shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jha...@apache.org
Subject svn commit: r749156 [1/2] - in /incubator/jsecurity/import/trunk: ./ samples/quickstart/ samples/spring-hibernate/ samples/spring-hibernate/WEB-INF/ samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/ samples/spring-hibernate/src/org/jsecuri...
Date Mon, 02 Mar 2009 03:08:16 GMT
Author: jhaile
Date: Mon Mar  2 03:08:14 2009
New Revision: 749156

URL: http://svn.apache.org/viewvc?rev=749156&view=rev
Log:
Updated Spring-Hibernate sample with goal of simplifying code, adding a web interface, and using latest technology, annotations, etc.

Added:
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/BootstrapDataPopulator.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateDao.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateUserDAO.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/UserDAO.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/
      - copied from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/party/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Role.java
      - copied, changed from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/Role.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/SampleRealm.java
      - copied, changed from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/DefaultRealm.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/DefaultUserService.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/UserService.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/CurrentUserInterceptor.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserCommand.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserValidator.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/HomeController.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginCommand.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginValidator.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/ManageUsersController.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/SecurityController.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/SignupCommand.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/SignupController.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/SignupValidator.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/applicationContext.xml
      - copied, changed from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/WEB-INF/applicationContext.xml
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/classes/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/classes/ehcache.xml
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/classes/hibernate.cfg.xml
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/classes/log4j.properties
      - copied unchanged from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/WEB-INF/classes/log4j.properties
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/editUser.jsp
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/home.jsp
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/login.jsp
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/manageUsers.jsp
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/signup.jsp
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/sprhib-servlet.xml
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/web.xml
      - copied, changed from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/WEB-INF/web.xml
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/index.jsp
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/styles/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/styles/sample.css
    incubator/jsecurity/import/trunk/samples/spring-hibernate/web/unauthorized.jsp
Removed:
    incubator/jsecurity/import/trunk/samples/spring-hibernate/WEB-INF/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/eis/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/entity/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Gender.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Person.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/eis/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/party/
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/DefaultRealm.java
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/Role.java
Modified:
    incubator/jsecurity/import/trunk/ivy.xml
    incubator/jsecurity/import/trunk/jsecurity.iml
    incubator/jsecurity/import/trunk/jsecurity.ipr
    incubator/jsecurity/import/trunk/samples/quickstart/quickstart.iml
    incubator/jsecurity/import/trunk/samples/spring-hibernate/build.xml
    incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/User.java
    incubator/jsecurity/import/trunk/samples/standalone/standalone.iml

Modified: incubator/jsecurity/import/trunk/ivy.xml
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/ivy.xml?rev=749156&r1=749155&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/ivy.xml (original)
+++ incubator/jsecurity/import/trunk/ivy.xml Mon Mar  2 03:08:14 2009
@@ -59,8 +59,8 @@
                     conf="samples"/>
         <dependency org="xerces" name="xercesImpl" rev="2.8.1" transitive="false" conf="samples"/>
         <dependency org="quartz" name="quartz" rev="1.5.2" transitive="false" conf="compile"/>
-        <dependency org="org.springframework" name="spring" rev="2.5.1" transitive="false" conf="compile,samples"/>
-        <dependency org="org.springframework" name="spring-webmvc" rev="2.5.1" transitive="false" conf="samples"/>
+        <dependency org="org.springframework" name="spring" rev="2.5.6" transitive="false" conf="compile,samples"/>
+        <dependency org="org.springframework" name="spring-webmvc" rev="2.5.6" transitive="false" conf="samples"/>
         <dependency org="javax.servlet" name="servlet-api" rev="2.4" transitive="false" conf="compile,samples"/>
         <dependency org="javax.servlet.jsp" name="jsp-api" rev="2.0" transitive="false" conf="compile"/>
 
@@ -69,6 +69,10 @@
         <dependency org="javax.servlet" name="jstl" rev="1.2" transitive="false" conf="samples"/>
         <dependency org="taglibs" name="standard" rev="1.1.2" transitive="false" conf="samples"/>
         <dependency org="hsqldb" name="hsqldb" rev="1.8.0.7" transitive="false" conf="samples"/>
+        <dependency org="org.hibernate" name="ejb3-persistence" rev="1.0.2.GA" conf="samples"/>
+        <dependency org="org.hibernate" name="hibernate-annotations" rev="3.2.1.ga" conf="samples">
+            <exclude org="javax.transaction"/>
+        </dependency>
         <dependency org="org.hibernate" name="hibernate" rev="3.2.6.ga" conf="samples">
             <!-- JTA 1.0.1b jar is not allowed in the Maven repo because of Sun's binary license, so we have to
                  download it explictly from another location (we use Geronimo's version) -->
@@ -85,99 +89,6 @@
             <artifact name="docbook-libs" type="zip" ext="zip"/>
         </dependency>
 
-        <!-- TODO: move these contents (old library_versions.txt file) into appropriate places in this document. -->
-        <!-- This file lists all 3rd party libraries (and their versions!!!) that
-        are required to build or run the project.
-
-        If you're a developer editing this file, please keep all listings in alphabetical order for
-        convenient lookup.
-
-        Some notes:
-
-        - Each 3rd party library is stored in a directory named after the
-          open-source project or company that created it.  This makes for
-          easy organization of lots of libs.
-
-        - Jar files stored _do not_ have version numbers
-          actually in their file name.  If the jar originally comes as such,
-          it is renamed with the version number stripped off.  The version
-          number is instead maintained in this file.  The reason for this is
-          so that every time we need to upgrade any 3rd party library,
-          we don't have to edit any build.xml or properies files to reflect
-          a potential name change due to a version number - you just note
-          that change once in this file and overwrite the old jar, checking
-          in that overwrite to CVS in the process.
-
-        - Each 3rd party lib is listed here along with what it is
-          used for and if its needed for build-time, run-time or both.
-
-        - Thanks to the gents working on the Spring Framework (http://www.springframework.org)
-          that provided the template and the idea for this file.
-
-        * atunit/atunut.jar
-        - AtUnit 1.0
-        - Used in unit tests
-
-        * easymock/easymock.jar, easymockclassextension.jar
-        - EasyMock 2.2 w/ ClassExtension 2.2 (http://www.easymock.org)
-        - Used in test cases for creating dynamic mock objects
-
-        * ehcache/ehcache.jar
-        - ehcache 1.3.0 (http://ehcache.sourceforge.net/)
-        - Required for compiling, using ehcache cache manager, and for runtime session management
-
-        * google-collections/google-collect.jar
-        - Google Collections Snapshot 20071022
-        - Used in test cases for conveniently constructing collections
-
-        * hsqldb/hsqldb.jar
-        - HSQLDB 1.8.0.7 (http://www.hsqldb.org)
-        - Used in the sample application to show an example of a JDBC-based Realm.
-
-        * j2ee/jsp-api.jar
-        - JSP API 2.0 (http://java.sun.com/products/jsp)
-        - Required for building the RI tag libraries
-
-        * j2ee/servlet-api.jar
-        - Servlet API 2.4 (http://java.sun.com/products/servlet)
-        - required for building web support classes (Servlet Filters, etc)
-
-        * jakarta-commons/commons-beanutils-core.jar
-        - Commons BeanUtils 1.7.0 (http://jakarta.apache.org/commons/beanutils/index.html)
-        - required for building and running JSecurity
-        - used for constructing Permissions in the Reference Implementation's PermissionAnnotationAuthorizationModule
-
-        * jboss/jboss-aop.jar
-        - JBoss AOP jar from the JBoss 4.0.4.GA Application Server release
-        - Required at build time for JBoss integration support classes.
-
-        * jug/jug.jar
-        - Java Uuid Genrator (JUG) v. 2.0.0 (Apache 2.0 jar) (http://jug.safehaus.org/)
-        - used as a fallback UUID generator for memory-based session management if below Java 1.5
-
-        * junit/junit.jar
-        - JUnit Test Framework 4.1 (http://www.junit.org)
-        - Required for building and running test cases
-
-        * log4j/log4j.jar
-        - Log4J 1.2.9 (http://logging.apache.org/log4j)
-        - required by the RI during build and runtime for logging support
-
-        * quartz/quartz.jar
-        - Quartz 1.5.2 (http://www.opensymphony.com/quartz)
-        - required during build and runtime for Quartz-based session validation support
-
-        * retroweaver/retroweaver.jar,retroweaver-rt.jar
-        - Retroweaver 2.0 (http://retroweaver.sourceforge.net)
-        - required for retroweaving to support JDK 1.3 and 1.4
-        - rt jar is required at runtime if running in 1.3 or 1.4
-
-        * spring/spring.jar
-        - Spring Application Framework 2.0.2 (http://springframework.org)
-        - required to build Spring integration support and sample apps
-        -->
-
-
     </dependencies>
 
