Orbeon Forms community mailing list

Acegi Integration & Seperate Deployment

classic Classic list List threaded Threaded
2 messages Options
jzbarry
Reply | Threaded
Open this post in threaded view
|

Acegi Integration & Seperate Deployment

jzbarry
Hi

Much thanks to the developers and contributors to OPS.

I found Acegi integration with OPS, in a seperate deployment scenario, a little complex.

Below is the configuration I used to get it working - based on cvs snapshot of OPS 27/05/2007.

Setup the example war file available at: http://www.tfo-eservices.eu/wb_tutorials/pages/spring-acegi-tutorial.php

Modify the following files:

/WebContent/WEB-INF/web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
        <display-name> CellarFlow</display-name>

        <servlet>
                <servlet-name>dispatcher</servlet-name>
                <servlet-class>
                        org.springframework.web.servlet.DispatcherServlet
                </servlet-class>
                <load-on-startup>1</load-on-startup>
        </servlet>

        <listener>
                <listener-class>
                        org.springframework.web.context.ContextLoaderListener
                </listener-class>
        </listener>

        <context-param>
                <param-name>contextConfigLocation</param-name>
                <param-value>/WEB-INF/dispatcher-servlet.xml</param-value>
        </context-param>

        <servlet-mapping>
                <servlet-name>dispatcher</servlet-name>
                <url-pattern>*.htm</url-pattern>
        </servlet-mapping>

       
        <filter>
                <filter-name>Acegi Filter Chain Proxy</filter-name>
                <filter-class>
                        org.acegisecurity.util.FilterToBeanProxy
                </filter-class>
                <init-param>
                        <param-name>targetBean</param-name>
                        <param-value>filterChainProxy</param-value>
                </init-param>
        </filter>
       
        <!-- Declare and configure the Orbeon Forms XForms filter -->
        <filter>
                <filter-name>ops-xforms-filter</filter-name>
                <filter-class>org.orbeon.oxf.servlet.OPSXFormsFilter</filter-class>
                <init-param>
                        <param-name>oxf.xforms.renderer.context</param-name>
                        <param-value>/ops</param-value>
                </init-param>
        </filter>

        <filter-mapping>
                <filter-name>Acegi Filter Chain Proxy</filter-name>
                <url-pattern>/*</url-pattern>
        </filter-mapping>
       
        <filter-mapping>
                <filter-name>ops-xforms-filter</filter-name>
                <url-pattern>/*</url-pattern>
        </filter-mapping>
        <!-- This is necessary so that XForms engine resources can be served appropriately -->
        <filter-mapping>
                <filter-name>ops-xforms-filter</filter-name>
                <url-pattern>/ops/*</url-pattern>
        </filter-mapping>

       
       
        <welcome-file-list>
                <welcome-file>index.htm</welcome-file>
        </welcome-file-list>
       

        <taglib>
                <taglib-uri>http://java.sun.com/jstl/fmt</taglib-uri>
                <taglib-location>/WEB-INF/tlds/fmt.tld</taglib-location>
        </taglib>
        <taglib>
                <taglib-uri>http://java.sun.com/jstl/fmt-rt</taglib-uri>
                <taglib-location>/WEB-INF/tlds/fmt-rt.tld</taglib-location>
        </taglib>
        <taglib>
                <taglib-uri>http://java.sun.com/jstl/core</taglib-uri>
                <taglib-location>/WEB-INF/tlds/c.tld</taglib-location>
        </taglib>
        <taglib>
                <taglib-uri>http://java.sun.com/jstl/core-rt</taglib-uri>
                <taglib-location>/WEB-INF/tlds/c-rt.tld</taglib-location>
        </taglib>
        <taglib>
                <taglib-uri>http://java.sun.com/jstl/sql</taglib-uri>
                <taglib-location>/WEB-INF/tlds/sql.tld</taglib-location>
        </taglib>
        <taglib>
                <taglib-uri>http://java.sun.com/jstl/sql-rt</taglib-uri>
                <taglib-location>/WEB-INF/tlds/sql-rt.tld</taglib-location>
        </taglib>
        <taglib>
                <taglib-uri>http://java.sun.com/jstl/x</taglib-uri>
                <taglib-location>/WEB-INF/tlds/x.tld</taglib-location>
        </taglib>
        <taglib>
                <taglib-uri>http://java.sun.com/jstl/x-rt</taglib-uri>
                <taglib-location>/WEB-INF/tlds/x-rt.tld</taglib-location>
        </taglib>
        <taglib>
                <taglib-uri>http://java.sun.com/jstl/fn</taglib-uri>
                <taglib-location>/WEB-INF/tlds/fn.tld</taglib-location>
        </taglib>
        <taglib>
                <taglib-uri>http://www.springframework.org/spring</taglib-uri>
                <taglib-location>/WEB-INF/tlds/spring.tld</taglib-location>
        </taglib>

