bean>-->
    <!--</property>-->
    <!--</bean>-->
    <bean id="userDetailsService" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
        <property name="dataSource">
            <ref bean="dataSource"/>
        </property>
        <property name="authoritiesByUsernameQuery">
            <value>
                SELECT account,'ROLE_ADMIN' as authority FROM TB_STAFF WHERE account = ?
            </value>
        </property>
        <property name="usersByUsernameQuery">
            <value>
                SELECT account,password, 1 as enabled FROM TB_STAFF WHERE account = ?

            </value>
        </property>
    </bean>

    <!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
    <bean id="loggerListener"
          class="org.acegisecurity.event.authentication.LoggerListener"/>

</beans>
---------------------------------------------------------------------------------------------------------------

posted on 2006-10-17 13:07 R.Zeus 阅读(409) 评论(0)  编辑  收藏 所属分类: Acegi Security

只有注册用户登录后才能发表评论。


网站导航: