Rich client example

**hykiukira2** · Jan 7th, 2005, 08:29 AM

Hello, I have seen that rich client are fully supported.

"Client-server rich clients are also fully supported. In the client-side application context a RemoteAuthenticationManager is configured. This RemoteAuthenticationManager receives Authentication request objects and passes the contained username and password to a corresponding server-side web service. The server-side web service then builds a new Authentication request object containing the passed username and password, before passing it to a server-side AuthenticationManager. If successful, a list of GrantedAuthoritys is passed back to the RemoteAuthenticationManager. This allows the rich client to make authorization decisions such as the visibility of GUI actions. The rich client will also typically set each remoting proxy factory with the validated username and password."

We develop a distributed application with hibernate and spring in a tomcat environnement, and the client part is in swing. The remoting protocol is http-invoker . Is there a simple hello world login example with spring anywhere.

Is that kind of configuration with servlet filter is suitable for remote login?
If yes, how can we check exceptions rather than to redirect to an url?

applicationcontext.xml

Code:

 <bean id="memoryAuthenticationDao" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
        <property name="userMap">
            <value>
            matthew=contegix,ROLE_ADMIN
            </value>
        </property>
    </bean>
    <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
        <property name="authenticationDao">
            <ref local="memoryAuthenticationDao"/>
        </property>
    </bean>
    <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref bean="daoAuthenticationProvider"/>
            </list>
        </property>
    </bean>

    <bean id="authenticationProcessingFilter" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
        <property name="authenticationFailureUrl">
            <value>/login.jsp?error=1</value>
        </property>
        <property name="defaultTargetUrl">
            <value>/</value>
        </property>
        <property name="filterProcessesUrl">
            <value>/j_acegi_security_check</value>
        </property>
    </bean>

web.xml

Code:

<filter>
        <filter-name>SecurityFilter</filter-name>
        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
        <init-param>
            <param-name>targetClass</param-name>
            <param-value>
        net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter
            </param-value>
        </init-param>
    </filter>

    <filter-mapping>
        <filter-name>SecurityFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

Thank you

**Ben Alex** · Jan 9th, 2005, 12:30 AM

This thread gives a bit more of an overview: http://forum.springframework.org/showthread.php?t=11638.

Also see http://forum.springframework.org/showthread.php?t=12155.

Together I think you'll find these threads are what you need. :-)

**hykiukira2** · Jan 10th, 2005, 09:38 AM

Ok thank you for you answer ben. I'm now on a better way.
The authentication process works know but only when i make a direct call to RemoteAuthenticationManager.
Here is my test code

Code:

public class RemoteLoginTest extends TestCase &#123;
    private static Logger logger = Logger.getLogger&#40;RemoteLoginTest.class.getName&#40;&#41;&#41;;
    private final static String CTX = "be/fgov/caamihziv/mdf/usermanagement/service/" +
                                          "clientContext.xml";
     public void testRemoteLogin&#40;&#41;&#123;
        ClassPathXmlApplicationContext ctx;
        ctx = new ClassPathXmlApplicationContext&#40;CTX&#41;;
        AuthenticationManager authenticationManager=&#40;AuthenticationManager&#41;    ctx.getBean&#40;"authenticationManager"&#41;;
        UsernamePasswordAuthenticationToken request=new UsernamePasswordAuthenticationToken&#40;"marissa","koala"&#41;;
        try&#123;
            Authentication result=authenticationManager.authenticate&#40;request&#41;;
        &#125;catch&#40;AuthenticationException an&#41;&#123;
            an.printStackTrace&#40;&#41;;
        &#125;
    &#125;

&#125;

and the client context

Code:

<beans>

     <!--ACEGY CONFIGURATION-->
    <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref bean="remoteAuthenticationProvider"/>
            </list>
        </property>
    </bean>

    <bean id="remoteAuthenticationProvider" class="net.sf.acegisecurity.providers.rcp.RemoteAuthenticationProvider">
        <property name="remoteAuthenticationManager">
            <ref bean="remoteAuthenticationManager"/>
        </property>
    </bean>

    <bean id="remoteAuthenticationManager" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
        <property name="serviceInterface">
            <value>net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManager</value>
        </property>
        <property name="serviceUrl">
            <value>http&#58;//localhost&#58;8080/MDF/remoting/RemoteAuthenticationManager</value>
        </property>
        <property name="httpInvokerRequestExecutor">
             <ref bean="authenticationRequestExecutor"/>
        </property>
    </bean>

    <bean id="authenticationRequestExecutor" class="net.sf.acegisecurity.ui.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor"></bean>
    <!--END OF ACEGI CONFIGURATION-->

    <bean id="group" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
        <property name="serviceUrl">
            <value>http&#58;//localhost&#58;8080/MDF/remoting/GroupService-hessian</value>
        </property>
        <property name="serviceInterface">
            <value>be.fgov.caamihziv.mdf.usermanagement.service.GroupService</value>
        </property>        
    </bean>
</beans>

But when I make a remote cal on group i would expect an exception if i did not login before. Well this is not the case, i still can make remote call on the group bean. Like if my filter did not catch the request. I supose it's a little configuration issue but as I'm not realy used to servlet help would be nice.