</web-app>

/WebContent/WEB-INF/dispatcher-servlet.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
        "http://www.springframework.org/dtd/spring-beans.dtd">

<beans>
       
        <!-- Controller definitions -->
        <bean id="indexController" class="springweb.controller.IndexController">
                <property name="greeting">
                        <value>Welcome to the Demo App!!</value>
                </property>
        </bean>
        <bean id="logoutController" class="springweb.controller.LogoutController"/>
        <bean id="initParamSubmitController" class="springweb.controller.InitParamSubmitController"/>
        <bean id="paramSubmitController" class="springweb.controller.ParamSubmitController">
                <property name="sessionForm">
                        <value>false</value>
                </property>
                <property name="commandName">
                        <value>simplePersonForm</value>
                </property>
                <property name="commandClass">
                        <value>springweb.form.SimplePersonForm</value>
                </property>
                <property name="validator">
                        <bean class="springweb.form.validator.SimplePersonFormValidator"/>
                </property>
                <property name="formView">
                        <value>initparamsubmit</value>
                </property>
                <property name="successView">
                        <value>/secure/app/paramsubmit.htm</value>
                </property>
        </bean>
        <bean id="initAdminController"
                class="springweb.controller.InitAdminController"/>
       
        <!-- URL Mapping definition -->
        <bean id="simpleUrlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
                <property name="mappings">
                        <props>
                                <prop key="/index.htm">indexController</prop>
                                <prop key="/logout.htm">logoutController</prop>
                                <prop key="/secure/app/initparamsubmit.htm">initParamSubmitController </prop>
                                <prop key="/secure/app/paramsubmit.htm">paramSubmitController</prop>
                                <prop key="/secure/admin/initadmin.htm">initAdminController</prop>
                        </props>
                </property>
        </bean>
       
        <!-- View Resolver definition -->
        <bean id="xmlViewResolver" class="org.springframework.web.servlet.view.XmlViewResolver">
                <property name="location">
                        <value>/WEB-INF/springweb-views.xml</value>
                </property>
        </bean>
       
        <!-- ****** START ACEGI Security Configuration *******-->
        <!-- ======================== FILTER CHAIN ======================= -->
       
        <!--  if you wish to use channel security, add "channelProcessingFilter," in front
        of "httpSessionContextIntegrationFilter" in the list below -->
        <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
                <property name="filterInvocationDefinitionSource">
                        <value>
                                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                                PATTERN_TYPE_APACHE_ANT
                                /**=httpSessionContextIntegrationFilter, formAuthenticationProcessingFilter, exceptionTranslationFilter, filterSecurityInterceptor </value>
                </property>
        </bean>
       
        <!-- Start Security filter config -->
        <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
                <property name="authenticationEntryPoint">
                        <ref bean="formLoginAuthenticationEntryPoint"/>
                </property>
        </bean>
       
        <!-- Define filter to handle BASIC authentication
        <bean id="basicProcessingFilter"
        class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
        <property name="authenticationManager">
        <ref bean="authenticationManager" />
        </property>
        <property name="authenticationEntryPoint">
        <ref bean="authenticationEntryPoint" />
        </property>
        </bean>-->
       
        <!-- Define realm for BASIC login
        <bean id="authenticationEntryPoint"
        class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
        <property name="realmName">
        <value>Spring Web Realm</value>
        </property>
        </bean>-->
       
        <!-- Define filter to handle FORM authentication -->
        <bean id="formAuthenticationProcessingFilter"
                class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
                <property name="filterProcessesUrl">
                        <value>/j_acegi_security_check</value>
                </property>
                <property name="authenticationFailureUrl">
                        <value>/loginFailed.jsp</value>
                </property>
                <property name="defaultTargetUrl">
                        <value>/</value>
                </property>
                <property name="authenticationManager">
                        <ref bean="authenticationManager"/>
                </property>
        </bean>
       
        <!-- Define realm for FORM login-->
        <bean id="formLoginAuthenticationEntryPoint"
                class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                <property name="loginFormUrl">
                        <value>/login.jsp</value>
                </property>
                <property name="forceHttps">
                        <value>false</value>
                </property>
        </bean>
       
        <bean id="httpSessionContextIntegrationFilter"
                class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
        </bean>
        <!-- End Security filter config -->
       
        <!-- Start Security interceptor config -->
       
        <!-- Define authentication manager, decision manager and secure URL patterns -->
        <bean id="filterSecurityInterceptor"
                class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
                <property name="authenticationManager">
                        <ref bean="authenticationManager"/>
                </property>
                <property name="accessDecisionManager">
                        <ref bean="accessDecisionManager"/>
                </property>
                <property name="objectDefinitionSource">
                        <value>
                                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                                PATTERN_TYPE_APACHE_ANT
                                /secure/admin/*=ROLE_ADMIN
                                /secure/app/*=ROLE_USER </value>
                </property>
        </bean>
        <!-- End Security interceptor config -->
       
        <!-- Start authentication config -->
        <bean id="authenticationManager"
                class="org.acegisecurity.providers.ProviderManager">
                <property name="providers">
                        <list>
                                <ref bean="daoAuthenticationProvider"/>
                        </list>
                </property>
        </bean>
       
        <bean id="daoAuthenticationProvider"
                class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
                <property name="userDetailsService">
                        <ref bean="userDetailsService"/>
                </property>
        </bean>
       
        <!-- Authentication using In-memory Dao -->
        <bean id="userDetailsService"
                class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
                <property name="userMap">
                        <value>
                                admin=pass,ROLE_ADMIN
                                bouerj=ineedsleep,ROLE_USER</value>
                </property>
        </bean>
       
        <!-- Authentication using JDBC Dao -->
        <!-- <bean id="userDetailsService"
        class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
        <property name="dataSource">
        <ref bean="dataSource"/>
        </property>
        </bean>
        -->
        <!-- End authentication config -->
       
        <!-- Start authorization config -->
        <bean id="accessDecisionManager"
                class="org.acegisecurity.vote.UnanimousBased">
                <property name="decisionVoters">
                        <list>
                                <ref bean="roleVoter"/>
                        </list>
                </property>
        </bean>
       
        <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter">
                <property name="rolePrefix">
                        <value>ROLE_</value>
                </property>
        </bean>
        <!-- End authorization config -->
       
        <!-- ****** END ACEGI Security Configuration *******-->
       
        <!-- DataSource definition
        <bean id="dataSource"
        class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <property name="driverClassName">
        <value>com.mysql.jdbc.Driver</value>
        </property>
        <property name="url">
        <value>jdbc:mysql://localhost:3306/springweb_auth_db</value>
        </property>
        <property name="username">
        <value>j2ee</value>
        </property>
        <property name="password">
        <value>password</value>
        </property>
        </bean>-->
</beans>

/WebContent/login.jsp

<xhtml:html xmlns:xhtml="http://www.w3.org/1999/xhtml"
          xmlns:xforms="http://www.w3.org/2002/xforms"
          xmlns:ev="http://www.w3.org/2001/xml-events">
       
