roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mrai...@apache.org
Subject svn commit: r376872 - in /incubator/roller/branches/roller_2.1: .classpath tools/spring-1.2/acegi-security-1.0.0-RC1.jar tools/spring-1.2/acegi-security-1.0.0-RC2.jar web/WEB-INF/security.xml
Date Fri, 10 Feb 2006 21:57:23 GMT
Author: mraible
Date: Fri Feb 10 13:57:21 2006
New Revision: 376872

URL: http://svn.apache.org/viewcvs?rev=376872&view=rev
Log:
Upgraded to Acegi Security 1.0 RC2

Added:
    incubator/roller/branches/roller_2.1/tools/spring-1.2/acegi-security-1.0.0-RC2.jar   (with
props)
Removed:
    incubator/roller/branches/roller_2.1/tools/spring-1.2/acegi-security-1.0.0-RC1.jar
Modified:
    incubator/roller/branches/roller_2.1/.classpath
    incubator/roller/branches/roller_2.1/web/WEB-INF/security.xml

Modified: incubator/roller/branches/roller_2.1/.classpath
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.1/.classpath?rev=376872&r1=376871&r2=376872&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.1/.classpath (original)
+++ incubator/roller/branches/roller_2.1/.classpath Fri Feb 10 13:57:21 2006
@@ -1,78 +1,78 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
-	<classpathentry kind="src" path="src"/>
-	<classpathentry kind="src" path="sandbox/jdobackend/src"/>
-	<classpathentry kind="src" path="sandbox/atomprotocol/src"/>
-	<classpathentry kind="src" path="sandbox/standalone/src"/>
-	<classpathentry kind="src" path="contrib/plugins/src"/>
-	<classpathentry kind="src" path="tests"/>
-	<classpathentry kind="src" path="build/generated/src.business"/>
-	<classpathentry kind="src" path="build/generated/src.presentation"/>
-	<classpathentry sourcepath="JRE_SRC" kind="var" path="JRE_LIB"/>
-	<classpathentry kind="lib" path="tools/buildtime/mockrunner-0.35/lib/nekohtml.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/mockrunner-0.35/lib/mockrunner-struts.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/mockrunner-0.35/lib/mockrunner-servlet.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/mockrunner-0.35/lib/mockrunner.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/tomcat-5.0.28/servlet-api.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/tomcat-5.0.28/jsp-api.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/xmlParserAPIs-2.3.0.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/xercesImpl-2.3.0.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/hsqldb.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/ejb-1.1.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/jakarta-oro-2.0.8.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/commons-net-1.2.2.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/ant-launcher.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/ant-junit.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/ant-commons-net.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/ant.jar"/>
-	<classpathentry kind="lib" path="tools/lib/xmlrpc-1.2-b1.jar"/>
-	<classpathentry kind="lib" path="tools/lib/velocity-tools-1.1.jar"/>
-	<classpathentry kind="lib" path="tools/lib/velocity-dep-1.4.jar"/>
-	<classpathentry kind="lib" path="tools/lib/velocity-1.4.jar"/>
-	<classpathentry kind="lib" path="tools/lib/taglibs-string.jar"/>
-	<classpathentry kind="lib" path="tools/lib/mail.jar"/>
-	<classpathentry kind="lib" path="tools/lib/lucene-1.4.3.jar"/>
-	<classpathentry kind="lib" path="tools/lib/jazzy-core.jar"/>
-	<classpathentry kind="lib" path="tools/lib/ekitapplet.jar"/>
-	<classpathentry kind="lib" path="tools/lib/concurrent-1.3.2.jar"/>
-	<classpathentry kind="lib" path="tools/lib/commons-httpclient-2.0.2.jar"/>
-	<classpathentry kind="lib" path="tools/lib/commons-betwixt-1.0-beta-1.jar"/>
-	<classpathentry kind="lib" path="tools/lib/activation.jar"/>
-	<classpathentry kind="lib" path="tools/standard-1.0.3/lib/standard.jar"/>
-	<classpathentry kind="lib" path="tools/standard-1.0.3/lib/jstl.jar"/>
-	<classpathentry kind="lib" path="tools/standard-1.0.3/lib/jaxen-full.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/struts-el.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/struts.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/jakarta-oro.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-validator.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-logging.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-lang-2.0.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-fileupload.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-digester.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-collections.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-beanutils.jar"/>
-	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/antlr.jar"/>
-	<classpathentry kind="lib" path="contrib/lib/textile4j-1.20.jar"/>
-	<classpathentry kind="lib" path="contrib/lib/radeox.jar"/>
-	<classpathentry kind="lib" path="contrib/lib/jython.jar"/>
-	<classpathentry kind="lib" path="contrib/lib/JSPWiki.jar"/>
-	<classpathentry kind="lib" path="tools/buildtime/junit-3.8.1.jar"/>
-	<classpathentry sourcepath="/Applications/Java/hibernate-3.0/src" kind="lib" path="tools/hibernate-3.0/hibernate3.jar"/>
-	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/jta.jar"/>
-	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/jdbc2_0-stdext.jar"/>
-	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/ehcache-1.1.jar"/>
-	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/dom4j-1.6.jar"/>
-	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/cglib-2.1.jar"/>
-	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/asm-attrs.jar"/>
-	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/asm.jar"/>
-	<classpathentry kind="lib" path="tools/lib/jdom.jar"/>
-	<classpathentry kind="lib" path="sandbox/atomprotocol/lib/rome-fetcher-0.8.jar"/>