Here are my server config files :

web.xml

Code:

<context-param>
  <param-name>log4jConfigLocation</param-name>
  <param-value>classpath&#58;/log4j.properties</param-value>
	</context-param>

	<!--
	  - Location of the XML file that defines the root application context.
	  - Applied by ContextLoaderServlet.
		-
		- Can be set to "/WEB-INF/applicationContext-hibernate.xml" for the Hibernate
		- implementation, "/WEB-INF/applicationContext-ojb.xml" for the Apache OJB one,
		- or "/WEB-INF/applicationContext-jdbc.xml" for the JDBC one.
	  -->
	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>classpath&#58;/applicationContext.xml</param-value>
	</context-param>

	<!--
	  - Loads the root application context of this web app at startup,
	  - by default from "/WEB-INF/applicationContext.xml".
		- Note that it is preferable to use ContextLoaderListener in a servlet container
		- that follows the Servlet 2.4 initialization order &#40;many Servlet 2.3 containers do&#41;.
		-
	  - Use WebApplicationContextUtils.getWebApplicationContext&#40;servletContext&#41;
	  - to access it anywhere in the web application, outside of the framework.
	  -
	  - The root context is the parent of all servlet-specific contexts.
	  - This means that its beans are automatically available in these child contexts,
	  - both for getBean&#40;name&#41; calls and &#40;external&#41; bean references.
    -->
    <!--ACEGI CONFIGURATION-->
      <filter>
           <filter-name>Acegi_HTTP_BASIC_Authorization_Filter</filter-name>
           <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
           <init-param>
             <param-name>targetClass</param-name>
             <param-value>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</param-value>
           </init-param>
         </filter>

         <filter>
           <filter-name>Acegi_Security_System_for_Spring_HttpSession_Integration_Filter</filter-name>
           <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
           <init-param>
             <param-name>targetClass</param-name>
             <param-value>net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter</param-value>
           </init-param>
          </filter>

   <!--  <filter>
        <filter-name>Acegy_http_request_security_filter</filter-name>
        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
        <init-param>
             <param-name>targetClass</param-name>
             <param-value>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</param-value>
        </init-param>
    </filter>-->

         <filter-mapping>
           <filter-name>Acegi_HTTP_BASIC_Authorization_Filter</filter-name>
           <url-pattern>/*</url-pattern>
         </filter-mapping>

         <filter-mapping>
           <filter-name>Acegi_Security_System_for_Spring_HttpSession_Integration_Filter</filter-name>
           <url-pattern>/*</url-pattern>
         </filter-mapping>

  <!--    <filter-mapping>
           <filter-name>Acegy_http_request_security_filter</filter-name>
           <url-pattern>/*</url-pattern>
         </filter-mapping> -->

     <!--END OF ACEGI CONFIGURATION-->

    <!-- Listener to initialize the spring application context -->
      <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
      </listener>



	<!--<servlet>
		<servlet-name>context</servlet-name>
		<servlet-class>org.springframework.web.context.ContextLoaderServlet</servlet-class>
		<load-on-startup>1</load-on-startup>
	</servlet>-->

	<!--
		- Dispatcher servlet definition for HTTP remoting via Hessian, Burlap, and
		- Spring's HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
		-->
	<servlet>
		<servlet-name>remoting</servlet-name>
  <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
  <load-on-startup>20</load-on-startup>
 </servlet>

 <!--
  - Dispatcher servlet mapping for HTTP remoting via Hessian, Burlap, and
  - Spring's HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
  -->
 <servlet-mapping>
  <servlet-name>remoting</servlet-name>
  <url-pattern>/remoting/*</url-pattern>
 </servlet-mapping>

 <session-config>
  <session-timeout>10</session-timeout>
 </session-config>

applicationcontext

Code:

<bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
        <property name="location">
            <value>classpath&#58;/jdbc.properties</value>
        </property>
    </bean>

    <!--ACEGI CONFIGURATION-->
    <bean id="remoteAuthenticationManager" class="net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManagerImpl">
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
    </bean>

    <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref local="daoAuthenticationProvider"/>
            </list>
        </property>
    </bean>

    <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
        <property name="authenticationDao">
            <ref local="inMemoryDaoImpl"/>
        </property>
    </bean>

    <bean id="inMemoryDaoImpl" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
        <property name="userMap">
            <value>
                marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
                dianne=emu,ROLE_TELLER
                scott=wombat,ROLE_TELLER
                peter=opal,disabled,ROLE_TELLER
            </value>
        </property>
    </bean>


    <bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
        <property name="allowIfAllAbstainDecisions">
            <value>false</value>
        </property>
        <property name="decisionVoters">
            <list>
                <ref local="roleVoter"/>
            </list>
        </property>
    </bean>

