Results 1 to 6 of 6

Thread: J2EE security context to Acegi context

  1. Aug 9th, 2007, 10:45 AM #1
    filot
    filot is offline Member
    Join Date
    Aug 2007
    Posts
    42

    Default J2EE security context to Acegi context

    Hello all,

    I want to translate my J2ee security context to Acegi.

    for that, I thought about modifiying my UserDetailsService implementation. Here is the applicationContext.xml.

    Code:
    <?xml version="1.0"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:aop="http://www.springframework.org/schema/aop"
	xmlns:tx="http://www.springframework.org/schema/tx"
	xsi:schemaLocation="
       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
       http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd
       http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd">

	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Data Source -->
	<bean id="dataSource"
		class="org.springframework.jndi.JndiObjectFactoryBean">
		<property name="jndiName">
			<value>java:/MySqlManifestationDS</value>
		</property>
	</bean>

	<!--<bean id="transactionManager"
		class="org.springframework.transaction.jta.JtaTransactionManager">
		<property name="userTransactionName"><null></null></property>
		<property name="transactionManagerName"><value>java:/TransactionManager</value></property>
		</bean>
		
		<aop:config>
		<aop:pointcut id="p" expression="execution(* org.acegisecurity.acls.MutableAclService.createAcl (..))" />
		
		<aop:advisor advice-ref="tx" pointcut-ref="p"/>
		</aop:config>
		
		<tx:advice id="tx">
		<tx:attributes>
		<tx:method name="*" propagation="REQUIRED" read-only="false" />
		</tx:attributes>
		</tx:advice>-->

	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Acegi config-->
	<!-- Aspect -->

	<bean id="securityAspect" class="util.SecurityAspect"
		factory-method="aspectOf">
		<property name="securityInterceptor" ref="securityInterceptor" />
	</bean>

	<bean id="securityInterceptor" class="org.acegisecurity.intercept.method.aspectj.AspectJSecurityInterceptor">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="accessDecisionManager"
			ref="accessDecisionManager" />
		<property name="afterInvocationManager"
			ref="afterInvocationManager" />
		<property name="objectDefinitionSource">
			<value>
				services.cyberProcedureServices.CpaManifInterface.getManifPersonne=ROLE_USER,AFTER_ACL_COLLECTION_READ
			</value>
		</property>
	</bean>

	<bean id="afterInvocationManager"
		class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager">
		<property name="providers">
			<list>
				<ref local="afterAclCollectionRead" />
			</list>
		</property>
	</bean>

	<bean id="afterAclCollectionRead"
		class="org.acegisecurity.afterinvocation.BasicAclEntryAfterInvocationCollectionFilteringProvider">
		<property name="processConfigAttribute">
			<value>AFTER_ACL_COLLECTION_READ</value>
		</property>
		<property name="aclManager" ref="aclManager" />
		<property name="requirePermission">
			<list>
				<ref
					local="ADMINISTRATION" />
			</list>
		</property>
	</bean>

	<bean
		id="ADMINISTRATION"
		class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
		<property name="staticField">
			<value>org.acegisecurity.acl.basic.SimpleAclEntry.ADMINISTRATION</value>
		</property>
	</bean>

	<bean id="accessDecisionManager"
		class="org.acegisecurity.vote.AffirmativeBased">
		<property name="allowIfAllAbstainDecisions">
			<value>true</value>
		</property>
		<property name="decisionVoters">
			<list>
				<bean class="org.acegisecurity.vote.RoleVoter">
					<property name="rolePrefix" value="ROLE" />
				</bean>
			</list>
		</property>
	</bean>


	<bean id="aclManager"
		class="org.acegisecurity.acl.AclProviderManager">
		<property name="providers">
			<list>
				<ref local="basicAclProvider" />
			</list>
		</property>
	</bean>

	<bean id="basicAclProvider"
		class="org.acegisecurity.acl.basic.BasicAclProvider">
		<property name="basicAclDao" ref="basicAclExtendedDao" />
	</bean>

	<bean id="basicAclExtendedDao"
		class="org.acegisecurity.acl.basic.jdbc.JdbcExtendedDaoImpl">
		<property name="dataSource" ref="dataSource" />
	</bean>

	<bean id="authenticationManager"
		class="org.acegisecurity.providers.ProviderManager">
		<property name="providers">
			<list>
				<ref local="authenticationProvider" />
			</list>
		</property>
	</bean>

	<bean id="authenticationProvider"
		class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
		<property name="userDetailsService"
			ref="userDetailsJDBCDaoImpl" />
	
	</bean>

	<bean id="userDetailsJDBCDaoImpl"
		class="util.J2EEtoAcegiUserDetails">
		<property name="dataSource" ref="dataSource" />
	</bean>
</beans>