-	<classpathentry kind="lib" path="sandbox/atomprotocol/lib/rome-0.8.jar"/>
-	<classpathentry kind="lib" path="sandbox/standalone/lib/catalina.jar"/>
-	<classpathentry kind="lib" path="tools/lib/log4j-1.2.11.jar"/>
-	<classpathentry kind="lib" path="tools/lib/commons-codec-1.3.jar"/>
-	<classpathentry kind="lib" path="tools/lib/rome-fetcher-0.7.jar"/>
-	<classpathentry kind="lib" path="tools/spring-1.2/spring.jar"/>
-	<classpathentry kind="lib" path="tools/spring-1.2/acegi-security-1.0.0-RC1.jar"/>
-	<classpathentry kind="output" path="classes.eclipse"/>
-</classpath>
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" path="src"/>
+	<classpathentry kind="src" path="sandbox/jdobackend/src"/>
+	<classpathentry kind="src" path="sandbox/atomprotocol/src"/>
+	<classpathentry kind="src" path="sandbox/standalone/src"/>
+	<classpathentry kind="src" path="contrib/plugins/src"/>
+	<classpathentry kind="src" path="tests"/>
+	<classpathentry kind="src" path="build/generated/src.business"/>
+	<classpathentry kind="src" path="build/generated/src.presentation"/>
+	<classpathentry sourcepath="JRE_SRC" kind="var" path="JRE_LIB"/>
+	<classpathentry kind="lib" path="tools/buildtime/mockrunner-0.35/lib/nekohtml.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/mockrunner-0.35/lib/mockrunner-struts.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/mockrunner-0.35/lib/mockrunner-servlet.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/mockrunner-0.35/lib/mockrunner.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/tomcat-5.0.28/servlet-api.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/tomcat-5.0.28/jsp-api.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/xmlParserAPIs-2.3.0.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/xercesImpl-2.3.0.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/hsqldb.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/ejb-1.1.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/jakarta-oro-2.0.8.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/commons-net-1.2.2.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/ant-launcher.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/ant-junit.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/ant-commons-net.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/ant-1.6.2/ant.jar"/>
+	<classpathentry kind="lib" path="tools/lib/xmlrpc-1.2-b1.jar"/>
+	<classpathentry kind="lib" path="tools/lib/velocity-tools-1.1.jar"/>
+	<classpathentry kind="lib" path="tools/lib/velocity-dep-1.4.jar"/>
+	<classpathentry kind="lib" path="tools/lib/velocity-1.4.jar"/>
+	<classpathentry kind="lib" path="tools/lib/taglibs-string.jar"/>
+	<classpathentry kind="lib" path="tools/lib/mail.jar"/>
+	<classpathentry kind="lib" path="tools/lib/lucene-1.4.3.jar"/>
+	<classpathentry kind="lib" path="tools/lib/jazzy-core.jar"/>
+	<classpathentry kind="lib" path="tools/lib/ekitapplet.jar"/>
+	<classpathentry kind="lib" path="tools/lib/concurrent-1.3.2.jar"/>
+	<classpathentry kind="lib" path="tools/lib/commons-httpclient-2.0.2.jar"/>
+	<classpathentry kind="lib" path="tools/lib/commons-betwixt-1.0-beta-1.jar"/>
+	<classpathentry kind="lib" path="tools/lib/activation.jar"/>
+	<classpathentry kind="lib" path="tools/standard-1.0.3/lib/standard.jar"/>
+	<classpathentry kind="lib" path="tools/standard-1.0.3/lib/jstl.jar"/>
+	<classpathentry kind="lib" path="tools/standard-1.0.3/lib/jaxen-full.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/struts-el.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/struts.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/jakarta-oro.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-validator.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-logging.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-lang-2.0.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-fileupload.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-digester.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-collections.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/commons-beanutils.jar"/>
+	<classpathentry kind="lib" path="tools/struts-1.2.4/lib/antlr.jar"/>
+	<classpathentry kind="lib" path="contrib/lib/textile4j-1.20.jar"/>
+	<classpathentry kind="lib" path="contrib/lib/radeox.jar"/>
+	<classpathentry kind="lib" path="contrib/lib/jython.jar"/>
+	<classpathentry kind="lib" path="contrib/lib/JSPWiki.jar"/>
+	<classpathentry kind="lib" path="tools/buildtime/junit-3.8.1.jar"/>
+	<classpathentry sourcepath="/Applications/Java/hibernate-3.0/src" kind="lib" path="tools/hibernate-3.0/hibernate3.jar"/>
+	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/jta.jar"/>
+	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/jdbc2_0-stdext.jar"/>
+	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/ehcache-1.1.jar"/>
+	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/dom4j-1.6.jar"/>
+	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/cglib-2.1.jar"/>
+	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/asm-attrs.jar"/>
+	<classpathentry kind="lib" path="tools/hibernate-3.0/lib/asm.jar"/>
+	<classpathentry kind="lib" path="tools/lib/jdom.jar"/>
+	<classpathentry kind="lib" path="sandbox/atomprotocol/lib/rome-fetcher-0.8.jar"/>
+	<classpathentry kind="lib" path="sandbox/atomprotocol/lib/rome-0.8.jar"/>
+	<classpathentry kind="lib" path="sandbox/standalone/lib/catalina.jar"/>
+	<classpathentry kind="lib" path="tools/lib/log4j-1.2.11.jar"/>
+	<classpathentry kind="lib" path="tools/lib/commons-codec-1.3.jar"/>
+	<classpathentry kind="lib" path="tools/lib/rome-fetcher-0.7.jar"/>
+	<classpathentry kind="lib" path="tools/spring-1.2/spring.jar"/>
+	<classpathentry kind="lib" path="tools/spring-1.2/acegi-security-1.0.0-RC2.jar"/>
+	<classpathentry kind="output" path="classes.eclipse"/>
+</classpath>