 </ivy-module>
\ No newline at end of file

Modified: incubator/jsecurity/import/trunk/jsecurity.iml
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/jsecurity.iml?rev=749156&r1=749155&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/jsecurity.iml (original)
+++ incubator/jsecurity/import/trunk/jsecurity.iml Mon Mar  2 03:08:14 2009
@@ -3,17 +3,10 @@
   <component name="FacetManager">
     <facet type="Spring" name="Spring">
       <configuration>
-        <fileset id="fileset1" name="Spring Sample" removed="false">
-          <file>file://$MODULE_DIR$/samples/spring/webroot/WEB-INF/applicationContext.xml</file>
-          <file>file://$MODULE_DIR$/samples/spring/etc/webstart.spring.xml</file>
-          <file>file://$MODULE_DIR$/samples/spring/webroot/WEB-INF/sample-servlet.xml</file>
-          <file>file://$MODULE_DIR$/samples/spring/webroot/WEB-INF/remoting-servlet.xml</file>
+        <fileset id="fileset2" name="Spring Hibernate Sample" removed="false">
+          <file>file://$MODULE_DIR$/samples/spring-hibernate/web/WEB-INF/applicationContext.xml</file>
+          <file>file://$MODULE_DIR$/samples/spring-hibernate/web/WEB-INF/sprhib-servlet.xml</file>
         </fileset>
-        <options>
-          <option name="enableValidation" value="true" />
-          <option name="reportErrorsAsWarnings" value="true" />
-        </options>
-        <customNs />
       </configuration>
     </facet>
     <facet type="web" name="jsecurity-web">
@@ -23,6 +16,7 @@
         </descriptors>
         <webroots>
           <root url="file://$MODULE_DIR$/samples/web" relative="/" />
+          <root url="file://$MODULE_DIR$/samples/spring-hibernate/web" relative="/" />
         </webroots>
         <sourceRoots>
           <root url="file://$MODULE_DIR$/src" />
@@ -32,11 +26,7 @@
           <setting name="EXPLODED_ENABLED" value="true" />
           <setting name="JAR_URL" value="file://$MODULE_DIR$/out/Quickstart Webapp.war" />
           <setting name="JAR_ENABLED" value="false" />
-          <setting name="BUILD_MODULE_ON_FRAME_DEACTIVATION" value="false" />
-          <setting name="BUILD_EXTERNAL_DEPENDENCIES" value="false" />
           <setting name="EXCLUDE_EXPLODED_DIRECTORY" value="true" />
-          <setting name="RUN_JASPER_VALIDATION" value="true" />
-          <setting name="BUILD_ONLY_WEB_RESOURCES" value="false" />
         </building>
         <packaging>
           <containerElement type="module" name="jsecurity">
@@ -59,6 +49,14 @@
         </packaging>
       </configuration>
     </facet>
+    <facet type="hibernate" name="Hibernate">
+      <configuration>
+        <datasource-map>
+          <unit-entry name="samples/spring-hibernate/web/WEB-INF/classes/hibernate.cfg.xml" />
+        </datasource-map>
+        <deploymentDescriptor name="hibernate.cfg.xml" url="file://$MODULE_DIR$/samples/spring-hibernate/web/WEB-INF/classes/hibernate.cfg.xml" optional="false" version="3.0" />
+      </configuration>
+    </facet>
   </component>
   <component name="NewModuleRootManager" inherit-compiler-output="false">
     <output url="file://$MODULE_DIR$/build/classes" />
@@ -89,7 +87,6 @@
       </library>
     </orderEntry>
     <orderEntry type="library" name="quickstart-libs" level="project" />
-    <orderEntryProperties />
   </component>
   <component name="copyright">
     <Base>

Modified: incubator/jsecurity/import/trunk/jsecurity.ipr
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/jsecurity.ipr?rev=749156&r1=749155&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/jsecurity.ipr (original)
+++ incubator/jsecurity/import/trunk/jsecurity.ipr Mon Mar  2 03:08:14 2009
@@ -7,6 +7,7 @@
       <antReference projectDefault="true" />
       <customJdkName value="" />
       <maximumHeapSize value="128" />
+      <maximumStackSize value="32" />
       <properties />
     </buildFile>
   </component>
@@ -40,6 +41,9 @@
       <entry name="?*.tld" />
     </wildcardResourcePatterns>
   </component>
+  <component name="CopyrightManager" default="">
+    <module2copyright />
+  </component>
   <component name="DependenciesAnalyzeManager">
     <option name="myForwardDirection" value="false" />
   </component>
@@ -60,6 +64,7 @@
     <option name="ADDITIONAL_OPTIONS_STRING" value="" />
     <option name="MAXIMUM_HEAP_SIZE" value="128" />
   </component>
+  <component name="Encoding" useUTFGuessing="true" native2AsciiForPropertiesFiles="false" />
   <component name="EntryPointsManager">
     <entry_points version="2.0" />
   </component>
@@ -275,7 +280,13 @@
       </item>
     </group>
   </component>
+  <component name="ProjectDetails">
+    <option name="projectName" value="jsecurity" />
+  </component>
   <component name="ProjectFileVersion" converted="true" />
+  <component name="ProjectKey">
+    <option name="state" value="https://svn.apache.org/repos/asf/incubator/jsecurity/import/trunk/jsecurity.ipr" />
+  </component>
   <component name="ProjectModuleManager">
     <modules>
       <module fileurl="file://$PROJECT_DIR$/jsecurity.iml" filepath="$PROJECT_DIR$/jsecurity.iml" />
@@ -283,7 +294,7 @@
       <module fileurl="file://$PROJECT_DIR$/samples/standalone/standalone.iml" filepath="$PROJECT_DIR$/samples/standalone/standalone.iml" />
     </modules>
   </component>
-  <component name="ProjectRootManager" version="2" assert-keyword="true" jdk-15="true" project-jdk-name="1.5" project-jdk-type="JavaSDK">
+  <component name="ProjectRootManager" version="2" languageLevel="JDK_1_5" assert-keyword="true" jdk-15="true" project-jdk-name="1.5" project-jdk-type="JavaSDK">
     <output url="file://$PROJECT_DIR$/build/idea" />
   </component>
   <component name="ResourceManagerContainer">
@@ -318,7 +329,8 @@
         </entry>
       </map>
     </option>
-    <option name="myVersion" value="123" />
+    <option name="myVersion" value="124" />
+    <option name="mySupportsUserInfoFilter" value="true" />
   </component>
   <component name="VcsDirectoryMappings">
     <mapping directory="" vcs="svn" />
@@ -486,39 +498,11 @@
   <component name="libraryTable">
     <library name="all-libs">
       <CLASSES>
-        <root url="jar://$PROJECT_DIR$/lib/test/dom4j.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/servlet-api.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/junit.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/spring.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/backport-util-concurrent.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/ehcache.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/jsp-api.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/asm.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/jstl.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/geronimo-jta_1.0.1B_spec.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/commons-beanutils.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/retroweaver-rt.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/log4j.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/quartz.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/hsqldb.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/hibernate.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/docbook-libs.zip!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/spring-webmvc.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/commons-logging.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/asm-util.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/commons-collections.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/asm-commons.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/antlr.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/standard.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/cglib.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/easymockclassextension.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/retroweaver.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/asm-attrs.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/asm-tree.jar!/" />
-        <root url="jar://$PROJECT_DIR$/lib/test/easymock.jar!/" />
+        <root url="file://$PROJECT_DIR$/lib/test" />
       </CLASSES>
       <JAVADOC />
       <SOURCES />
+      <jarDirectory url="file://$PROJECT_DIR$/lib/test" recursive="false" />
     </library>
     <library name="quickstart-libs">
       <CLASSES>