    At its end, you will find that I don't call a classic acegi JDBCDaoImpl object, but a cutsom class I created. Here is the class:

    Code:
    /*
 * Projet : manifestation
 * Créé le 6 août 2007 par hussamil
 */
package util;

import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.userdetails.*;
import org.springframework.jndi.JndiObjectFactoryBean;

public class J2EEtoAcegiUserDetails implements UserDetailsService {
	
	private JndiObjectFactoryBean dataSource;
	
	public UserDetails loadUserByUsername(String userName){
		System.out.println("YO MAN, voilà le userNAme d'ACEGI" + userName);
		
		GrantedAuthority yo = new GrantedAuthorityImpl("ROLE_USER");
		GrantedAuthority [] yoS = null;
		
		yoS[0] = yo;
		UserDetails newContext = new User("Yo", "yo yo", true, true, true, true, yoS); 
		return newContext;
	}

	public JndiObjectFactoryBean getDataSource()
	{
		return dataSource;
	}

	public void setDataSource(JndiObjectFactoryBean pDataSource)
	{
		dataSource = pDataSource;
	}
	

}
    Now, the deployement, here is the exception I have:

    Code:
    ...
nested exception is org.springframework.beans.PropertyBatchUpdateException; nested PropertyAccessExceptions (1) are
:
PropertyAccessException 1: org.springframework.beans.TypeMismatchException: Failed to convert property value of type [org.jboss.re
source.adapter.jdbc.WrapperDataSource] to required type [org.springframework.jndi.JndiObjectFactoryBean] for property 'dataSource'
; nested exception is java.lang.IllegalArgumentException: Cannot convert value of type [org.jboss.resource.adapter.jdbc.WrapperDat
aSource] to required type [org.springframework.jndi.JndiObjectFactoryBean] for property 'dataSource': no matching editors or conversion strategy found
    I don't really understand! what's this WrapperDataSource class!? I made a little search, and I'm wondering if I have to write a custom propertyEditor for this class...


    Does someone has an idea!?

    Any comments about this approach are welcome as well...
    Last edited by filot; Aug 9th, 2007 at 10:51 AM.
  2. Aug 9th, 2007, 11:04 AM #2
    Luke Taylor
    Luke Taylor is offline Senior Member Acegi Security System TeamSpring Team
    Join Date
    Aug 2004
    Location
    Glasgow, Scotland
    Posts
    3,449

    Default

    Have you looked at the exisiting container adapters? There is one for JBoss.
  3. Aug 13th, 2007, 10:04 AM #3
    filot
    filot is offline Member
    Join Date
    Aug 2007
    Posts
    42

    Default

    Hello Luke,

    I made a little research about the Jboss adapter. Mainly I read this blog:

    http://www.jroller.com/eyallupu/entr..._about_acegi_s

    I have the feeling that here we describe how to translate an Acegi Authentication to a Jboss authentication.

    Right!?

    Actually what I want is rather to translate a Jboss context to an Acegi one. I would like to keep my Jboss authentication. Actually I need this translation to be able to make restrictions on the objects instances access. This is done by Acegi, but it seems to me that I need an Acegi context in order to do that.


    Any feedback!?

    Many thanks.
  4. Aug 13th, 2007, 10:35 AM #4
    filot
    filot is offline Member
    Join Date
    Aug 2007
    Posts
    42

    Default

    The problem is solved, or at least it's now running without excpetions.

    the class should also extends "JdbcDaoSupport" :P. That's why it was not working.

    Code:
    public class J2EEtoAcegiUserDetails  extends JdbcDaoSupport implements UserDetailsService {
...
    However, it doesn't seem to do work as I expected... but at least there is no more exceptions for the moment.


    Thanks a lot for your help. Please if you have any comment or remarks don't hesitate.
  5. Aug 13th, 2007, 12:31 PM #5
    filot
    filot is offline Member
    Join Date
    Aug 2007
    Posts
    42

    Default

    Hello again,

    actually, as I said, the code is not working as I expected it to do.

    The interceptor doesn't seem to be working... And the method loadClassByUserName is never called in the class J2EEtoAcegiUserDetails (defined above...). I came back to the default class "org.acegisecurity.userdetails.jdbc.JdbcDaoImp l" for the "userDetailsJDBCDaoImpl", but the problem still the same: the interceptor is never called.

    Actually I put System.out.println()'s inside the "around()" method (also defined above), and they never appear on the console...

    Is it normal!?
    Last edited by filot; Aug 14th, 2007 at 02:38 AM.
  6. Aug 14th, 2007, 06:45 AM #6
    filot
    filot is offline Member
    Join Date
    Aug 2007
    Posts
    42

    Default

    Sorry, it was a mistake.

    the "objectDefinitionSource" property was not defined correctly. :P

    I will write here any progress I make.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules