Raible's Wiki

Raible Designs
Wiki Home
News
Recent Changes

AppFuse

Homepage
  - Korean
  - Chinese
  - Italian
  - Japanese

QuickStart Guide
  - Chinese
  - French
  - German
  - Italian
  - Korean
  - Portuguese
  - Spanish
  - Japanese

User Guide
  - Korean
  - Chinese

Tutorials
  - Chinese
  - German
  - Italian
  - Korean
  - Portuguese
  - Spanish

FAQ
  - Korean

Latest Downloads

Other Applications

Struts Resume
Security Example
Struts Menu

Set your name in
UserPreferences

Referenced by
...nobody




JSPWiki v2.2.33

[RSS]


Hide Menu

AppFuseSecurity
Search Wiki:
Your trail:

Difference between version 14 and version 13:

At line 34 added 1 line.
Add Acegi Security's filters to the top of metadata/web/filter.xml:
At line 36 added 54 lines.
{{{
<filter>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter</param-value>
</init-param>
</filter>
<filter>
<filter-name>acegiSessionFilter</filter-name>
<filter-class>net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter</filter-class>
</filter>
<filter>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</param-value>
</init-param>
</filter>
<filter>
<filter-name>acegiRemoteUserFilter</filter-name>
<filter-class>net.sf.acegisecurity.ui.wrapper.ContextHolderAwareRequestFilter</filter-class>
</filter>
}}}
Add filter-mappings for each of these filters. Put the following XML at the top of the metadata/web/filter-mappings.xml file:
{{{
<filter-mapping>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<url-pattern>/j_security_check</url-pattern>
<!--dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher-->
</filter-mapping>
<filter-mapping>
<filter-name>acegiSessionFilter</filter-name>
<url-pattern>/*</url-pattern>
<!--dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher-->
</filter-mapping>
<filter-mapping>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<url-pattern>*.html</url-pattern>
<!--dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher-->
</filter-mapping>
<filter-mapping>
<filter-name>acegiRemoteUserFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
}}}
At line 91 added 1 line.
Delete the file metadata/web/web-security.xml. This is no longer needed since the security settings are now controlled by the applicationContext-security.xml file.
At line 94 added 1 line.
__TODO:__ This is done in CVS, now I just need to document it. In CVS, it's only done for Struts - I still need to do it for iBATIS and the other web frameworks.
At line 101 added 1 line.
In web/WEB-INF/classes/log4j.properties, add a setting to control the logging for Acegi Security.
At line 103 added 4 lines.
{{{
log4j.logger.net.sf.acegisecurity=WARN
}}}
At line 108 added 1 line.
In LoginServet.java, remove the initial ''if statement'' at the beginning of the execute method. This involves deleting the following lines of code.
At line 110 added 17 lines.
[{Java2HtmlPlugin
// if user is already authenticated, it means they probably bookmarked
// or typed in the URL to login.jsp directly, route them to the main
// menu is this is the case
if (request.getRemoteUser() != null) {
if (log.isDebugEnabled()) {
log.debug("User '" + request.getRemoteUser() +
"' already logged in, routing to mainMenu");
}
response.sendRedirect(request.getContextPath() + "/mainMenu.html");
return;
}
}]

Back to AppFuseSecurity, or to the Page History.