    <xhtml:head>
        <xhtml:title>XForms Hello</xhtml:title>
        <xforms:model>
                        <xforms:instance id="userLogin">
                                <instanceData>
                                        <j_username/>
                                        <j_password/>
                                </instanceData>
                        </xforms:instance>
                        <xforms:bind nodeset="instance('userLogin')/j_password" required="true()" constraint="string-length(.) > 3"/>

            <xforms:submission id="login" ref="instance('userLogin')"
                    action="j_acegi_security_check"
                    method="get"
                    separator="&amp;">
                <xforms:message ev:event="xforms-submit-error" level="modal">An error occurred while saving!</xforms:message>
            </xforms:submission>
               
        </xforms:model>
               
    </xhtml:head>
        <xhtml:body>
                <xhtml:p> Login </xhtml:p>
                <xhtml:p>
                        <xforms:input ref="instance('userLogin')/j_username" class="input">
                                <xforms:label>User name:</xforms:label>
                        </xforms:input> </xhtml:p>
                <xhtml:p>
                        <xforms:secret ref="instance('userLogin')/j_password" class="password">
                                <xforms:label class="fixed-width">Password:</xforms:label>
                                <xforms:alert>Enter at least 6 characters</xforms:alert>
                        </xforms:secret>
                </xhtml:p>
                <xhtml:p>
                        <xforms:submit submission="login" >
                                <xforms:label>Save</xforms:label>
                        </xforms:submit>
                       
                </xhtml:p>
                <xhtml:p>
                        <xforms:output value="if (normalize-space(instance('userLogin')/j_username) = '') then '' else concat(instance('userLogin')/j_username, instance('userLogin')/j_password)"/>
                </xhtml:p>
        </xhtml:body>
</xhtml:html>


/WebContent/loginFailed.jsp

<html xmlns="http://www.w3.org/1999/xhtml">
        <head>
                <title>Springweb - login</title>
        </head>
        <body>
                <h2>Login Failed!!</h2>
                <p>
                        <br/> <a href="login.jsp">Try again</a> </p>
        </body>
</html>

Cheers

jzbarry



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Erik Bruchez
Reply | Threaded
Open this post in threaded view
|

Re: Acegi Integration & Seperate Deployment

Erik Bruchez
Administrator
jzbarry,

Thanks for the details, I hope they are useful to somebody!

-Erik

[hidden email] wrote:

> Hi
>
> Much thanks to the developers and contributors to OPS.
>
> I found Acegi integration with OPS, in a seperate deployment scenario, a little complex.
>
> Below is the configuration I used to get it working - based on cvs snapshot of OPS 27/05/2007.
>
> Setup the example war file available at: http://www.tfo-eservices.eu/wb_tutorials/pages/spring-acegi-tutorial.php
>
> Modify the following files:
>
> /WebContent/WEB-INF/web.xml
>
> <?xml version="1.0" encoding="UTF-8"?>
> <web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
> <display-name> CellarFlow</display-name>
>
> <servlet>
> <servlet-name>dispatcher</servlet-name>
> <servlet-class>
> org.springframework.web.servlet.DispatcherServlet
> </servlet-class>
> <load-on-startup>1</load-on-startup>
> </servlet>
>
> <listener>
> <listener-class>
> org.springframework.web.context.ContextLoaderListener
> </listener-class>
> </listener>
>
> <context-param>
> <param-name>contextConfigLocation</param-name>
> <param-value>/WEB-INF/dispatcher-servlet.xml</param-value>
> </context-param>
>
> <servlet-mapping>
> <servlet-name>dispatcher</servlet-name>
> <url-pattern>*.htm</url-pattern>
> </servlet-mapping>
>
>
> <filter>
> <filter-name>Acegi Filter Chain Proxy</filter-name>
> <filter-class>
> org.acegisecurity.util.FilterToBeanProxy
> </filter-class>
> <init-param>
> <param-name>targetBean</param-name>
> <param-value>filterChainProxy</param-value>
> </init-param>
> </filter>
>
> <!-- Declare and configure the Orbeon Forms XForms filter -->
> <filter>
> <filter-name>ops-xforms-filter</filter-name>
> <filter-class>org.orbeon.oxf.servlet.OPSXFormsFilter</filter-class>
> <init-param>
> <param-name>oxf.xforms.renderer.context</param-name>
> <param-value>/ops</param-value>
> </init-param>
> </filter>
>
> <filter-mapping>
> <filter-name>Acegi Filter Chain Proxy</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
> <filter-mapping>
> <filter-name>ops-xforms-filter</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
> <!-- This is necessary so that XForms engine resources can be served appropriately -->
> <filter-mapping>
> <filter-name>ops-xforms-filter</filter-name>
> <url-pattern>/ops/*</url-pattern>
> </filter-mapping>
>
>
>
> <welcome-file-list>
> <welcome-file>index.htm</welcome-file>
> </welcome-file-list>
>
>
> <taglib>
> <taglib-uri>http://java.sun.com/jstl/fmt</taglib-uri>
> <taglib-location>/WEB-INF/tlds/fmt.tld</taglib-location>
> </taglib>
> <taglib>
> <taglib-uri>http://java.sun.com/jstl/fmt-rt</taglib-uri>
> <taglib-location>/WEB-INF/tlds/fmt-rt.tld</taglib-location>
> </taglib>
> <taglib>
> <taglib-uri>http://java.sun.com/jstl/core</taglib-uri>
> <taglib-location>/WEB-INF/tlds/c.tld</taglib-location>
> </taglib>
> <taglib>
> <taglib-uri>http://java.sun.com/jstl/core-rt</taglib-uri>
> <taglib-location>/WEB-INF/tlds/c-rt.tld</taglib-location>
> </taglib>
> <taglib>
> <taglib-uri>http://java.sun.com/jstl/sql</taglib-uri>
> <taglib-location>/WEB-INF/tlds/sql.tld</taglib-location>
> </taglib>
> <taglib>
> <taglib-uri>http://java.sun.com/jstl/sql-rt</taglib-uri>
> <taglib-location>/WEB-INF/tlds/sql-rt.tld</taglib-location>
> </taglib>
> <taglib>
> <taglib-uri>http://java.sun.com/jstl/x</taglib-uri>
> <taglib-location>/WEB-INF/tlds/x.tld</taglib-location>
> </taglib>
> <taglib>
> <taglib-uri>http://java.sun.com/jstl/x-rt</taglib-uri>
> <taglib-location>/WEB-INF/tlds/x-rt.tld</taglib-location>
> </taglib>
> <taglib>
> <taglib-uri>http://java.sun.com/jstl/fn</taglib-uri>
> <taglib-location>/WEB-INF/tlds/fn.tld</taglib-location>
> </taglib>
> <taglib>
> <taglib-uri>http://www.springframework.org/spring</taglib-uri>
> <taglib-location>/WEB-INF/tlds/spring.tld</taglib-location>
> </taglib>
>
> </web-app>
>
> /WebContent/WEB-INF/dispatcher-servlet.xml
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
> "http://www.springframework.org/dtd/spring-beans.dtd">
>
> <beans>
>
> <!-- Controller definitions -->
> <bean id="indexController" class="springweb.controller.IndexController">
> <property name="greeting">
> <value>Welcome to the Demo App!!</value>
> </property>
> </bean>
> <bean id="logoutController" class="springweb.controller.LogoutController"/>
> <bean id="initParamSubmitController" class="springweb.controller.InitParamSubmitController"/>
> <bean id="paramSubmitController" class="springweb.controller.ParamSubmitController">
> <property name="sessionForm">
> <value>false</value>
> </property>
> <property name="commandName">
> <value>simplePersonForm</value>
> </property>
> <property name="commandClass">
> <value>springweb.form.SimplePersonForm</value>
> </property>
> <property name="validator">
> <bean class="springweb.form.validator.SimplePersonFormValidator"/>
> </property>
> <property name="formView">
> <value>initparamsubmit</value>
> </property>
> <property name="successView">
> <value>/secure/app/paramsubmit.htm</value>
> </property>
> </bean>
> <bean id="initAdminController"
> class="springweb.controller.InitAdminController"/>
>
> <!-- URL Mapping definition -->
> <bean id="simpleUrlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
> <property name="mappings">
> <props>
> <prop key="/index.htm">indexController</prop>
> <prop key="/logout.htm">logoutController</prop>
> <prop key="/secure/app/initparamsubmit.htm">initParamSubmitController </prop>
> <prop key="/secure/app/paramsubmit.htm">paramSubmitController</prop>
> <prop key="/secure/admin/initadmin.htm">initAdminController</prop>
> </props>
> </property>
> </bean>
>
> <!-- View Resolver definition -->
> <bean id="xmlViewResolver" class="org.springframework.web.servlet.view.XmlViewResolver">
> <property name="location">
> <value>/WEB-INF/springweb-views.xml</value>
> </property>
> </bean>
>
> <!-- ****** START ACEGI Security Configuration *******-->
> <!-- ======================== FILTER CHAIN ======================= -->
>
> <!--  if you wish to use channel security, add "channelProcessingFilter," in front
> of "httpSessionContextIntegrationFilter" in the list below -->
> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
> <property name="filterInvocationDefinitionSource">
> <value>
> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
> PATTERN_TYPE_APACHE_ANT
> /**=httpSessionContextIntegrationFilter, formAuthenticationProcessingFilter, exceptionTranslationFilter, filterSecurityInterceptor </value>
> </property>
> </bean>
>
> <!-- Start Security filter config -->
> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
> <property name="authenticationEntryPoint">
> <ref bean="formLoginAuthenticationEntryPoint"/>
> </property>
> </bean>
>
> <!-- Define filter to handle BASIC authentication
> <bean id="basicProcessingFilter"
> class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
> <property name="authenticationManager">
> <ref bean="authenticationManager" />
> </property>
> <property name="authenticationEntryPoint">
> <ref bean="authenticationEntryPoint" />
> </property>
> </bean>-->
>
> <!-- Define realm for BASIC login
> <bean id="authenticationEntryPoint"
> class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
> <property name="realmName">
> <value>Spring Web Realm</value>
> </property>
> </bean>-->
>
> <!-- Define filter to handle FORM authentication -->
> <bean id="formAuthenticationProcessingFilter"
> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
> <property name="filterProcessesUrl">
> <value>/j_acegi_security_check</value>
> </property>
> <property name="authenticationFailureUrl">
> <value>/loginFailed.jsp</value>
> </property>
> <property name="defaultTargetUrl">
> <value>/</value>
> </property>
> <property name="authenticationManager">
> <ref bean="authenticationManager"/>
> </property>
> </bean>
>
> <!-- Define realm for FORM login-->
> <bean id="formLoginAuthenticationEntryPoint"
> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
> <property name="loginFormUrl">
> <value>/login.jsp</value>
> </property>
> <property name="forceHttps">
> <value>false</value>
> </property>
> </bean>
>
> <bean id="httpSessionContextIntegrationFilter"
> class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
> </bean>
> <!-- End Security filter config -->
>
> <!-- Start Security interceptor config -->
>
> <!-- Define authentication manager, decision manager and secure URL patterns -->
> <bean id="filterSecurityInterceptor"
> class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
> <property name="authenticationManager">
> <ref bean="authenticationManager"/>
> </property>
> <property name="accessDecisionManager">
> <ref bean="accessDecisionManager"/>
> </property>
> <property name="objectDefinitionSource">
