Need Sample JdbcDaoImpl Application

**bacha** · Apr 21st, 2006, 01:24 AM

Hello friends

I am pretty new to this part of Spring. I am now trying to learn how to implement acegi security in a login jsp page. I got a sample program for login using InMemoryDaoImpl. Now I would like to migrate to JdbcDaoImpl.Can anyone send me sample program which uses JdbcDaoImpl and help me.

Thanks in advance
Bala

**Ben Alex** · Apr 22nd, 2006, 11:03 PM

The Contacts Sample which ships with Acegi Security shows how to use JDBC authentication. You basically just inject the JDBC provider into your DaoAuthenticationProvider, instead of the in-memory provider.

**tvaughan77** · Apr 24th, 2006, 04:39 PM

Hey bacha,

Check out http://hispacta.blogspot.com and look at my last 2 posts on how to convert from inMemoryDaoImpl to jdbcDaoImpl.

Note that in my situation, the AuthenticationManager is provided as a web service, so there might be some slight differences.

Email me at thomas.vaughan@usitc.gov if you need more help.

**bacha** · Apr 25th, 2006, 12:15 AM

Hello Friends

As I told you earlier I was working to convert the inMemory application I downloaded from web to Jdbc. The inMemory samples applicationContext.xml file has the following codes

<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderMana ger">
<property name="providers">
<list>
<ref bean="daoAuthenticationProvider"/>
<ref local="anonymousAuthenticationProvider"/>
</list>
</property>
</bean>

<bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthe nticationProvider">
<property name="authenticationDao">
<ref local="memoryAuthenticationDao"/>
</property>
</bean>

<bean id="memoryAuthenticationDao" class="net.sf.acegisecurity.providers.dao.memory.I nMemoryDaoImpl">
<property name="userMap">
<value>mark=java,ROLE_ADMIN,ROLE_USER</value>
</property>
</bean>

They are specifying that the username=mark and his passowrd is java.

Should I inject the dataSource along with my query into the place where they have hardcoded the username and password. Is that all the change I should make? Or should I make anymore changes to migrate from inMemeory to Jdbc?
Can you spend some time for me if I send you the sample program or post it somewhere?

Thanx in advance
Bala

**tvaughan77** · Apr 25th, 2006, 08:23 AM

Hi Bala,

In your "daoAuthenticationProvider" bean, change the property of the authenticationDao from "memoryAuthenticationDao" to "jdbcDaoImpl"

Then add this bean to your configuration:

Code:

	<bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
		<property name="dataSource"><ref bean="yourDataSource"/></property>
	</bean>

Then define the "yourDataSource" bean. For example, you might have something like this:

Code:

    <bean id="yourDataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <property name="driverClassName">
            <value>org.hsqldb.jdbcDriver</value>
        </property>
        <property name="url">
            <value>jdbc:hsqldb:mem:contacts</value>
        </property>
        <property name="username">
            <value>sa</value>
        </property>
        <property name="password">
            <value></value>
        </property>
    </bean>

Inside that dataSource, Acegi is going to expect to be able to run these 2 SQL queries to get the username, password and granted authorities. If your database schema already exists and/or you don't like this schema, you can override what SQL statements Acegi uses (check out hispacta.blogspot.com for an example of what I had to do).

Anyway, the 2 SQL queries Acegi is expecting to run are:

1) DEF_USERS_BY_USERNAME_QUERY = "SELECT username,password,enabled FROM users WHERE username = ?";

2) DEF_AUTHORITIES_BY_USERNAME_QUERY = "SELECT username,authority FROM authorities WHERE username = ?";

Does this make sense?

**bacha** · Apr 26th, 2006, 08:04 AM

Hello

As you said I changed the code according to the steps you showed in the blog. The original example had

Code:

  <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
      <property name="authenticationDao">
         <ref local="memoryAuthenticationDao"/>
      </property>
   </bean>
   
   <bean id="memoryAuthenticationDao" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
      <property name="userMap">
        <value>mark=password,ROLE_ADMIN,ROLE_USER</value>
      </property>
   </bean>

now I changed it to

Code:

<bean id="jdbcAuthenticationDao" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
		<property name="dataSource">
			<ref bean="dataSource" />
		</property>
		<property name="usersByUsernameQuery">
			<value>Select login, password FROM student WHERE login=?</value>
		</property>
		<property name="authoritiesByUsernameQuery">
			<value>SELECT login,authority FROM authorities WHERE login = ?</value>
		</property>
	</bean>

now in the original program they have declared a SecurityEnforcementFilter bean like

Code:

<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
      <property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
      <property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>
   </bean>

The FilterSecurityInterceptor is defined as

Code:

  <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
      <property name="authenticationManager"><ref bean="authenticationManager"/></property>
      <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
      <property name="objectDefinitionSource">
         <value>
			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
			    PATTERN_TYPE_APACHE_ANT
			    /acegilogin.jsp*=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
			    /secured*=ROLE_ADMIN
			    /**=ROLE_USER
         </value>
      </property>
   </bean>

and the AuthenticationProcessingFilterEntryPoint as following

Code:

 <bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
      <property name="loginFormUrl"><value>/acegilogin.jsp</value></property>
      <property name="forceHttps"><value>false</value></property>
  </bean>

now the problem I face is that net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter has been replaced by org.acegisecurity.ui.ExceptionTranslationFilter and it does not accept a FilterSecurityInterceptor. So what changes should I make in the old code to run the code.

And also can you please suggest what are all the other changes I should make to make it up and running.

Please take a look at the original applicationContext.xml and modified applicationContext.xml and suggest me what changes should I make.

Thanks in advance
Bala

**dmaodo** · Apr 27th, 2006, 03:52 AM

I can't loggon with jdbc acegi authentication from acegi sourceforge. Is there someone have a simple tutorial to this...

**Ben Alex** · Apr 27th, 2006, 05:29 PM

The Contacts Sample which ships with Acegi Security uses JDBC authentication. Try looking there.

**riyer** · May 1st, 2006, 10:42 PM

Hello Bala

I viewed both your xml files. Couldn't figure out anything wrong. Your application must work.

Thread: Need Sample JdbcDaoImpl Application

Thread Tools

Display