SpringSecurity 2.02 ,How to do url resource write in database

**stupidkid** · Jun 28th, 2008, 04:20 AM

<http auto-config="true" realm="Contacts Realm" access-denied-page="/erro.jsp" entry-point-ref="authenticationProcessingFilterEntryPoint" access-decision-manager-ref="httpRequestAccessDecisionManager" >
<intercept-url pattern="/" access="ROLE_ADMIN,ROLE_ANONYMOUS" />
<intercept-url pattern="/index.jsp" access="ROLE_ADMIN,ROLE_ANONYMOUS"/>
<intercept-url pattern="/admin.jsp" access="ROLE_ADMIN"/>
<intercept-url pattern="/boss.jsp*" access="ROLE_ADMIN"/>
<intercept-url pattern="/employee.jsp" access="ROLE_ADMIN"/>
<intercept-url pattern="/manager.jsp" access="ROLE_ADMIN"/>
<intercept-url pattern="/test.jsp" access="ROLE_ADMIN"/>
<intercept-url pattern="/j_spring_security_switch_user" access="ROLE_ADMIN,ROLE_ANONYMOUS"/>
<intercept-url pattern="/**" access="ROLE_ADMIN,ROLE_ANONYMOUS"/>
<form-login login-page="/login.jsp" authentication-failure-url="/login.jsp?login_error=1" login-processing-url="/j_acegi_security_check" default-target-url="/index.jsp" />
<logout logout-success-url="/login?login_error=2" logout-url="/login?login_error=4"/>
<anonymous granted-authority="ROLE_ANONYMOUS" key="doesNotMatter" username="anonymousUser"/>
</http>

I want to <intercept-url ... write in database ,but i don't know how to do?

**jonnio** · Jun 29th, 2008, 01:24 PM

You can add an authentication intercepter if that is what you mean. Please elaborate.

**sousa1981** · Aug 4th, 2008, 03:52 PM

Originally Posted by cablepuff

you have to use the bean approach.

Code:

public class CustomObjectDefinitionServiceImpl
implements FilterInvocationDefinitionSource  {
    private AclDao aclDao;
    private ApplicationFeatureDao applicationFeatureDao;
    private UrlMatcher urlMatcher;

    public AclDao getAclDao() {
        return this.aclDao;
    }

    public void setAclDao(AclDao aclDao) {
        this.aclDao = aclDao;
    }

    public ApplicationFeatureDao getApplicationFeatureDao() {
        return this.applicationFeatureDao;
    }
    public void setApplicationFeatureDao(ApplicationFeatureDao applicationFeatureDao) {
        this.applicationFeatureDao = applicationFeatureDao;
    }

    public UrlMatcher getUrlMatcher() {
        return this.urlMatcher;
    }
    public void setUrlMatcher(UrlMatcher urlMatcher) {
        this.urlMatcher = urlMatcher;
    }

    private DefaultFilterInvocationDefinitionSource getCustomFid() {
        LinkedHashMap<RequestKey, ConfigAttributeDefinition> requestMap = new LinkedHashMap<RequestKey, ConfigAttributeDefinition>();
        List<ApplicationFeature> applicationFeatures = this.applicationFeatureDao.getAllApplicationFeature();
        for (ApplicationFeature applicationFeature : applicationFeatures)
        {
            Application application = applicationFeature.getApplication();
            Features feature = applicationFeature.getFeature();
            final String localAntPath = "/" + application.getName() + "/" + feature.getName() + "**";
            List<Group> groups = this.aclDao.getAllGroupThatCanAccessApplicationAndFeature(application, feature);
            List<ConfigAttribute> configList = new LinkedList<ConfigAttribute>();
            for (Group group : groups)
            {
                configList.add(new SecurityConfig(group.getAuthority()));
            }
            ConfigAttributeDefinition cad = new ConfigAttributeDefinition(configList);
            RequestKey requestKey = new RequestKey(localAntPath);
            requestMap.put(requestKey, cad);
        }
        return new DefaultFilterInvocationDefinitionSource(this.urlMatcher, requestMap);
    }