    <bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>


    <bean id="basicProcessingFilter" class="net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter">
        <property name="authenticationManager">
            <ref local="authenticationManager"/>
        </property>
        <property name="authenticationEntryPoint">
            <ref local="basicProcessingFilterEntryPoint"/>
        </property>
    </bean>

    <bean id="basicProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
        <property name="realmName">
            <value>Contacts Realm</value>
        </property>
    </bean>

    <bean id="httpSessionIntegrationFilter" class="net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter"/>
    <!--<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter"/>-->

    <!--END OF ACEGI CONFIGURATION-->


    <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <property name="driverClassName">
            <value>$&#123;jdbc.driverClassName&#125;</value>
        </property>
        <property name="url">
            <value>$&#123;jdbc.url&#125;</value>
        </property>
        <property name="username">
            <value>$&#123;jdbc.username&#125;</value>
        </property>
        <property name="password">
            <value>$&#123;jdbc.password&#125;</value>
        </property>
    </bean>

    <bean id="sessionFactory" class="org.springframework.orm.hibernate.LocalSessionFactoryBean">
        <property name="dataSource">
            <ref local="dataSource"/>
        </property>
        <property name="mappingResources">
            <list>
                <value>be/fgov/caamihziv/mdf/usermanagement/User.hbm.xml</value>
                <value>be/fgov/caamihziv/mdf/usermanagement/Group.hbm.xml</value>
                <value>be/fgov/caamihziv/mdf/usermanagement/RegionalOffice.hbm.xml</value>
                <value>be/fgov/caamihziv/mdf/usermanagement/InsuranceAgency.hbm.xml</value>
                <value>be/fgov/caamihziv/mdf/usermanagement/Member.hbm.xml</value>
            </list>
        </property>
        <property name="hibernateProperties">
            <props>
                <prop key="hibernate.dialect">$&#123;hibernate.dialect&#125;</prop>
                <prop key="hibernate.show_sql">true</prop>
                <prop key="hibernate.hbm2ddl.auto">create-drop</prop>
            </props>
        </property>
    </bean>

    <!-- Transaction manager for a single Hibernate SessionFactory &#40;alternative to JTA&#41; -->
    <bean id="transactionManager" class="org.springframework.orm.hibernate.HibernateTransactionManager">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>

    <!--
	    - A parent bean definition which is a base definition for transaction proxies.
		- It is markes as abstract, since it is never supposed to be instantiated itself.
		- We set shared transaction attributes here, following our naming patterns.
		- The attributes can still be overridden in child bean definitions.
    -->
    <!-- <bean id="mdf" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
         <property name="transactionManager">
             <ref local="transactionManager"/>
         </property>
         <property name="target">
             <ref local="mdfTarget"/>
         </property>
         <property name="transactionAttributes">
             <props>
                 <prop key="get*">PROPAGATION_REQUIRED,readOnly</prop>
                 <prop key="find*">PROPAGATION_REQUIRED,readOnly</prop>
                 <prop key="load*">PROPAGATION_REQUIRED,readOnly</prop>
                 <prop key="add*">PROPAGATION_REQUIRED</prop>
             </props>
         </property>
     </bean>

     <bean id="mdfTarget" class="be.fgov.caamihziv.mdf.usermanagement.service.UserServiceImpl">
         <property name="sessionFactory">
             <ref local="sessionFactory"/>
         </property>
     </bean>   -->

    <bean id="groupTarget" class="be.fgov.caamihziv.mdf.usermanagement.service.GroupServiceImpl">
        <property name="groupDao">
            <ref local="groupDao"/>
        </property>
        <property name="userDao">
            <ref local="userDao"/>
        </property>
        <property name="regionalOfficeDao">
            <ref local="regionalOfficeDao"/>
        </property>
        <property name="insuranceAgencyDao">
            <ref local="insuranceAgencyDao"/>
        </property>
        <property name="memberDao">
            <ref local="memberDao"/>
        </property>
    </bean>

    <bean id="group" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
        <property name="transactionManager">
            <ref local="transactionManager"/>
        </property>
        <property name="target">
            <ref local="groupTarget"/>
        </property>
        <property name="transactionAttributes">
            <props>
                <prop key="get*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="find*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="load*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="del*">PROPAGATION_REQUIRED</prop>
                <prop key="add*">PROPAGATION_REQUIRED</prop>
                <prop key="upd*">PROPAGATION_REQUIRED</prop>
                <prop key="login">PROPAGATION_REQUIRED,readOnly</prop>
            </props>
        </property>
    </bean>

    <bean id="groupDao" class="be.fgov.caamihziv.mdf.usermanagement.service.GroupDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>
    <bean id="userDao" class="be.fgov.caamihziv.mdf.usermanagement.service.UserDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>

    <bean id="regionalOfficeDao" class="be.fgov.caamihziv.mdf.usermanagement.service.RegionalOfficeDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>
    <bean id="insuranceAgencyDao" class="be.fgov.caamihziv.mdf.usermanagement.service.InsuranceAgencyDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>
    <bean id="memberDao" class="be.fgov.caamihziv.mdf.usermanagement.service.MemberDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>

remote-servlet

Code:

<beans>

     <!--HTTPEXPORTER for the usermanagement service -->
    <bean name="/GroupService-hessian" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
  <property name="service"><ref bean="group"/></property>
  <property name="serviceInterface">
   <value>be.fgov.caamihziv.mdf.usermanagement.service.GroupService</value>
  </property>
 </bean>
    <!--HTTPEXPORTER for the loing-->
    <bean name="/RemoteAuthenticationManager" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
        <property name="service"><ref bean="remoteAuthenticationManager"/></property>
        <property name="serviceInterface"><value>net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManager</value></property>
    </bean>
</beans>

I have seen in the doc that SecurityEnforcementFilter is necessary because it provides the bridge between incoming requests and the FilterSecurityInterceptor instance.

Is this my problem?? And if yes what should I specify at authenticationEntrypoint ??
Thank you in advance for this and your great job

**RayKrueger** · Jan 10th, 2005, 05:19 PM

You need to move your httpInvokerRequestExecutor out of the remoteAuthenticationManager bean and into your "group" bean. You'll add that httpInvokerRequestExecutor property to any subsequent HttpInvokerProxyFactoryBean instances you create as well.

The call to the RemoteAuthenticationManager is done insecure, meaning you do not want to override the httpInokerRequestExecutor. Any other usages of HttpInvokderProxyFactoryBean will need the Acegi AuthenticationSimpleHttpInvokerRequestExecutor in order to pass up the credentials.

Now, there's some missing parts here....
In your RemoteLoginTest code you are properly calling the authenticate method, but your not storing the result in the SecureContext..

For example...

Code:

        SecureContext secureContext = &#40;SecureContext&#41; ContextHolder.getContext&#40;&#41;;
        if &#40;secureContext == null&#41; &#123;
            secureContext = new SecureContextImpl&#40;&#41;;
            ContextHolder.setContext&#40;secureContext&#41;;
        &#125;

        Authentication result = manager.authenticate&#40;authentication&#41;;

        secureContext.setAuthentication&#40;result&#41;;

The code above is for your testing, I'm not positive it's the way your client app should actually be doing it...

Also, your going to want to look at the way your server side is configured. You do not want the RemoteAuthenticationManager on the server side to be protected by any means of HTTP security. Where as you do want your other services behind the security filters.

I, for example, have two seperate Dispatcher servlets configured. One for open items, and one for secure items.

Code:

    <servlet>
        <servlet-name>remote</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet>
        <servlet-name>secure-remote</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>2</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>remote</servlet-name>
        <url-pattern>/services/*</url-pattern>
    </servlet-mapping>

    <servlet-mapping>
        <servlet-name>secure-remote</servlet-name>
        <url-pattern>/secure/services/*</url-pattern>
    </servlet-mapping>

That allows me to declare things in remote-servlet.xml and secure-remote-servlet.xml...

The WebApplicationContext on the server side is filtered with the FilterSecurityInterceptor as such...

Code:

    <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
        <property name="authenticationManager">
            <ref local="authenticationManager"/>
        </property>
        <property name="accessDecisionManager">
            <ref local="accessDecisionManager"/>
        </property>
        <property name="objectDefinitionSource">
            <value>
			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
			    PATTERN_TYPE_APACHE_ANT
				/secure/**=ROLE_USER
            </value>
        </property>
    </bean>

I apologize if this seems somewhat rushed, I'm trying to spill as much info as I can, I'm in a bit of a hurry right now. I hope this babble helps somewhat.

Also, Ben is off on vacation or somethin for about the next week, just so ya know why he hasn't replied himself.

--Ray

**hykiukira2** · Jan 11th, 2005, 04:35 AM

Thanks a lot for your answer RayKrueger. I have changed my config as you said, and it already looks better but I have still the problem. I looks like I don't pass through the filter (but I don't think so) or that the point would should trigger the security check is not trigered. I think i missed a link between some beans.

I put my change, so that if you have the time you can maybe help me.
In the client context I have added the httpInvokerRequestExecutor to group service and changed the url to secure/remoting/

Code:

 <!--ACEGY CONFIGURATION-->
    <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref bean="remoteAuthenticationProvider"/>
            </list>
        </property>
    </bean>

    <bean id="remoteAuthenticationProvider" class="net.sf.acegisecurity.providers.rcp.RemoteAuthenticationProvider">
        <property name="remoteAuthenticationManager">
            <ref bean="remoteAuthenticationManager"/>
        </property>
    </bean>

    <bean id="remoteAuthenticationManager" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
        <property name="serviceInterface">
            <value>net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManager</value>
        </property>
        <property name="serviceUrl">
            <value>http&#58;//localhost&#58;8080/MDF/remoting/RemoteAuthenticationManager</value>
        </property>
    </bean>

    <bean id="authenticationRequestExecutor" class="net.sf.acegisecurity.ui.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor"></bean>
    <!--END OF ACEGI CONFIGURATION-->