> <value>
> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
> PATTERN_TYPE_APACHE_ANT
> /secure/admin/*=ROLE_ADMIN
> /secure/app/*=ROLE_USER </value>
> </property>
> </bean>
> <!-- End Security interceptor config -->
>
> <!-- Start authentication config -->
> <bean id="authenticationManager"
> class="org.acegisecurity.providers.ProviderManager">
> <property name="providers">
> <list>
> <ref bean="daoAuthenticationProvider"/>
> </list>
> </property>
> </bean>
>
> <bean id="daoAuthenticationProvider"
> class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
> <property name="userDetailsService">
> <ref bean="userDetailsService"/>
> </property>
> </bean>
>
> <!-- Authentication using In-memory Dao -->
> <bean id="userDetailsService"
> class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
> <property name="userMap">
> <value>
> admin=pass,ROLE_ADMIN
> bouerj=ineedsleep,ROLE_USER</value>
> </property>
> </bean>
>
> <!-- Authentication using JDBC Dao -->
> <!-- <bean id="userDetailsService"
> class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
> <property name="dataSource">
> <ref bean="dataSource"/>
> </property>
> </bean>
> -->
> <!-- End authentication config -->
>
> <!-- Start authorization config -->
> <bean id="accessDecisionManager"
> class="org.acegisecurity.vote.UnanimousBased">
> <property name="decisionVoters">
> <list>
> <ref bean="roleVoter"/>
> </list>
> </property>
> </bean>
>
> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter">
> <property name="rolePrefix">
> <value>ROLE_</value>
> </property>
> </bean>
> <!-- End authorization config -->
>
> <!-- ****** END ACEGI Security Configuration *******-->
>
> <!-- DataSource definition
> <bean id="dataSource"
> class="org.springframework.jdbc.datasource.DriverManagerDataSource">
> <property name="driverClassName">
> <value>com.mysql.jdbc.Driver</value>
> </property>
> <property name="url">
> <value>jdbc:mysql://localhost:3306/springweb_auth_db</value>
> </property>
> <property name="username">
> <value>j2ee</value>
> </property>
> <property name="password">
> <value>password</value>
> </property>
> </bean>-->
> </beans>
>
> /WebContent/login.jsp
>
> <xhtml:html xmlns:xhtml="http://www.w3.org/1999/xhtml"
>  xmlns:xforms="http://www.w3.org/2002/xforms"
>  xmlns:ev="http://www.w3.org/2001/xml-events">
>
>     <xhtml:head>
>         <xhtml:title>XForms Hello</xhtml:title>
>         <xforms:model>
> <xforms:instance id="userLogin">
> <instanceData>
> <j_username/>
> <j_password/>
> </instanceData>
> </xforms:instance>
> <xforms:bind nodeset="instance('userLogin')/j_password" required="true()" constraint="string-length(.) > 3"/>
>
>             <xforms:submission id="login" ref="instance('userLogin')"
>                     action="j_acegi_security_check"
>                     method="get"
>                     separator="&amp;">
>                 <xforms:message ev:event="xforms-submit-error" level="modal">An error occurred while saving!</xforms:message>
>             </xforms:submission>
>
>         </xforms:model>
>
>     </xhtml:head>
> <xhtml:body>
> <xhtml:p> Login </xhtml:p>
> <xhtml:p>
> <xforms:input ref="instance('userLogin')/j_username" class="input">
> <xforms:label>User name:</xforms:label>
> </xforms:input> </xhtml:p>
> <xhtml:p>
> <xforms:secret ref="instance('userLogin')/j_password" class="password">
> <xforms:label class="fixed-width">Password:</xforms:label>
> <xforms:alert>Enter at least 6 characters</xforms:alert>
> </xforms:secret>
> </xhtml:p>
> <xhtml:p>
> <xforms:submit submission="login" >
> <xforms:label>Save</xforms:label>
> </xforms:submit>
>
> </xhtml:p>
> <xhtml:p>
> <xforms:output value="if (normalize-space(instance('userLogin')/j_username) = '') then '' else concat(instance('userLogin')/j_username, instance('userLogin')/j_password)"/>
> </xhtml:p>
> </xhtml:body>
> </xhtml:html>
>
>
> /WebContent/loginFailed.jsp
>
> <html xmlns="http://www.w3.org/1999/xhtml">
> <head>
> <title>Springweb - login</title>
> </head>
> <body>
> <h2>Login Failed!!</h2>
> <p>
> <br/> <a href="login.jsp">Try again</a> </p>
> </body>
> </html>
>
> Cheers
>
> jzbarry
>
>

--
Orbeon Forms - Web Forms for the Enterprise Done the Right Way
http://www.orbeon.com/



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Free forum by Nabble Edit this page