`

acegi的MethodSecurityInterceptor

阅读更多
2006-06-06

acegi的MethodSecurityInterceptor实现


AfterInvocationProviderImp

package com.bulain.test;

import org.acegisecurity.AccessDeniedException;
import org.acegisecurity.Authentication;
import org.acegisecurity.ConfigAttribute;
import org.acegisecurity.ConfigAttributeDefinition;
import org.acegisecurity.afterinvocation.AfterInvocationProvider;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.log4j.Logger;

public class AfterInvocationProviderImp implements AfterInvocationProvider {
	private static Logger logger = Logger.getLogger(AfterInvocationProviderImp.class);

	public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject)
			throws AccessDeniedException {
		return returnedObject;
	}

	public boolean supports(ConfigAttribute attribute) {
		logger.info("ConfigAttribute: " + attribute);
		if (attribute.getAttribute().equals("BANKSECURITY_CUSTOMER")) {
			return true;
		}
		return false;
	}

	public boolean supports(Class clazz) {
		logger.info("Class: " + clazz);
		if (clazz == MethodInvocation.class) {
			return true;
		}
		return false;
	}

}




ApplicationEventPublisherImp

package com.bulain.test;

import org.apache.log4j.Logger;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationEventPublisher;

public class ApplicationEventPublisherImp implements ApplicationEventPublisher {
	private static Logger logger = Logger.getLogger(ApplicationEventPublisherImp.class);

	public void publishEvent(ApplicationEvent event) {
		logger.info("publishEvent: " + event);
	}

}



BankManager

package com.bulain.test;

public interface BankManager {
	/**
	 * Delete something
	 */
	public void deleteSomething(int id);
	
	/**
	 * Delete another
	 */
	public void deleteAnother(int id);
	
	/**
	 * Get balance
	 */
	public float getBalance(int id);
}



BankManagerImp

package com.bulain.test;

import org.apache.log4j.Logger;

public class BankManagerImp implements BankManager {
	private static Logger logger = Logger.getLogger(BankManagerImp.class);

	public void deleteSomething(int id) {
		logger.info("deleteSomething()");
	}

	public void deleteAnother(int id) {
		logger.info("deleteAnother()");
	}

	public float getBalance(int id) {
		logger.info("getBalance()");
		return 0;
	}
}



BankManagerImpTest

package com.bulain.test;

import junit.framework.TestCase;

import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.AuthenticationProvider;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.xml.XmlBeanFactory;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;

public class BankManagerImpTest extends TestCase {
	static Resource resource = new ClassPathResource("applicationContext.xml");
	static BeanFactory factory = new XmlBeanFactory(resource);

	private static void createSecureContext(final BeanFactory bf, final String username, final String password) {
		AuthenticationProvider provider = (AuthenticationProvider) bf.getBean("daoAuthenticationProvider");
		Authentication auth = provider.authenticate(new UsernamePasswordAuthenticationToken(username, password));
		SecurityContextHolder.getContext().setAuthentication(auth);
	}

	// Clear the security context after each test.
	public void teardown() {
		SecurityContextHolder.setContext(new SecurityContextImpl());
	}

	public static void main(String[] args) {
		junit.textui.TestRunner.run(BankManagerImpTest.class);
	}

	/*
	 * Test method for 'com.bulain.test.BankManagerImp.deleteSomething(int)'
	 */
	public void testDeleteSomething() {
		BankManager bankManager = (BankManager) factory.getBean("bankManager");
		createSecureContext(factory, "marissa", "koala");

		bankManager.deleteSomething(10);
	}

	/*
	 * Test method for 'com.bulain.test.BankManagerImp.deleteAnother(int)'
	 */
	public void testDeleteAnother() {
		BankManager bankManager = (BankManager) factory.getBean("bankManager");
		createSecureContext(factory, "marissa", "koala");

		bankManager.deleteAnother(10);
	}

	/*
	 * Test method for 'com.bulain.test.BankManagerImp.getBalance(int)'
	 */
	public void testGetBalance() {
		BankManager bankManager = (BankManager) factory.getBean("bankManager");
		createSecureContext(factory, "manager", "manager");

		bankManager.getBalance(10);
	}
}


applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
	<bean id="bankManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
		<property name="validateConfigAttributes">
			<value>true</value>
		</property>
		<property name="applicationEventPublisher">
			<bean class="com.bulain.test.ApplicationEventPublisherImp"/>
		</property>
		<property name="authenticationManager">
			<ref bean="authenticationManager"/>
		</property>
		<property name="accessDecisionManager">
			<ref bean="accessDecisionManager"/>
		</property>
		<property name="runAsManager">
			<ref bean="runAsManager"/>
		</property>
		<property name="afterInvocationManager">
			<ref bean="afterInvocationManager"/>
		</property>
		<property name="objectDefinitionSource">
			<value>com.bulain.test.BankManager.delete*=ROLE_SUPERVISOR,RUN_AS_SERVER
				com.bulain.test.BankManager.getBalance=ROLE_TELLER,ROLE_SUPERVISOR,BANKSECURITY_CUSTOMER,RUN_AS_SERVER</value>
		</property>
	</bean>
	
