SpringSecurity 2.02 ,How to do url resource write in database

[stupidkid]

<http auto-config="true" realm="Contacts Realm" access-denied-page="/erro.jsp" entry-point-ref="authenticationProcessingFilterEntryPoint" access-decision-manager-ref="httpRequestAccessDecisionManager" >
<intercept-url pattern="/" access="ROLE_ADMIN,ROLE_ANONYMOUS" />
<intercept-url pattern="/index.jsp" access="ROLE_ADMIN,ROLE_ANONYMOUS"/>
<intercept-url pattern="/admin.jsp" access="ROLE_ADMIN"/>
<intercept-url pattern="/boss.jsp*" access="ROLE_ADMIN"/>
<intercept-url pattern="/employee.jsp" access="ROLE_ADMIN"/>
<intercept-url pattern="/manager.jsp" access="ROLE_ADMIN"/>
<intercept-url pattern="/test.jsp" access="ROLE_ADMIN"/>
<intercept-url pattern="/j_spring_security_switch_user" access="ROLE_ADMIN,ROLE_ANONYMOUS"/>
<intercept-url pattern="/**" access="ROLE_ADMIN,ROLE_ANONYMOUS"/><!-- 只有为ROLE_USER 才能访问本系统的http资源 -->
<form-login login-page="/login.jsp" authentication-failure-url="/login.jsp?login_error=1" login-processing-url="/j_acegi_security_check" default-target-url="/index.jsp" />
<logout logout-success-url="/login?login_error=2" logout-url="/login?login_error=4"/>
<anonymous granted-authority="ROLE_ANONYMOUS" key="doesNotMatter" username="anonymousUser"/>
</http>


I want to <intercept-url ... write in database ,but i don't know how to do?

[jonnio]

You can add an authentication intercepter if that is what you mean. Please elaborate.

[sousa1981]

you have to use the bean approach.

Code:

public class CustomObjectDefinitionServiceImpl
implements FilterInvocationDefinitionSource  {
    private AclDao aclDao;
    private ApplicationFeatureDao applicationFeatureDao;
    private UrlMatcher urlMatcher;

    public AclDao getAclDao() {
        return this.aclDao;
    }

    public void setAclDao(AclDao aclDao) {
        this.aclDao = aclDao;
    }

    public ApplicationFeatureDao getApplicationFeatureDao() {
        return this.applicationFeatureDao;
    }
    public void setApplicationFeatureDao(ApplicationFeatureDao applicationFeatureDao) {
        this.applicationFeatureDao = applicationFeatureDao;
    }

    public UrlMatcher getUrlMatcher() {
        return this.urlMatcher;
    }
    public void setUrlMatcher(UrlMatcher urlMatcher) {
        this.urlMatcher = urlMatcher;
    }

    private DefaultFilterInvocationDefinitionSource getCustomFid() {
        LinkedHashMap<RequestKey, ConfigAttributeDefinition> requestMap = new LinkedHashMap<RequestKey, ConfigAttributeDefinition>();
        List<ApplicationFeature> applicationFeatures = this.applicationFeatureDao.getAllApplicationFeature();
        for (ApplicationFeature applicationFeature : applicationFeatures)
        {
            Application application = applicationFeature.getApplication();
            Features feature = applicationFeature.getFeature();
            final String localAntPath = "/" + application.getName() + "/" + feature.getName() + "**";
            List<Group> groups = this.aclDao.getAllGroupThatCanAccessApplicationAndFeature(application, feature);
            List<ConfigAttribute> configList = new LinkedList<ConfigAttribute>();
            for (Group group : groups)
            {
                configList.add(new SecurityConfig(group.getAuthority()));
            }
            ConfigAttributeDefinition cad = new ConfigAttributeDefinition(configList);
            RequestKey requestKey = new RequestKey(localAntPath);
            requestMap.put(requestKey, cad);
        }
        return new DefaultFilterInvocationDefinitionSource(this.urlMatcher, requestMap);
    }



    @Override
    public ConfigAttributeDefinition getAttributes(Object obj)
            throws IllegalArgumentException {
          return this.getCustomFid().getAttributes(obj);
    }

    @Override
    public Collection<?> getConfigAttributeDefinitions() {
        return this.getCustomFid().getConfigAttributeDefinitions();
    }

    @SuppressWarnings("unchecked")
    @Override
    public boolean supports(Class clazz) {
        return FilterInvocation.class.isAssignableFrom(clazz);
    }
}

Can you please explain in more detail what is ApplicationFeature, Feature and Application in context of your application?

What getCustomFid() should do?

Please show me too the spring security xml.

Thanks in advance

[bukebushuo]

you have to use the bean approach.