    @Override
    public ConfigAttributeDefinition getAttributes(Object obj)
            throws IllegalArgumentException {
          return this.getCustomFid().getAttributes(obj);
    }

    @Override
    public Collection<?> getConfigAttributeDefinitions() {
        return this.getCustomFid().getConfigAttributeDefinitions();
    }

    @SuppressWarnings("unchecked")
    @Override
    public boolean supports(Class clazz) {
        return FilterInvocation.class.isAssignableFrom(clazz);
    }
}

Can you please explain in more detail what is ApplicationFeature, Feature and Application in context of your application?

What getCustomFid() should do?

Please show me too the spring security xml.

Thanks in advance

**bukebushuo** · Aug 6th, 2008, 02:23 AM

Originally Posted by cablepuff

you have to use the bean approach.

Code:

public class CustomObjectDefinitionServiceImpl
implements FilterInvocationDefinitionSource  {
    private AclDao aclDao;
    private ApplicationFeatureDao applicationFeatureDao;
    private UrlMatcher urlMatcher;

    public AclDao getAclDao() {
        return this.aclDao;
    }

    public void setAclDao(AclDao aclDao) {
        this.aclDao = aclDao;
    }

    public ApplicationFeatureDao getApplicationFeatureDao() {
        return this.applicationFeatureDao;
    }
    public void setApplicationFeatureDao(ApplicationFeatureDao applicationFeatureDao) {
        this.applicationFeatureDao = applicationFeatureDao;
    }

    public UrlMatcher getUrlMatcher() {
        return this.urlMatcher;
    }
    public void setUrlMatcher(UrlMatcher urlMatcher) {
        this.urlMatcher = urlMatcher;
    }

    private DefaultFilterInvocationDefinitionSource getCustomFid() {
        LinkedHashMap<RequestKey, ConfigAttributeDefinition> requestMap = new LinkedHashMap<RequestKey, ConfigAttributeDefinition>();
        List<ApplicationFeature> applicationFeatures = this.applicationFeatureDao.getAllApplicationFeature();
        for (ApplicationFeature applicationFeature : applicationFeatures)
        {
            Application application = applicationFeature.getApplication();
            Features feature = applicationFeature.getFeature();
            final String localAntPath = "/" + application.getName() + "/" + feature.getName() + "**";
            List<Group> groups = this.aclDao.getAllGroupThatCanAccessApplicationAndFeature(application, feature);
            List<ConfigAttribute> configList = new LinkedList<ConfigAttribute>();
            for (Group group : groups)
            {
                configList.add(new SecurityConfig(group.getAuthority()));
            }
            ConfigAttributeDefinition cad = new ConfigAttributeDefinition(configList);
            RequestKey requestKey = new RequestKey(localAntPath);
            requestMap.put(requestKey, cad);
        }
        return new DefaultFilterInvocationDefinitionSource(this.urlMatcher, requestMap);
    }



    @Override
    public ConfigAttributeDefinition getAttributes(Object obj)
            throws IllegalArgumentException {
          return this.getCustomFid().getAttributes(obj);
    }

    @Override
    public Collection<?> getConfigAttributeDefinitions() {
        return this.getCustomFid().getConfigAttributeDefinitions();
    }

    @SuppressWarnings("unchecked")
    @Override
    public boolean supports(Class clazz) {
        return FilterInvocation.class.isAssignableFrom(clazz);
    }
}

Can you show me the XML ?
Thanks !

**cablepuff** · Aug 6th, 2008, 04:52 PM

Code:

<!--  authorization -->
<bean id="filterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor" autowire="autodetect">
      <property name="accessDecisionManager" ref="accessDecisionManager"/>
      <property name="validateConfigAttributes" value="true"/>
      <property name="objectDefinitionSource" ref="security.objectDefinitionService"/>
 </bean>

i created bean for that.