	<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
		<property name="providers">
			<list>
				<ref local="daoAuthenticationProvider"/>
				<bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
					<property name="key" value="changeThis"/>
				</bean>
				<bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
					<property name="key" value="changeThis"/>
				</bean>
			</list>
		</property>
	</bean>
	
	<bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
		<property name="allowIfAllAbstainDecisions" value="false"/>
		<property name="decisionVoters">
			<list>
				<bean class="org.acegisecurity.vote.RoleVoter"/>
				<bean class="org.acegisecurity.vote.AuthenticatedVoter"/>
			</list>
		</property>
	</bean>
	
	<bean id="runAsManager" class="org.acegisecurity.runas.RunAsManagerImpl">
		<property name="key" value="KEY"/>
	</bean>
	
	<bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager">
		<property name="providers">
			<list>
				<bean class="com.bulain.test.AfterInvocationProviderImp"/>
			</list>
		</property>
	</bean>
	
	<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
		<property name="userDetailsService" ref="userDetailsService"/>
		<property name="userCache">
			<bean class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
				<property name="cache">
					<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
						<property name="cacheManager">
							<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
						</property>
						<property name="cacheName" value="userCache"/>
					</bean>
				</property>
			</bean>
		</property>
	</bean>
	
	<bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
		<property name="userProperties">
			<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
				<property name="location" value="users.properties"/>
			</bean>
		</property>
	</bean>
	
	<bean id="bankManagerImp" class="com.bulain.test.BankManagerImp"/>
	
	<bean id="bankManager" class="org.springframework.aop.framework.ProxyFactoryBean">
		<property name="interceptorNames">	
			<list>
				<value>bankManagerSecurity</value>
			</list>		
		</property>
		<property name="target"><ref local="bankManagerImp"/></property>
	</bean>
</beans>


users.properties

marissa=koala,ROLE_SUPERVISOR
dianne=emu,ROLE_USER
scott=wombat,ROLE_USER
peter=opal,disabled,ROLE_USER
分享到:
评论
2 楼 bulain 2007-04-12  
少了ehcache的jar包。
1 楼 yuen 2007-04-04  
你好,我才开始看acegi,把你的这个例子运行了一下,出错了,可不可以帮我看一下,这是为什么?谢谢!
Exception in thread "main" org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'bankManager': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'bankManagerSecurity' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot resolve reference to bean 'authenticationManager' while setting bean property 'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationManager' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot resolve reference to bean 'daoAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoAuthenticationProvider' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot create inner bean 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' of type [org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache] while setting bean property 'userCache'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' defined in class path resource [com/bulain/test/applicationContext.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'bankManagerSecurity' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot resolve reference to bean 'authenticationManager' while setting bean property 'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationManager' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot resolve reference to bean 'daoAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoAuthenticationProvider' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot create inner bean 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' of type [org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache] while setting bean property 'userCache'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' defined in class path resource [com/bulain/test/applicationContext.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationManager' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot resolve reference to bean 'daoAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoAuthenticationProvider' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot create inner bean 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' of type [org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache] while setting bean property 'userCache'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' defined in class path resource [com/bulain/test/applicationContext.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoAuthenticationProvider' defined in class path resource [com/bulain/test/applicationContext.xml]: Cannot create inner bean 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' of type [org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache] while setting bean property 'userCache'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' defined in class path resource [com/bulain/test/applicationContext.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache#140c281' defined in class path resource [com/bulain/test/applicationContext.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException
Caused by: java.lang.NoClassDefFoundError: net/sf/ehcache/CacheException

相关推荐

    ldap与Acegi? ----Acegi配置文件解剖

    &lt;bean id="preInvocationFilter" class="org.acegisecurity.access.intercept.aopalliance.MethodSecurityInterceptor"&gt; &lt;!-- 定义方法级别的访问规则 --&gt; ``` 5. **Access Decision Manager** - ...

    Acegi入门到熟练

    Acegi 利用AOP的概念,通过`MethodSecurityInterceptor`对Service层的方法进行拦截,实现方法级别的安全控制。这意味着,不仅可以保护URL,还可以细化到对服务接口的每一个方法进行访问控制。 3. **ACL(Access ...

    acige包--acegi-security-1.0.7

    此外,还可以利用`FilterSecurityInterceptor`进行URL级别的访问控制,以及`MethodSecurityInterceptor`进行方法级别的权限控制。 ### 5. 总结 "acegi-security-1.0.7"作为ACEGI Security的一个版本,为开发者提供...

    spring-Acgei的一个小例子之六

    例如,定义一个 `MethodSecurityInterceptor`,并通过 `pointcut-expression` 指定拦截哪些方法调用。 #### 五、结论 本教程详细介绍了如何利用 Spring 的 IoC 容器来管理 Acegi 的依赖关系,以及如何配置 Acegi ...

    spring-Acgei的一个小例子之一

    在Spring-Acegi中,`MethodSecurityInterceptor`是关键组件,它拦截并处理具有安全约束的方法调用。我们可以通过配置Acegi来定义哪些方法需要特定的角色或权限才能访问。以下是一个简单的例子,展示了如何使用Acegi...

Global site tag (gtag.js) - Google Analytics