Modified: incubator/jsecurity/import/trunk/samples/quickstart/quickstart.iml
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/quickstart/quickstart.iml?rev=749156&r1=749155&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/samples/quickstart/quickstart.iml (original)
+++ incubator/jsecurity/import/trunk/samples/quickstart/quickstart.iml Mon Mar  2 03:08:14 2009
@@ -9,7 +9,6 @@
     <orderEntry type="sourceFolder" forTests="false" />
     <orderEntry type="module" module-name="jsecurity" />
     <orderEntry type="library" name="quickstart-libs" level="project" />
-    <orderEntryProperties />
   </component>
   <component name="copyright">
     <Base>

Modified: incubator/jsecurity/import/trunk/samples/spring-hibernate/build.xml
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/build.xml?rev=749156&r1=749155&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/build.xml (original)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/build.xml Mon Mar  2 03:08:14 2009
@@ -98,7 +98,7 @@
 -  dist - create distribution war (which will be used for deployment)
 -  =================================================================== -->
   <target name="dist" depends="compile,jar" description="Creates the quickstart .war">
-    <war warfile="${dist.war}" webxml="WEB-INF/web.xml">
+    <war warfile="${dist.war}" webxml="web/WEB-INF/web.xml">
       <lib dir="${dist.dir}" includes="*.jar"/>
       <lib dir="${root.dist.dir}" includes="jsecurity.jar"/>
       <lib dir="${lib.dir}/samples">
@@ -110,10 +110,12 @@
         <include name="backport-util-concurrent.jar"/>
         <include name="hsqldb.jar"/>
         <include name="spring.jar"/>
+        <include name="spring-webmvc.jar"/>
       </lib>
       <!-- Hibernate libs: -->
       <lib dir="${lib.dir}/samples">
-        <include name="hibernate.jar"/>
+        <include name="persistence-api.jar"/>
+        <include name="hibernate*.jar"/>
         <include name="antlr.jar"/>
         <include name="asm-attrs.jar"/>
         <include name="asm.jar"/>
@@ -122,8 +124,7 @@
         <include name="dom4j.jar"/>
         <include name="commons-collections.jar"/>
       </lib>
-      <fileset dir="${module.base.dir}" includes="**" excludes="**/web.xml, **/build.xml"/>
-      <!-- <lib dir="${dist.dir}" includes="*.jar"/> -->
+      <fileset dir="${module.base.dir}/web" includes="**" excludes="**/web.xml, **/build.xml"/>
     </war>
   </target>
 

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/BootstrapDataPopulator.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/BootstrapDataPopulator.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/BootstrapDataPopulator.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/BootstrapDataPopulator.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,63 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.dao;
+
+import org.hibernate.SessionFactory;
+import org.jsecurity.crypto.hash.Sha256Hash;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.stereotype.Component;
+
+import javax.sql.DataSource;
+
+/**
+ * Loads sample data for the sample app since it's an in-memory database.
+ */
+@Component
+public class BootstrapDataPopulator implements InitializingBean {
+
+    private DataSource dataSource;
+    private SessionFactory sessionFactory;
+
+    @Autowired
+    public void setDataSource(DataSource dataSource) {
+        this.dataSource = dataSource;
+    }
+    
+    // Session factory is only injected to ensure it is initialized before this runs
+    @Autowired
+    public void setSessionFactory(SessionFactory sessionFactory) {
+        this.sessionFactory = sessionFactory;
+    }
+
+    public void afterPropertiesSet() throws Exception {
+        //because we're using an in-memory hsqldb for the sample app, a new one will be created each time the
+        //app starts, so insert the sample admin user at startup:
+        JdbcTemplate jdbcTemplate = new JdbcTemplate(this.dataSource);
+
+        jdbcTemplate.execute( "insert into roles values (1, 'user', 'The default role given to all users.')" );
+        jdbcTemplate.execute( "insert into roles values (2, 'admin', 'The administrator role only given to site admins')" );
+        jdbcTemplate.execute( "insert into roles_permissions values (2, 'user:*')" );
+        jdbcTemplate.execute( "insert into users(id,username,email,password) values (1, 'admin', 'sample@jsecurity.org', '" + new Sha256Hash("admin").toHex() + "')" );
+        jdbcTemplate.execute( "insert into users_roles values (1, 2)" );
+        
+
+    }
+}

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateDao.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateDao.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateDao.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateDao.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.dao;
+
+import org.hibernate.Session;
+import org.hibernate.SessionFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.orm.hibernate3.SessionFactoryUtils;
+
+/**
+ * Convenience superclass for DAOs that contains annotations for injecting the session factory
+ * and accessing the session.
+ */
+public abstract class HibernateDao {
+
+    private SessionFactory sessionFactory;
+
+    @Autowired
+    public void setSessionFactory(SessionFactory sessionFactory) {
+        this.sessionFactory = sessionFactory;
+    }
+
+    public Session getSession() {
+        return SessionFactoryUtils.getSession(this.sessionFactory, true);
+    }    
+
+}

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateUserDAO.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateUserDAO.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateUserDAO.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateUserDAO.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.dao;
+
+import org.jsecurity.samples.sprhib.model.User;
+import org.springframework.stereotype.Repository;
+import org.springframework.util.Assert;
+
+import java.util.List;
+
+@Repository("userDAO")
+@SuppressWarnings("unchecked")
+public class HibernateUserDAO extends HibernateDao implements UserDAO {
+
+    public User getUser(Long userId) {
+        return (User) getSession().get(User.class, userId);
+    }
+
+    public User findUser(String username) {
+        Assert.hasText(username);
+        String query = "from User u where u.username = :username";
+        return (User) getSession().createQuery(query).setString("username", username).uniqueResult();
+    }
+
+    public void createUser(User user) {
+        getSession().save( user );
+    }
+
+    public List<User> getAllUsers() {
+        return getSession().createQuery("from User order by username").list();
+    }
+
+    public void deleteUser(Long userId) {
+        User user = getUser(userId);
+        if( user != null ) {
+            getSession().delete(user);
+        }
+    }
+
+    public void updateUser(User user) {
+        getSession().update(user);
+    }
+
+}
+

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/UserDAO.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/UserDAO.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/UserDAO.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/UserDAO.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.dao;
+
+import org.jsecurity.samples.sprhib.model.User;
+
+import java.util.List;
+
+/**
+ * Data Access Object for User related operations.
+ */
+public interface UserDAO {
+
+    User getUser(Long userId);
+
+    User findUser(String username);
+
+    void createUser(User user);
+
+    List<User> getAllUsers();
+
+    void deleteUser(Long userId);
+
+    void updateUser(User user);
+}

Copied: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Role.java (from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/Role.java)
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Role.java?p2=incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Role.java&p1=incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/Role.java&r1=749109&r2=749156&rev=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/Role.java (original)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Role.java Mon Mar  2 03:08:14 2009
@@ -16,51 +16,53 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.jsecurity.samples.sprhib.security;
+package org.jsecurity.samples.sprhib.model;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.jsecurity.authz.Permission;
-import org.jsecurity.samples.sprhib.entity.Entity;
-import org.jsecurity.samples.sprhib.party.User;
+import org.hibernate.annotations.Cache;
+import org.hibernate.annotations.CacheConcurrencyStrategy;
+import org.hibernate.annotations.CollectionOfElements;
+import org.hibernate.annotations.Index;
 
-import java.util.HashSet;
+import javax.persistence.*;
 import java.util.Set;
 
 /**
- * Created on: Sep 16, 2005 4:00:20 PM
- *
- * @author Les Hazlewood
+ * Model object that represents a security role.
  */
-public class Role extends Entity {
+@Entity
+@Table(name="roles")
+@Cache(usage= CacheConcurrencyStrategy.READ_WRITE)
+public class Role {
 
-    private static final Log log = LogFactory.getLog(Role.class);
-
-    public static final String ROOT_ROLE_NAME = "root";
-    public static final String PRIVATE_ROLE_NAME = "private";
+    private Long id;
 
     private String name;
 
     private String description;
 
-    private User owner;
-
-    private boolean isPrivate = false;
-
-    private Set<Permission> permissions;
+    private Set<String> permissions;
 
-    public Role() {
+    protected Role() {
     }
 
     public Role(String name) {
         this.name = name;
     }
 
-    public Role(String name, User owner) {
-        this.name = name;
-        this.owner = owner;
+
+    @Id
+    @GeneratedValue
+    public Long getId() {
+        return id;
     }
 
