- 浏览: 289687 次
- 性别:
- 来自: 上海
文章分类
- 全部博客 (158)
- 默认类别 (22)
- tomcat study (5)
- spring study (2)
- hibernate study (2)
- jms study (8)
- acegi study (7)
- linux study (3)
- database study (19)
- appserver study (3)
- cvs study (10)
- mysql study (2)
- ajax study (5)
- uttest study (5)
- uml study (2)
- subversion study (3)
- xml study (6)
- japanese study (7)
- english study (2)
- loadrunner study (2)
- annotation study (0)
- security study (10)
- perl study (0)
- it lecture (14)
- view study (5)
- unicode study (1)
- net study (6)
- rule study (5)
- sdo study (1)
- jbpm study (1)
最新评论
-
xieruilin:
问题解决 。。。3Q
经常在安装ORACLE数据库时,出现一个ORA-12638 凭证检索失败 -
xiebiao110:
嗯不错,我也在看tomcat6,tomcat4,分模块来分析, ...
3、tomcat中的设计模式。 -
alloyer:
非常牛叉,再有个实例就完美了!
学习acegi-security -
bulain:
少了ehcache的jar包。
acegi的MethodSecurityInterceptor -
yuen:
你好,我才开始看acegi,把你的这个例子运行了一下,出错了, ...
acegi的MethodSecurityInterceptor
2006-06-06
acegi的MethodSecurityInterceptor实现
AfterInvocationProviderImp
ApplicationEventPublisherImp
BankManager
BankManagerImp
BankManagerImpTest
applicationContext.xml
users.properties
acegi的MethodSecurityInterceptor实现
AfterInvocationProviderImp
package com.bulain.test; import org.acegisecurity.AccessDeniedException; import org.acegisecurity.Authentication; import org.acegisecurity.ConfigAttribute; import org.acegisecurity.ConfigAttributeDefinition; import org.acegisecurity.afterinvocation.AfterInvocationProvider; import org.aopalliance.intercept.MethodInvocation; import org.apache.log4j.Logger; public class AfterInvocationProviderImp implements AfterInvocationProvider { private static Logger logger = Logger.getLogger(AfterInvocationProviderImp.class); public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject) throws AccessDeniedException { return returnedObject; } public boolean supports(ConfigAttribute attribute) { logger.info("ConfigAttribute: " + attribute); if (attribute.getAttribute().equals("BANKSECURITY_CUSTOMER")) { return true; } return false; } public boolean supports(Class clazz) { logger.info("Class: " + clazz); if (clazz == MethodInvocation.class) { return true; } return false; } }
ApplicationEventPublisherImp
package com.bulain.test; import org.apache.log4j.Logger; import org.springframework.context.ApplicationEvent; import org.springframework.context.ApplicationEventPublisher; public class ApplicationEventPublisherImp implements ApplicationEventPublisher { private static Logger logger = Logger.getLogger(ApplicationEventPublisherImp.class); public void publishEvent(ApplicationEvent event) { logger.info("publishEvent: " + event); } }
BankManager
package com.bulain.test; public interface BankManager { /** * Delete something */ public void deleteSomething(int id); /** * Delete another */ public void deleteAnother(int id); /** * Get balance */ public float getBalance(int id); }
BankManagerImp
package com.bulain.test; import org.apache.log4j.Logger; public class BankManagerImp implements BankManager { private static Logger logger = Logger.getLogger(BankManagerImp.class); public void deleteSomething(int id) { logger.info("deleteSomething()"); } public void deleteAnother(int id) { logger.info("deleteAnother()"); } public float getBalance(int id) { logger.info("getBalance()"); return 0; } }
BankManagerImpTest
package com.bulain.test; import junit.framework.TestCase; import org.acegisecurity.Authentication; import org.acegisecurity.context.SecurityContextHolder; import org.acegisecurity.context.SecurityContextImpl; import org.acegisecurity.providers.AuthenticationProvider; import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; import org.springframework.beans.factory.BeanFactory; import org.springframework.beans.factory.xml.XmlBeanFactory; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; public class BankManagerImpTest extends TestCase { static Resource resource = new ClassPathResource("applicationContext.xml"); static BeanFactory factory = new XmlBeanFactory(resource); private static void createSecureContext(final BeanFactory bf, final String username, final String password) { AuthenticationProvider provider = (AuthenticationProvider) bf.getBean("daoAuthenticationProvider"); Authentication auth = provider.authenticate(new UsernamePasswordAuthenticationToken(username, password)); SecurityContextHolder.getContext().setAuthentication(auth); } // Clear the security context after each test. public void teardown() { SecurityContextHolder.setContext(new SecurityContextImpl()); } public static void main(String[] args) { junit.textui.TestRunner.run(BankManagerImpTest.class); } /* * Test method for 'com.bulain.test.BankManagerImp.deleteSomething(int)' */ public void testDeleteSomething() { BankManager bankManager = (BankManager) factory.getBean("bankManager"); createSecureContext(factory, "marissa", "koala"); bankManager.deleteSomething(10); } /* * Test method for 'com.bulain.test.BankManagerImp.deleteAnother(int)' */ public void testDeleteAnother() { BankManager bankManager = (BankManager) factory.getBean("bankManager"); createSecureContext(factory, "marissa", "koala"); bankManager.deleteAnother(10); } /* * Test method for 'com.bulain.test.BankManagerImp.getBalance(int)' */ public void testGetBalance() { BankManager bankManager = (BankManager) factory.getBean("bankManager"); createSecureContext(factory, "manager", "manager"); bankManager.getBalance(10); } }
applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans> <bean id="bankManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> <property name="validateConfigAttributes"> <value>true</value> </property> <property name="applicationEventPublisher"> <bean class="com.bulain.test.ApplicationEventPublisherImp"/> </property> <property name="authenticationManager"> <ref bean="authenticationManager"/> </property> <property name="accessDecisionManager"> <ref bean="accessDecisionManager"/> </property> <property name="runAsManager"> <ref bean="runAsManager"/> </property> <property name="afterInvocationManager"> <ref bean="afterInvocationManager"/> </property> <property name="objectDefinitionSource"> <value>com.bulain.test.BankManager.delete*=ROLE_SUPERVISOR,RUN_AS_SERVER com.bulain.test.BankManager.getBalance=ROLE_TELLER,ROLE_SUPERVISOR,BANKSECURITY_CUSTOMER,RUN_AS_SERVER</value> </property> </bean> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref local="daoAuthenticationProvider"/> <bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> <property name="key" value="changeThis"/> </bean> <bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> <property name="key" value="changeThis"/> </bean> </list> </property> </bean> <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions" value="false"/> <property name="decisionVoters"> <list> <bean class="org.acegisecurity.vote.RoleVoter"/> <bean class="org.acegisecurity.vote.AuthenticatedVoter"/> </list> </property> </bean> <bean id="runAsManager" class="org.acegisecurity.runas.RunAsManagerImpl"> <property name="key" value="KEY"/> </bean> <bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager"> <property name="providers"> <list> <bean class="com.bulain.test.AfterInvocationProviderImp"/> </list> </property> </bean> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService"/> <property name="userCache"> <bean class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"> <property name="cache"> <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <property name="cacheManager"> <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> </property> <property name="cacheName" value="userCache"/> </bean> </property> </bean> </property> </bean> <bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> <property name="userProperties"> <bean class="org.springframework.beans.factory.config.PropertiesFactoryBean"> <property name="location" value="users.properties"/> </bean> </property> </bean> <bean id="bankManagerImp" class="com.bulain.test.BankManagerImp"/> <bean id="bankManager" class="org.springframework.aop.framework.ProxyFactoryBean"> <property name="interceptorNames"> <list> <value>bankManagerSecurity</value> </list> </property> <property name="target"><ref local="bankManagerImp"/></property> </bean> </beans>
users.properties
marissa=koala,ROLE_SUPERVISOR dianne=emu,ROLE_USER scott=wombat,ROLE_USER peter=opal,disabled,ROLE_USER
评论
2 楼
bulain
2007-04-12
少了ehcache的jar包。
1 楼
yuen
2007-04-04
你好,我才开始看acegi,把你的这个例子运行了一下,出错了,可不可以帮我看一下,这是为什么?谢谢!
Exception in thread "main" org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'bankManager': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'bankManagerSecurity' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot resolve reference to bean 'authenticationManager' while setting bean property 'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationManager' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot resolve reference to bean 'daoAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoAuthenticationProvider' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot create inner bean 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' of type [org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache] while setting bean property 'userCache'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' defined in class path resource [com/bulain/test/applicationContext.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'bankManagerSecurity' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot resolve reference to bean 'authenticationManager' while setting bean property 'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationManager' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot resolve reference to bean 'daoAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoAuthenticationProvider' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot create inner bean 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' of type [org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache] while setting bean property 'userCache'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' defined in class path resource [com/bulain/test/applicationContext.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationManager' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot resolve reference to bean 'daoAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoAuthenticationProvider' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot create inner bean 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' of type [org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache] while setting bean property 'userCache'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' defined in class path resource [com/bulain/test/applicationContext.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoAuthenticationProvider' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot create inner bean 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' of type [org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache] while setting bean property 'userCache'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' defined in class path resource [com/bulain/test/applicationContext.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' defined in class path resource [com/bulain/test/applicationContext.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException Caused by: java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException
发表评论
-
学习acegi-security
2006-06-12 09:37 140852006-06-10 学习acegi-security 这几 ... -
acegi的MethodSecurityInterceptor实例
2006-06-06 17:46 20972006-06-06 acegi的MethodSecurit ... -
acegi 参考的部分翻译
2006-06-01 17:29 11452006-06-01 acegi 参考的部分翻译 htt ... -
Feiing以前写的一篇介绍 Acegi 的文档
2006-01-12 21:47 1438http://forum.iteye.com/viewtopi ... -
实战Acegi:使用Acegi作为基于Spring框架的WEB应用的安全框架
2006-01-12 21:46 1363http://www.blogjava.net/youlq/a ... -
ajax的经典集萃
2005-11-07 21:24 1223ajax的经典集萃 一个ajax的经典测试用例(时时都在为新 ...