Code:

public class CustomObjectDefinitionServiceImpl
implements FilterInvocationDefinitionSource  {
    private AclDao aclDao;
    private ApplicationFeatureDao applicationFeatureDao;
    private UrlMatcher urlMatcher;

    public AclDao getAclDao() {
        return this.aclDao;
    }

    public void setAclDao(AclDao aclDao) {
        this.aclDao = aclDao;
    }

    public ApplicationFeatureDao getApplicationFeatureDao() {
        return this.applicationFeatureDao;
    }
    public void setApplicationFeatureDao(ApplicationFeatureDao applicationFeatureDao) {
        this.applicationFeatureDao = applicationFeatureDao;
    }

    public UrlMatcher getUrlMatcher() {
        return this.urlMatcher;
    }
    public void setUrlMatcher(UrlMatcher urlMatcher) {
        this.urlMatcher = urlMatcher;
    }

    private DefaultFilterInvocationDefinitionSource getCustomFid() {
        LinkedHashMap<RequestKey, ConfigAttributeDefinition> requestMap = new LinkedHashMap<RequestKey, ConfigAttributeDefinition>();
        List<ApplicationFeature> applicationFeatures = this.applicationFeatureDao.getAllApplicationFeature();
        for (ApplicationFeature applicationFeature : applicationFeatures)
        {
            Application application = applicationFeature.getApplication();
            Features feature = applicationFeature.getFeature();
            final String localAntPath = "/" + application.getName() + "/" + feature.getName() + "**";
            List<Group> groups = this.aclDao.getAllGroupThatCanAccessApplicationAndFeature(application, feature);
            List<ConfigAttribute> configList = new LinkedList<ConfigAttribute>();
            for (Group group : groups)
            {
                configList.add(new SecurityConfig(group.getAuthority()));
            }
            ConfigAttributeDefinition cad = new ConfigAttributeDefinition(configList);
            RequestKey requestKey = new RequestKey(localAntPath);
            requestMap.put(requestKey, cad);
        }
        return new DefaultFilterInvocationDefinitionSource(this.urlMatcher, requestMap);
    }



    @Override
    public ConfigAttributeDefinition getAttributes(Object obj)
            throws IllegalArgumentException {
          return this.getCustomFid().getAttributes(obj);
    }

    @Override
    public Collection<?> getConfigAttributeDefinitions() {
        return this.getCustomFid().getConfigAttributeDefinitions();
    }

    @SuppressWarnings("unchecked")
    @Override
    public boolean supports(Class clazz) {
        return FilterInvocation.class.isAssignableFrom(clazz);
    }
}

Can you show me the XML ?
Thanks !

[cablepuff]

Code:

<!--  authorization -->
<bean id="filterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor" autowire="autodetect">
      <property name="accessDecisionManager" ref="accessDecisionManager"/>
      <property name="validateConfigAttributes" value="true"/>
      <property name="objectDefinitionSource" ref="security.objectDefinitionService"/>
 </bean>

i created bean for that.

2.) application feature are urls

[bukebushuo]

Code:

<!--  authorization -->
<bean id="filterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor" autowire="autodetect">
      <property name="accessDecisionManager" ref="accessDecisionManager"/>
      <property name="validateConfigAttributes" value="true"/>
      <property name="objectDefinitionSource" ref="security.objectDefinitionService"/>
 </bean>

i created bean for that.

2.) application feature are urls

i am very thanks !

[grayfoxdie]

i created bean for that.

2.) application feature are urls

could you show me ApplicationFeature's code please ?

and what's aclDao.getAllGroupThatCanAccessApplicationAndFeatu re(application, feature)?

Thanks in advance

[sousa1981]

Code:

<!--  authorization -->
<bean id="filterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor" autowire="autodetect">
      <property name="accessDecisionManager" ref="accessDecisionManager"/>
      <property name="validateConfigAttributes" value="true"/>
      <property name="objectDefinitionSource" ref="security.objectDefinitionService"/>
 </bean>

i created bean for that.

2.) application feature are urls

Thanks.

I have made in same way old acegi work, declaring all beans and implement DatabaseObjectDefinition. It is working, but I am not happening with it.

What about if you write an complete article showing only purpose of DatabaseObjectDefinition?

You show as how is your tables (url and roles relashionships), what it is inside? your xml? and your beans?

Hope you answers me,

Thanks,

[sousa1981]

I am using Spring with Hibernate and ZK Framework (www.zkoss.org)

1. DATABASE
CARGO = ROLE
create table CARGO (
ID numeric(18, 0) identity(1,1),
NOME varchar(100) unique not null,
SITUACAO int default 1 not null,
primary key (ID)
);

create table SUBMENU (
ID numeric(18, 0) identity(1,1),
NOME varchar(255) not null,
URL varchar(255),
SUBMENU_ID varchar(50) unique not null,
MENU numeric(18, 0) not null,
DESCRITIVO varchar(255),
SITUACAO int default 1 not null,
primary key (ID),
foreign key (MENU) references MENU(ID)
);

create table CARGO_SUBMENU (
CARGO numeric(18, 0),
SUBMENU numeric(18, 0),
primary key (CARGO, SUBMENU),
foreign key (CARGO) references CARGO(ID),
foreign key (SUBMENU) references SUBMENU(ID)
);

[jerryag]

Code:

<!--  authorization -->
<bean id="filterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor" autowire="autodetect">
      <property name="accessDecisionManager" ref="accessDecisionManager"/>
      <property name="validateConfigAttributes" value="true"/>
      <property name="objectDefinitionSource" ref="security.objectDefinitionService"/>
 </bean>

i created bean for that.

2.) application feature are urls

Hello.

Can you show the entire applicationContext.xml (because I have doubts about how other related beans are declared).

Thanks in advance.

Jerry - Brazil