    <bean id="group" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
        <property name="serviceUrl">
            <value>http&#58;//localhost&#58;8080/MDF/secure/remoting/GroupService-hessian</value>
        </property>
        <property name="serviceInterface">
            <value>be.fgov.caamihziv.mdf.usermanagement.service.GroupService</value>
        </property>
       <property name="httpInvokerRequestExecutor">
             <ref bean="authenticationRequestExecutor"/>
        </property>
    </bean>

I have now a a secure_servlet_remoting_context that look like :

Code:

 <bean name="/GroupService-hessian" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
  <property name="service"><ref bean="group"/></property>
  <property name="serviceInterface">
   <value>be.fgov.caamihziv.mdf.usermanagement.service.GroupService</value>
  </property>
 </bean>

I have added a new servlet dispatcher in my web.xml

Code:

  <servlet>
  <servlet-name>secure_remoting</servlet-name>
  <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
  <load-on-startup>20</load-on-startup>
 </servlet>
 <servlet-mapping>
  <servlet-name>secure_remoting</servlet-name>
  <url-pattern>/secure/remoting/*</url-pattern>
 </servlet-mapping>

and changed the filter mapping

Code:

 <filter-mapping>
           <filter-name>Acegi_HTTP_BASIC_Authorization_Filter</filter-name>
           <url-pattern>/secure/remoting/*</url-pattern>
         </filter-mapping>

         <filter-mapping>
           <filter-name>Acegi_Security_System_for_Spring_HttpSession_Integration_Filter</filter-name>
           <url-pattern>/secure/remoting/*</url-pattern>
         </filter-mapping>

and finally (pfiou it's a long story, I hope you do not bother) :roll:

I have added securityEnforcementFilter and filterInvocationInterceptor to my application context

Code:

 <bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
      <property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
      <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
   </bean>
    <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
            <property name="authenticationManager">
                <ref local="authenticationManager"/>
            </property>
            <property name="accessDecisionManager">
                <ref local="accessDecisionManager"/>
            </property>
            <property name="objectDefinitionSource">
                <value>
                 CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                 PATTERN_TYPE_APACHE_ANT
                /secure/**=ROLE_USER
                </value>
            </property>
        </bean>

It looks like a better configuration but I still can make a direct call to my group service without any exception.

Thank you

**hykiukira2** · Jan 11th, 2005, 06:27 AM

Ok I got It. Thanks again RayKrueger. You put me on the good way.

I forgot to add the securityEnforcementFilter in mys web.xml

Code:

 <filter>
        <filter-name>Acegy_http_request_security_filter</filter-name>
        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
        <init-param>
             <param-name>targetClass</param-name>
             <param-value>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</param-value>
        </init-param>
    </filter>

  <filter-mapping>
           <filter-name>Acegy_http_request_security_filter</filter-name>
           <url-pattern>/secure/remoting/*</url-pattern>
         </filter-mapping>

Now it works perfectly. It's an amazing package.
I'll put all my configs file on the forum later on so, for future rich client / acegi users.

Bye until the nex question

**hykiukira2** · Jan 24th, 2005, 04:30 AM

Here is my implementation but I think there is a better way to do it with autoproxying if you have a lot of class which need proxy (Maybe there are beans declare that are not needed, I did not have the time to read the doc on everything I took from the sample example)

applicationcontext.xml

Code:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http&#58;//www.springframework.org/dtd/spring-beans.dtd">

<beans>


    <bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
        <property name="location">
            <value>classpath&#58;/jdbc.properties</value>
        </property>
    </bean>


    <!--ACEGI CONFIGURATION-->

      <!-- RunAsManager -->
   <bean id="runAsManager" class="net.sf.acegisecurity.runas.RunAsManagerImpl">
      <property name="key"><value>my_run_as_password</value></property>
   </bean>
    <!-- TEST-->

	<bean id="runAsAuthenticationProvider" class="net.sf.acegisecurity.runas.RunAsImplAuthenticationProvider">
     	<property name="key"><value>my_run_as_password</value></property>
 	</bean>

	<bean id="authByAdapterProvider" class="net.sf.acegisecurity.adapters.AuthByAdapterProvider">
  		<property name="key"><value>my_password</value></property>
 	</bean>

    <!--END OF TEST-->

     <bean id="remoteAuthenticationManager" class="net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManagerImpl">
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
    </bean>

    <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref local="daoAuthenticationProvider"/>
                <ref local="runAsAuthenticationProvider"/>
          <ref local="authByAdapterProvider"/>
            </list>
        </property>
    </bean>

    <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
        <property name="authenticationDao">
            <ref local="inMemoryDaoImpl"/>
        </property>
    </bean>

    <bean id="inMemoryDaoImpl" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
        <property name="userMap">
            <value>
                admin=admin,ROLE_USER,ROLE_SUPERVISOR
                dianne=emu,ROLE_USER
                scott=wombat,ROLE_TELLER
                peter=opal,disabled,ROLE_TELLER
            </value>
        </property>
    </bean>