相关推荐
Acegi 是一个在Java开发领域,特别是Spring框架中曾经广泛使用的安全组件,全称为Acegi Security。这个系统为Spring应用程序提供了全面的安全管理解决方案,包括身份验证、授权、会话管理以及安全事件处理等功能。...
【Acegi框架介绍 acegi安全与认证】 Acegi Security,现称为Spring Security,是一个强大的安全框架,主要用于基于Spring的企业级应用。它通过Spring的依赖注入(IoC)和面向切面编程(AOP)功能,提供了声明式的...
Acegi是Spring Security的前身,它是一个用于Java企业级应用的安全框架,提供了全面的身份验证、授权和会话管理功能。这个压缩包包含了Acegi的示例代码和一个学习资源,对于初学者来说是非常宝贵的资料。 首先,让...
Acegi是一个专门为SpringFramework应用提供安全机制的开放源代码项目,全称为Acegi Security System for Spring,当前版本为 0.8.3。它使用了Spring的方式提供了安全和认证安全服务,包括使用Bean Context,拦截器和...
AceGI,全称为Acegi Security,是Java领域中一个用于Spring框架的安全组件,它提供了全面的身份验证、授权和会话管理功能。这个框架在早期的Spring版本中非常流行,为开发者构建安全的Web应用程序提供了强大的支持。...
Spring Acegi是一个安全框架,它为Spring应用提供了一套强大的身份验证和授权机制。这个框架在Spring Security(之前称为Spring Security)之前被广泛使用。在本文中,我们将深入探讨Spring Acegi的核心概念、功能和...
Acegi 是一个强大的 Java 安全框架,专用于系统安全编程,尤其在处理认证和授权方面表现出色。在本文中,我们将深入探讨 Acegi 的基本概念、如何设置以及它如何与 Spring 框架集成。 首先,让我们了解 Acegi 的核心...
Acegi Security是一个专门为Spring框架设计的权限控制框架,旨在为基于J2EE的企业级应用程序提供全面的安全服务。这个框架解决了J2EE规范中安全性配置不便于移植的问题,使得应用程序的安全设置能够在不同服务器环境...
包含acegi-security-1.0.7.jar,acegi-security-1.0.7-sources.jar,acegi-security-cas-1.0.7.jar,acegi-security-cas-1.0.7-sources.jar,acegi-security-catalina-1.0.7.jar,acegi-security-catalina-1.0.7-...
Acegi安全系统,是一个用于Spring Framework的安全框架,能够和目前流行的Web容器无缝集成。它使用了Spring的方式提供了安全和认证安全服务,包括使用Bean Context,拦截器和面向接口的编程方式。因此,Acegi安全...
Acegi-Spring安全框架是一个专为基于Spring的企业应用设计的安全框架,现在被称为Spring Security。它提供了声明式的安全访问控制,允许开发者在Spring容器中配置安全相关的Bean,利用Spring的依赖注入(IoC)和面向...
AceGI安全策略与CAS(Central Authentication Service)整合是企业级应用中常见的安全解决方案,它能够为Web应用程序提供统一的身份验证和授权服务。本文档旨在详细阐述这一整合过程,包括配置步骤、所需资源以及...
acegi-security 1.0.2.jar
### Acegi安全框架详解 #### 引言 Acegi安全框架是专为Spring框架设计的安全解决方案,它通过深度集成Spring的特性,提供了一套全面、灵活的安全管理方案。不同于传统的安全框架,Acegi采用了面向切面编程(AOP)...
Spring Acegi是一个安全框架,它为Spring应用提供了全面的安全管理功能。这个"spring acegi 使用工程demo"显然是一个示例项目,旨在帮助开发者理解和实践如何在Spring应用中集成和使用Acegi安全框架。 首先,Acegi...
Spring Acegi权限控制是Spring框架中用于实现Web应用安全的一种解决方案。Acegi Security(现已被Spring Security替代)是一个功能强大的安全框架,它主要解决了认证(Authentication)和授权(Authorization)这两...
Spring Acegi是一个安全框架,它为Spring应用提供了全面的安全管理解决方案。这个例子是为初学者设计的,旨在帮助他们快速理解和应用Acegi框架。Acegi(现在已被Spring Security替代)在Spring应用程序中提供了身份...
而Acegi Security是Spring社区早期的一个安全模块,它提供了全面的身份验证、授权和会话管理功能,为基于Spring的应用程序提供了强大的安全性支持。本实战教程将深入探讨如何将Acegi Security集成到Spring框架中,...
Acegi Security是一个已退役的安全框架,它为Java平台上的Spring框架提供了全面的身份验证和授权服务。这个"acegi-security-tiger-1.0.0-RC2.jar.zip"压缩包包含的是Acegi Security的一个早期版本——1.0.0 Release ...