Added: incubator/roller/branches/roller_2.1/tools/spring-1.2/acegi-security-1.0.0-RC2.jar
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.1/tools/spring-1.2/acegi-security-1.0.0-RC2.jar?rev=376872&view=auto
==============================================================================
Binary file - no diff available.

Propchange: incubator/roller/branches/roller_2.1/tools/spring-1.2/acegi-security-1.0.0-RC2.jar
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Modified: incubator/roller/branches/roller_2.1/web/WEB-INF/security.xml
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.1/web/WEB-INF/security.xml?rev=376872&r1=376871&r2=376872&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.1/web/WEB-INF/security.xml (original)
+++ incubator/roller/branches/roller_2.1/web/WEB-INF/security.xml Fri Feb 10 13:57:21 2006
@@ -1,159 +1,159 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
-    "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<beans>
-
-    <!-- ======================== FILTER CHAIN ======================= -->
-    <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
-        <property name="filterInvocationDefinitionSource">
-            <value>
-                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-                PATTERN_TYPE_APACHE_ANT
-                /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter,anonymousProcessingFilter,securityEnforcementFilter
-            </value>
-        </property>
-    </bean>
-
-    <!-- ======================== AUTHENTICATION ======================= -->
-    
-    <!-- Note the order that entries are placed against the objectDefinitionSource is
critical.
-         The FilterSecurityInterceptor will work from the top of the list down to the FIRST
pattern that matches the request URL.
-         Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with
LEAST SPECIFIC (ie a/.*) expressions last -->
-    <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
-        <property name="authenticationManager" ref="authenticationManager"/>
-        <property name="accessDecisionManager" ref="accessDecisionManager"/>
-         <property name="objectDefinitionSource">
-            <value>
-                PATTERN_TYPE_APACHE_ANT
-                /editor/**=admin,editor
-                /admin/**=admin
-                /rewrite-status*=admin
-                /login-redirect.jsp=admin,editor
-            </value>
-        </property>
-    </bean>
-
-    <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
-        <property name="providers">
-            <list>
-                <ref local="daoAuthenticationProvider"/>
-                <ref local="anonymousAuthenticationProvider"/>
-                <!-- rememberMeAuthenticationProvider added programmatically -->
-            </list>
-        </property>
-    </bean>
-  
-    <!-- Log failed authentication attempts to commons-logging -->
-    <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/>

-    
-    <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
-         <property name="userDetailsService" ref="jdbcAuthenticationDao"/>
-         <property name="userCache" ref="userCache"/>
-    </bean>
-
-    <!-- Read users from database -->
-    <bean id="jdbcAuthenticationDao" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
-        <property name="dataSource">
-            <bean class="org.springframework.jndi.JndiObjectFactoryBean">
-                <property name="jndiName" value="java:comp/env/jdbc/rollerdb"/>
-            </bean>
-        </property>
-        <property name="usersByUsernameQuery">
-            <value>SELECT username,passphrase,isenabled FROM rolleruser WHERE username
= ?</value>
-        </property>
-        <property name="authoritiesByUsernameQuery">
-            <value>SELECT username,rolename FROM userrole WHERE username = ?</value>
-        </property>
-    </bean>
-
-    <bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
-        <property name="cache">
-            <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
-                <property name="cacheManager">
-                    <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
-                </property>
-                <property name="cacheName" value="userCache"/>
-            </bean>
-        </property>
-    </bean>
-   
-    <bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
-        <property name="key" value="anonymous"/>
-    </bean>
-    
-    <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter">
-        <property name="rolePrefix" value=""/>
-    </bean>
-
-    <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
-        <property name="allowIfAllAbstainDecisions" value="false"/>
-        <property name="decisionVoters">
-            <list>
-                <ref local="roleVoter"/>
-            </list>
-        </property>
-    </bean>
-    
-    <!-- ===================== HTTP REQUEST SECURITY ==================== -->
-    <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
-    
-    <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
-        <property name="authenticationManager" ref="authenticationManager"/>
-        <property name="authenticationFailureUrl" value="/loginerror.jsp"/>
-        <property name="defaultTargetUrl" value="/"/>
-        <property name="filterProcessesUrl" value="/j_security_check"/>
-        <property name="rememberMeServices" ref="rememberMeServices"/>
-    </bean>
-    
-    <bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
-        <property name="key" value="anonymous"/>
-        <property name="userAttribute" value="anonymous,ROLE_ANONYMOUS"/>
-    </bean>
-    
-    <bean id="securityEnforcementFilter" class="org.acegisecurity.intercept.web.SecurityEnforcementFilter">
-        <property name="filterSecurityInterceptor" ref="filterInvocationInterceptor"/>
-        <property name="authenticationEntryPoint" ref="authenticationProcessingFilterEntryPoint"/>
-    </bean>
-    
-    <bean id="remoteUserFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
-
-    <bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
-        <property name="loginFormUrl" value="/login.jsp"/>
-        <property name="forceHttps" value="false"/>
-    </bean>
-
-    <!-- ===================== REMEMBER ME ==================== -->
-    <bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">

-        <property name="rememberMeServices" ref="rememberMeServices"/>
-    </bean>
- 
-    <bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">

-        <property name="userDetailsService" ref="jdbcAuthenticationDao"/>
-        <property name="key" value="rollerlovesacegi"/> 
-        <property name="parameter" value="rememberMe"/>
-    </bean> 
-  
-    <bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">

-        <property name="key" value="rollerlovesacegi"/>
-    </bean>
-    
-    <!-- ===================== SSL SWITCHING ==================== -->
-    <bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">
-        <property name="channelDecisionManager" ref="channelDecisionManager"/>
-        <property name="filterInvocationDefinitionSource">
-            <value>
-                PATTERN_TYPE_APACHE_ANT
-            </value>
-        </property>
-    </bean>
-                
-    <bean id="channelDecisionManager" class="org.acegisecurity.securechannel.ChannelDecisionManagerImpl">
-        <property name="channelProcessors">
-            <list>
-                <bean class="org.acegisecurity.securechannel.SecureChannelProcessor"/>
-                <bean class="org.acegisecurity.securechannel.InsecureChannelProcessor"/>
-            </list>
-        </property>
-    </bean>
-</beans>
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
+    "http://www.springframework.org/dtd/spring-beans.dtd">
+
+<beans>
+
+    <!-- ======================== FILTER CHAIN ======================= -->
+    <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
+        <property name="filterInvocationDefinitionSource">
+            <value>
+                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
+                PATTERN_TYPE_APACHE_ANT
+                /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
+            </value>
+        </property>
+    </bean>
+
+    <!-- ======================== AUTHENTICATION ======================= -->
+    
+    <!-- Note the order that entries are placed against the objectDefinitionSource is
critical.
+         The FilterSecurityInterceptor will work from the top of the list down to the FIRST
pattern that matches the request URL.
+         Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with
LEAST SPECIFIC (ie a/.*) expressions last -->
+    <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
+        <property name="authenticationManager" ref="authenticationManager"/>
+        <property name="accessDecisionManager" ref="accessDecisionManager"/>
+         <property name="objectDefinitionSource">
+            <value>
+                PATTERN_TYPE_APACHE_ANT
+                /editor/**=admin,editor
+                /admin/**=admin
+                /rewrite-status*=admin
+                /login-redirect.jsp=admin,editor
+            </value>
+        </property>
+    </bean>
+
+    <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
+        <property name="providers">
+            <list>
+                <ref local="daoAuthenticationProvider"/>
+                <ref local="anonymousAuthenticationProvider"/>
+                <!-- rememberMeAuthenticationProvider added programmatically -->
+            </list>
+        </property>
+    </bean>
+  
+    <!-- Log failed authentication attempts to commons-logging -->
+    <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/>

+    
+    <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
+         <property name="userDetailsService" ref="jdbcAuthenticationDao"/>
+         <property name="userCache" ref="userCache"/>
+    </bean>
+
+    <!-- Read users from database -->
+    <bean id="jdbcAuthenticationDao" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
+        <property name="dataSource">
+            <bean class="org.springframework.jndi.JndiObjectFactoryBean">
+                <property name="jndiName" value="java:comp/env/jdbc/rollerdb"/>
+            </bean>
+        </property>
+        <property name="usersByUsernameQuery">
+            <value>SELECT username,passphrase,isenabled FROM rolleruser WHERE username
= ?</value>
+        </property>
+        <property name="authoritiesByUsernameQuery">
+            <value>SELECT username,rolename FROM userrole WHERE username = ?</value>
+        </property>
+    </bean>
+
+    <bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
+        <property name="cache">
+            <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
+                <property name="cacheManager">
+                    <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
+                </property>
+                <property name="cacheName" value="userCache"/>
+            </bean>
+        </property>
+    </bean>
+   
+    <bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
+        <property name="key" value="anonymous"/>
+    </bean>
+    
+    <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter">
+        <property name="rolePrefix" value=""/>
+    </bean>
+
+    <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
+        <property name="allowIfAllAbstainDecisions" value="false"/>
+        <property name="decisionVoters">
+            <list>
+                <ref local="roleVoter"/>
+            </list>
+        </property>
+    </bean>
+    
+    <!-- ===================== HTTP REQUEST SECURITY ==================== -->
+    <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
+    
+    <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
+        <property name="authenticationManager" ref="authenticationManager"/>
+        <property name="authenticationFailureUrl" value="/loginerror.jsp"/>
+        <property name="defaultTargetUrl" value="/"/>
+        <property name="filterProcessesUrl" value="/j_security_check"/>
+        <property name="rememberMeServices" ref="rememberMeServices"/>
+    </bean>
+    
+    <bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
+        <property name="key" value="anonymous"/>
+        <property name="userAttribute" value="anonymous,ROLE_ANONYMOUS"/>
+    </bean>
+    
+    <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
+        <property name="authenticationEntryPoint" ref="authenticationProcessingFilterEntryPoint"/>
+    </bean>
+    
+    <bean id="remoteUserFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
+
+    <bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
+        <property name="loginFormUrl" value="/login.jsp"/>
+        <property name="forceHttps" value="false"/>
+    </bean>
+
+    <!-- ===================== REMEMBER ME ==================== -->
+    <bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
+        <property name="authenticationManager" ref="authenticationManager"/>
+        <property name="rememberMeServices" ref="rememberMeServices"/>
+    </bean>
+ 
+    <bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">

+        <property name="userDetailsService" ref="jdbcAuthenticationDao"/>
+        <property name="key" value="rollerlovesacegi"/> 
+        <property name="parameter" value="rememberMe"/>
+    </bean> 
+  
+    <bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">

+        <property name="key" value="rollerlovesacegi"/>
+    </bean>
+    
+    <!-- ===================== SSL SWITCHING ==================== -->
+    <bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">
+        <property name="channelDecisionManager" ref="channelDecisionManager"/>
+        <property name="filterInvocationDefinitionSource">
+            <value>
+                PATTERN_TYPE_APACHE_ANT
+            </value>
+        </property>
+    </bean>
+                
+    <bean id="channelDecisionManager" class="org.acegisecurity.securechannel.ChannelDecisionManagerImpl">
+        <property name="channelProcessors">
+            <list>
+                <bean class="org.acegisecurity.securechannel.SecureChannelProcessor"/>
+                <bean class="org.acegisecurity.securechannel.InsecureChannelProcessor"/>
+            </list>
+        </property>
+    </bean>
+</beans>



Mime
View raw message