    <bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
        <property name="allowIfAllAbstainDecisions">
            <value>false</value>
        </property>
        <property name="decisionVoters">
            <list>
                <ref local="roleVoter"/>
            </list>
        </property>
    </bean>

   <bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>


    <bean id="basicProcessingFilter" class="net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter">
        <property name="authenticationManager">
            <ref local="authenticationManager"/>
        </property>
        <property name="authenticationEntryPoint">
            <ref local="basicProcessingFilterEntryPoint"/>
        </property>
    </bean>

    <bean id="basicProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
        <property name="realmName">
            <value>Contacts Realm</value>
        </property>
    </bean>

    <bean id="httpSessionIntegrationFilter" class="net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter"/>
    <!--<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter"/>-->

    <!--END OF ACEGI CONFIGURATION-->


    <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <property name="driverClassName">
            <value>$&#123;jdbc.driverClassName&#125;</value>
        </property>
        <property name="url">
            <value>$&#123;jdbc.url&#125;</value>
        </property>
        <property name="username">
            <value>$&#123;jdbc.username&#125;</value>
        </property>
        <property name="password">
            <value>$&#123;jdbc.password&#125;</value>
        </property>
    </bean>

    <bean id="sessionFactory" class="org.springframework.orm.hibernate.LocalSessionFactoryBean">
        <property name="dataSource">
            <ref local="dataSource"/>
        </property>
        <property name="mappingResources">
            <list>
                <value>be/fgov/caamihziv/fdm/usermanagement/User.hbm.xml</value>
                <value>be/fgov/caamihziv/fdm/usermanagement/Group.hbm.xml</value>
                <value>be/fgov/caamihziv/fdm/usermanagement/RegionalOffice.hbm.xml</value>
                <value>be/fgov/caamihziv/fdm/usermanagement/InsuranceAgency.hbm.xml</value>
                <value>be/fgov/caamihziv/fdm/membermanagement/Member.hbm.xml</value>
                <value>be/fgov/caamihziv/fdm/membermanagement/registrationmanagement/RegistrationMotives.hbm.xml</value>
            </list>
        </property>
        <property name="hibernateProperties">
            <props>
                <prop key="hibernate.dialect">$&#123;hibernate.dialect&#125;</prop>
                <prop key="hibernate.show_sql">true</prop>
                <prop key="hibernate.hbm2ddl.auto">create-drop</prop>
            </props>
        </property>
    </bean>

    <!-- Transaction manager for a single Hibernate SessionFactory &#40;alternative to JTA&#41; -->
    <bean id="transactionManager" class="org.springframework.orm.hibernate.HibernateTransactionManager">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>
    <!-- ===================== SECURITY DEFINITIONS ======================= -->

   <bean id="UserManagementSecurityManager" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
      <property name="authenticationManager"><ref local="authenticationManager"/></property>
      <property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
      <property name="runAsManager"><ref local="runAsManager"/></property>
      <property name="objectDefinitionSource">
         <value>
                be.fgov.caamihziv.fdm.usermanagement.service.UserManagementService.*=ROLE_SUPERVISOR
         </value>
      </property>
   </bean>

    <bean id="UserManagementManager" class="org.springframework.aop.framework.ProxyFactoryBean">
      <property name="proxyInterfaces"><value>be.fgov.caamihziv.fdm.usermanagement.service.UserManagementService</value></property>
      <property name="interceptorNames">
         <list>
            <idref local="UserManagementSecurityManager"/>
         </list>
      </property>
      <property name="target">
              <ref bean="groupTarget"/>
      </property>
   </bean>
    <!--BUSINESS DEFINITION-->

    <bean id="groupTarget" class="be.fgov.caamihziv.fdm.usermanagement.service.UserManagementServiceImpl">
        <!--<property name="proxyInterfaces"><value>be.fgov.caamihziv.fdm.usermanagement.service.UserManagementService</value></property>-->
        <property name="groupDao">
            <ref local="groupDao"/>
        </property>
        <property name="userDao">
            <ref local="userDao"/>
        </property>
        <property name="regionalOfficeDao">
            <ref local="regionalOfficeDao"/>
        </property>
        <property name="insuranceAgencyDao">
            <ref local="insuranceAgencyDao"/>
        </property>
    </bean>

    <bean id="group" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">

        <property name="transactionManager">
            <ref local="transactionManager"/>
        </property>
        <property name="target">
            <ref local="UserManagementManager"/>
        </property>
        <property name="transactionAttributes">
            <props>
                <prop key="get*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="find*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="load*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="del*">PROPAGATION_REQUIRED</prop>
                <prop key="add*">PROPAGATION_REQUIRED</prop>
                <prop key="upd*">PROPAGATION_REQUIRED</prop>
                <prop key="login">PROPAGATION_REQUIRED,readOnly</prop>
            </props>
        </property>


    </bean>

    <bean id="groupDao" class="be.fgov.caamihziv.fdm.usermanagement.service.GroupDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>
    <bean id="userDao" class="be.fgov.caamihziv.fdm.usermanagement.service.UserDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>

    <bean id="regionalOfficeDao" class="be.fgov.caamihziv.fdm.usermanagement.service.RegionalOfficeDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>
    <bean id="insuranceAgencyDao" class="be.fgov.caamihziv.fdm.usermanagement.service.InsuranceAgencyDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>

    <bean id="memberTarget" class="be.fgov.caamihziv.fdm.membermanagement.service.MemberManagementServiceImpl">
        <property name="memberDao">
            <ref local="memberDao"/>
        </property>
    </bean>

    <bean id="member" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
        <property name="transactionManager">
            <ref local="transactionManager"/>
        </property>
        <property name="target">
            <ref local="memberTarget"/>
        </property>
        <property name="transactionAttributes">
            <props>
                <prop key="get*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="find*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="load*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="add*">PROPAGATION_REQUIRED</prop>
                <prop key="upd*">PROPAGATION_REQUIRED</prop>
            </props>
        </property>
    </bean>

    <bean id="memberDao" class="be.fgov.caamihziv.fdm.membermanagement.service.MemberDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>

    <bean id="registrationTarget" class="be.fgov.caamihziv.fdm.membermanagement.registrationmanagement.service.RegistrationManagementServiceImpl">
        <property name="registrationMotivesDao">
            <ref local="registrationMotivesDao"/>
        </property>
    </bean>

    <bean id="registration" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
        <property name="transactionManager">
            <ref local="transactionManager"/>
        </property>
        <property name="target">
            <ref local="registrationTarget"/>
        </property>
        <property name="transactionAttributes">
            <props>
                <prop key="get*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="find*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="load*">PROPAGATION_REQUIRED,readOnly</prop>
                <prop key="add*">PROPAGATION_REQUIRED</prop>
                <prop key="upd*">PROPAGATION_REQUIRED</prop>
            </props>
        </property>
    </bean>

    <bean id="registrationMotivesDao" class="be.fgov.caamihziv.fdm.membermanagement.registrationmanagement.service.RegistrationMotivesDaoImpl">
        <property name="sessionFactory">
            <ref local="sessionFactory"/>
        </property>
    </bean>


      <!-- ===================== HTTP REQUEST SECURITY ==================== -->

       <!-- BASIC Regular Expression Syntax &#40;for beginners&#41;&#58;

        \A means the start of the string &#40;ie the beginning of the URL&#41;
        \Z means the end of the string &#40;ie the end of the URL&#41;
        .  means any single character
        *  means null or any number of repetitions of the last expression &#40;so .* means zero or more characters&#41;

        Some examples&#58;

        Expression&#58;   \A/my/directory/.*\Z
        Would match&#58;    /my/directory/
                        /my/directory/hello.html

        Expression&#58;   \A/.*\Z
        Would match&#58;    /hello.html
                        /

        Expression&#58;   \A/.*/secret.html\Z
        Would match&#58;    /some/directory/secret.html
                        /another/secret.html
        Not match&#58;      /anothersecret.html &#40;missing required /&#41;-->

    <bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
      <property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
      <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
   </bean>
    <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
            <property name="authenticationManager">
                <ref local="authenticationManager"/>
            </property>
            <property name="accessDecisionManager">
                <ref local="accessDecisionManager"/>
            </property>
            <property name="objectDefinitionSource">
                <value>
                 CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                 PATTERN_TYPE_APACHE_ANT
                /secure/**=ROLE_USER
                </value>
            </property>
        </bean>

</beans>

-->

Web.xml

Code:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http&#58;//java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
 <display-name>CAAMI-HZIV FDM</display-name>

 <description>Fichiers des Membres</description>


 <!--
   - Location of the Log4J config file, for initialization and refresh checks.
	  - Applied by Log4jConfigListener.
	  -->
	<context-param>
		<param-name>log4jConfigLocation</param-name>
		<param-value>classpath&#58;/log4j.properties</param-value>
	</context-param>

	<!--
   - Location of the XML file that defines the root application context.
   - Applied by ContextLoaderServlet.
  -
  - Can be set to "/WEB-INF/applicationContext-hibernate.xml" for the Hibernate
  - implementation, "/WEB-INF/applicationContext-ojb.xml" for the Apache OJB one,
  - or "/WEB-INF/applicationContext-jdbc.xml" for the JDBC one.
   -->
 <context-param>
  <param-name>contextConfigLocation</param-name>
  <param-value>classpath&#58;/applicationContext.xml</param-value>
 </context-param>

 <!--
   - Loads the root application context of this web app at startup,
   - by default from "/WEB-INF/applicationContext.xml".
		- Note that it is preferable to use ContextLoaderListener in a servlet container
		- that follows the Servlet 2.4 initialization order &#40;many Servlet 2.3 containers do&#41;.
		-
	  - Use WebApplicationContextUtils.getWebApplicationContext&#40;servletContext&#41;
	  - to access it anywhere in the web application, outside of the framework.
	  -
	  - The root context is the parent of all servlet-specific contexts.
	  - This means that its beans are automatically available in these child contexts,
	  - both for getBean&#40;name&#41; calls and &#40;external&#41; bean references.
    -->
    <!--ACEGI CONFIGURATION-->
      <filter>
           <filter-name>Acegi_HTTP_BASIC_Authorization_Filter</filter-name>
           <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
           <init-param>
             <param-name>targetClass</param-name>
             <param-value>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</param-value>
           </init-param>
         </filter>

         <filter>
           <filter-name>Acegi_Security_System_for_Spring_HttpSession_Integration_Filter</filter-name>
           <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
           <init-param>
             <param-name>targetClass</param-name>
             <param-value>net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter</param-value>
           </init-param>
          </filter>

     <filter>
        <filter-name>Acegy_http_request_security_filter</filter-name>
        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
        <init-param>
             <param-name>targetClass</param-name>
             <param-value>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</param-value>
        </init-param>
    </filter>

         <filter-mapping>
           <filter-name>Acegi_HTTP_BASIC_Authorization_Filter</filter-name>
           <url-pattern>/secure/remoting/*</url-pattern>
         </filter-mapping>

         <filter-mapping>
           <filter-name>Acegi_Security_System_for_Spring_HttpSession_Integration_Filter</filter-name>
           <url-pattern>/secure/remoting/*</url-pattern>
         </filter-mapping>

        <filter-mapping>
           <filter-name>Acegy_http_request_security_filter</filter-name>
           <url-pattern>/secure/remoting/*</url-pattern>
         </filter-mapping>



    <!-- Listener to initialize the spring application context -->
      <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
      </listener>



 <!--<servlet>
  <servlet-name>context</servlet-name>
  <servlet-class>org.springframework.web.context.ContextLoaderServlet</servlet-class>
  <load-on-startup>1</load-on-startup>
 </servlet>-->

 <!--
  - Dispatcher servlet definition for HTTP remoting via Hessian, Burlap, and
  - Spring's HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
  -->
 <servlet>
  <servlet-name>remoting</servlet-name>
  <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
  <load-on-startup>10</load-on-startup>
 </servlet>

    <servlet>        
  <servlet-name>secure_remoting</servlet-name>
  <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
  <load-on-startup>20</load-on-startup>
 </servlet>

 <!--
  - Dispatcher servlet mapping for HTTP remoting via Hessian, Burlap, and
  - Spring's HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
  -->
 <servlet-mapping>
  <servlet-name>remoting</servlet-name>
  <url-pattern>/remoting/*</url-pattern>
 </servlet-mapping>

    <servlet-mapping>
  <servlet-name>secure_remoting</servlet-name>
  <url-pattern>/secure/remoting/*</url-pattern>
 </servlet-mapping>

 <session-config>
  <session-timeout>10</session-timeout>
 </session-config>

</web-app>

servlet.xml

Code:

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http&#58;//www.springframework.org/dtd/spring-beans.dtd">

<!--
 - Dispatcher servlet for HTTP remoting via Hessian, Burlap, and Spring's
 - HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
 -->
<beans>


    <!--HTTPEXPORTER for the login-->
    <bean name="/RemoteAuthenticationManager" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
        <property name="service">
            <ref bean="remoteAuthenticationManager"/>
        </property>
        <property name="serviceInterface">
            <value>net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManager</value>
        </property>
    </bean>
</beans>

secureservlet.xml

Code:

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http&#58;//www.springframework.org/dtd/spring-beans.dtd">

<!--
 - Dispatcher servlet for HTTP remoting via Hessian, Burlap, and Spring's
 - HTTP invoker &#40;see remoting-servlet.xml for the controllers&#41;.
 -->
<beans>

     <!--HTTPEXPORTER for the usermanagement service -->
    <bean name="/GroupService" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
  <property name="service"><ref bean="group"/></property>
  <property name="serviceInterface">
   <value>be.fgov.caamihziv.fdm.usermanagement.service.UserManagementService</value>
  </property>
 </bean>
    <bean name="/MemberManagementService" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
  <property name="service"><ref bean="member"/></property>
  <property name="serviceInterface">
   <value>be.fgov.caamihziv.fdm.membermanagement.service.MemberManagementService</value>
  </property>
 </bean>
    <bean name="/RegistrationManagementService" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
  <property name="service"><ref bean="registration"/></property>
  <property name="serviceInterface">
   <value>be.fgov.caamihziv.fdm.membermanagement.registrationmanagement.service.RegistrationManagementService</value>
  </property>
 </bean>
</beans>

I hope this help.

**gfaerman** · Jan 24th, 2005, 06:16 AM

Thanks!
Gustavo

Thread: Rich client example

Thread Tools

Display

Rich client example

Thanks!

Similar Threads

Sharing authentication between webapp & rich client

Domain Models and Validation – An Architectural Discussion

Spring Framework / Spring Rich Client Library Hell?

Migrating Existing App to Spring Rich Client

Spring Rich Client and the HMVC Pattern

Posting Permissions