2.) application feature are urls

**bukebushuo** · Aug 6th, 2008, 08:35 PM

Originally Posted by cablepuff

Code:

<!--  authorization -->
<bean id="filterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor" autowire="autodetect">
      <property name="accessDecisionManager" ref="accessDecisionManager"/>
      <property name="validateConfigAttributes" value="true"/>
      <property name="objectDefinitionSource" ref="security.objectDefinitionService"/>
 </bean>

i created bean for that.

2.) application feature are urls

i am very thanks !

**grayfoxdie** · Aug 7th, 2008, 02:22 AM

Originally Posted by cablepuff

i created bean for that.

2.) application feature are urls

could you show me ApplicationFeature's code please ?

and what's aclDao.getAllGroupThatCanAccessApplicationAndFeatu re(application, feature)?

Thanks in advance

**sousa1981** · Aug 7th, 2008, 03:12 AM

Originally Posted by cablepuff

Code:

<!--  authorization -->
<bean id="filterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor" autowire="autodetect">
      <property name="accessDecisionManager" ref="accessDecisionManager"/>
      <property name="validateConfigAttributes" value="true"/>
      <property name="objectDefinitionSource" ref="security.objectDefinitionService"/>
 </bean>

i created bean for that.

2.) application feature are urls

Thanks.

I have made in same way old acegi work, declaring all beans and implement DatabaseObjectDefinition. It is working, but I am not happening with it.

What about if you write an complete article showing only purpose of DatabaseObjectDefinition?

You show as how is your tables (url and roles relashionships), what it is inside? your xml? and your beans?

Hope you answers me,

Thanks,

**sousa1981** · Sep 8th, 2008, 03:16 AM

I am using Spring with Hibernate and ZK Framework (www.zkoss.org)

1. DATABASE
CARGO = ROLE
create table CARGO (
ID numeric(18, 0) identity(1,1),
NOME varchar(100) unique not null,
SITUACAO int default 1 not null,
primary key (ID)
);

create table SUBMENU (
ID numeric(18, 0) identity(1,1),
NOME varchar(255) not null,
URL varchar(255),
SUBMENU_ID varchar(50) unique not null,
MENU numeric(18, 0) not null,
DESCRITIVO varchar(255),
SITUACAO int default 1 not null,
primary key (ID),
foreign key (MENU) references MENU(ID)
);

create table CARGO_SUBMENU (
CARGO numeric(18, 0),
SUBMENU numeric(18, 0),
primary key (CARGO, SUBMENU),
foreign key (CARGO) references CARGO(ID),
foreign key (SUBMENU) references SUBMENU(ID)
);

**sousa1981** · Sep 8th, 2008, 03:18 AM

2. XML

Code:

<?xml version="1.0" encoding="UTF-8"?>

<!--
  - Application context containing authentication, channel security and web URI beans.
-->
                        
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:security="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
						http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.1.xsd">                        
	
	<bean id="springSecurityFilterChain" class="org.springframework.security.util.FilterChainProxy">
   		<property name="filterInvocationDefinitionSource">
            <value><![CDATA[
	       		CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    	  		PATTERN_TYPE_APACHE_ANT
      			/js/**=#NONE# 
				/img/**=#NONE#
				/css/**=#NONE# 
				/zkau/**=#NONE#
      			/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor
            ]]></value>
        </property>
	</bean>

	<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter" />

	<bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
		<constructor-arg value="/login.zul" />
		<constructor-arg>
			<list>
				<ref bean="rememberMeServices" />
				<bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler" />
			</list>
		</constructor-arg>
		<property name="filterProcessesUrl" value="/j_spring_security_logout" />
	</bean>

	<bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
		<property name="defaultTargetUrl" value="/zul/layout.zul" />
		<property name="authenticationFailureUrl" value="/login.zul?login_error=1" />		
		<property name="filterProcessesUrl" value="/j_spring_security_check" />
		<property name="usernameParameter" value="j_username" />
		<property name="passwordParameter" value="j_password" />
		<property name="authenticationManager" ref="authenticationManager" />
		<property name="rememberMeServices" ref="rememberMeServices" />
	</bean>

	<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter" />

	<bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter">
		<property name="authenticationManager" ref="authenticationManager" />
		<property name="rememberMeServices" ref="rememberMeServices" />
	</bean>

	<bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter">
		<property name="key" value="doesNotMatter" />
		<property name="userAttribute" value="roleAnonymous,ROLE_ANONYMOUS" />
	</bean>

	<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
		<property name="authenticationEntryPoint">
			<bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
				<property name="loginFormUrl" value="/login.zul" />
				<property name="forceHttps" value="false" />
			</bean>
		</property>
		<property name="accessDeniedHandler">
			<bean class="org.springframework.security.ui.AccessDeniedHandlerImpl">
				<property name="errorPage" value="/403.zul" />
			</bean>
		</property>
	</bean>  

	<bean id="filterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
		<property name="authenticationManager" ref="authenticationManager" />
		<property name="accessDecisionManager" ref="accessDecisionManager" />
		<property name="objectDefinitionSource" ref="databaseObjectDefinitionSource" />
	</bean>
	
	<bean id="databaseObjectDefinitionSource" class="com.nemada.gescarga.util.DatabaseObjectDefinitionSource" >
		<constructor-arg ref="cargaService" />
		<constructor-arg ref="antUrlPathMatcher" /> 
	</bean>
	
	<bean id="antUrlPathMatcher" class="org.springframework.security.util.AntUrlPathMatcher" />
	
	<bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
		<property name="allowIfAllAbstainDecisions" value="false" />
		<property name="decisionVoters">
			<list>
				<bean class="org.springframework.security.vote.RoleVoter" >
					<property name="rolePrefix" value="" />	
				</bean>
				<bean class="org.springframework.security.vote.AuthenticatedVoter"/>
			</list>
		</property>
	</bean>
	
	<bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices">
		<property name="key" value="MOZAMBIQUE-MLI-92-59" />
		<property name="parameter" value="_spring_security_remember_me" />
		<property name="cookieName" value="SPRING_SECURITY_REMEMBER_ME_COOKIE" />
		<property name="tokenValiditySeconds" value="1209600" /><!-- 14 days -->		
		<property name="userDetailsService" ref="cargaService" />		
	</bean>
	
	<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
		<property name="providers">
			<list>
				<ref bean="daoAuthenticationProvider" />
				<ref bean="anonymousAuthenticationProvider" />
				<ref bean="rememberMeAuthenticationProvider" />				
			</list>
		</property>
	</bean>
	
	<bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
		<property name="userDetailsService" ref="cargaService" />
		<property name="passwordEncoder" ref="passwordEncoder" />
		<!-- <property name="userCache">
			<bean
				class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
				<property name="cache">
					<bean
						class="org.springframework.cache.ehcache.EhCacheFactoryBean">
						<property name="cacheManager">
							<bean
								class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
						</property>
						<property name="cacheName" value="userCache" />
					</bean>
				</property>
			</bean>
		</property>
		 -->
	</bean>
	 
	<bean id="passwordEncoder" class="org.springframework.security.providers.encoding.ShaPasswordEncoder">
    	<!-- strength - EX: 1, 256, 384, 512 -->
    	<constructor-arg value="256"/>
 	</bean>
 	
 	<bean id="anonymousAuthenticationProvider" class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
		<property name="key" value="doesNotMatter" />
	</bean>
	
 	<bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
		<property name="key" value="MOZAMBIQUE-MLI-92-59" />
	</bean>
	
	<!-- Disable a user after a number of failed logins listener -->
	<!--<bean id="applicationListenerImpl" class="com.nemada.gescarga.listener.ApplicationListenerImpl"/>-->

 	<!-- Automatically receives AuthenticationEvent messages --> 
	<bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener"/>
	
</beans>

Thread: SpringSecurity 2.02 ,How to do url resource write in database

Thread Tools

Display

SpringSecurity 2.02 ,How to do url resource write in database

Can you show me the XML ?

My Solution

Posting Permissions