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    @Basic(optional=false)
+    @Column(length=100)
+    @Index(name="idx_roles_name")
     public String getName() {
         return name;
     }
@@ -69,6 +71,8 @@
         this.name = name;
     }
 
+    @Basic(optional=false)
+    @Column(length=255)
     public String getDescription() {
         return description;
     }
@@ -77,135 +81,17 @@
         this.description = description;
     }
 
-    public boolean isPrivate() {
-        return isPrivate;
-    }
-
-    public void setPrivate(boolean isPrivate) {
-        this.isPrivate = isPrivate;
-    }
-
-    public User getOwner() {
-        return owner;
-    }
-
-    public void setOwner(User owner) {
-        this.owner = owner;
-    }
-
-    public Set<Permission> getPermissions() {
+    @CollectionOfElements
+    @JoinTable(name="roles_permissions")
+    @Cache(usage=CacheConcurrencyStrategy.READ_WRITE)
+    public Set<String> getPermissions() {
         return permissions;
     }
 
-    public void setPermissions(Set<Permission> permissions) {
+    public void setPermissions(Set<String> permissions) {
         this.permissions = permissions;
     }
 
-    /**
-     * Adds a Permission to this party's collection of
-     * {@link #getPermissions() permissions}.
-     *
-     * <p>If the existing permissions collection is <tt>null</tt>,
-     * a new collection will be created and assigned to this role and then the permission will
-     * be added.
-     *
-     * <p>If the specified permission already exists in this role's collection, it will not
-     * be added again.
-     *
-     * @param p the Permission to add/associate with this Role
-     */
-    public void add(Permission p) {
-        Set<Permission> perms = getPermissions();
-        if (perms == null) {
-            perms = new HashSet<Permission>();
-            setPermissions(perms);
-        }
-        perms.add(p);
-    }
-
-    public boolean remove(Permission p) {
-        Set<Permission> perms = getPermissions();
-        return perms != null && perms.remove(p);
-    }
-
-    public boolean isPermitted(Permission p) {
-        Set<Permission> perms = getPermissions();
-        if (perms != null && !perms.isEmpty()) {
-            for (Permission perm : perms) {
-                if (perm.implies(p)) {
-                    if (log.isTraceEnabled()) {
-                        String msg = "saved permission implies permission argument.  Role [" +
-                                getName() + "] has permission";
-                        log.trace(msg);
-                    }
-                    return true;
-                }
-            }
-        }
-
-        if (log.isTraceEnabled()) {
-            log.trace("No saved permissions implies the permission argument.  Role [" +
-                    getName() + "] doesn't have the specified permission");
-        }
-
-        return false;
-    }
-
-    public boolean onEquals(Entity e) {
-        if (e instanceof Role) {
-            Role r = (Role) e;
-            return getName().equals(r.getName()) &&
-                    (owner != null ? owner.equals(r.getOwner()) : r.getOwner() == null);
-        }
-
-        return false;
-    }
-
-    public int hashCode() {
-        int result = name.hashCode();
-        result = 29 * result + (owner != null ? owner.hashCode() : 0);
-        return result;
-    }
-
-    public StringBuffer toStringBuffer() {
-        StringBuffer sb = super.toStringBuffer();
-        sb.append(",name=").append(getName());
-        sb.append(",description=[").append(getDescription()).append("]");
-        sb.append(",permissions={").append("<lazy property omitted>").append("}");
-        return sb;
-    }
-
-    /**
-     * Returns a shallow copy (i.e. the owner and Permission instances in the permissions
-     * collection copied into a new list instead of being cloned themselves).  This should be fine since permission
-     * objects are immutable.
-     */
-    @Override
-    @SuppressWarnings({"CloneDoesntDeclareCloneNotSupportedException"})
-    public Object clone() {
-        Role clone = (Role) super.clone();
-        clone.setName(getName());
-        clone.setDescription(getDescription());
-        clone.setOwner(getOwner());
-        Set<Permission> perms = getPermissions();
-        if (perms != null && !perms.isEmpty()) {
-            Set<Permission> permClones = new HashSet<Permission>(perms.size());
-            for (Permission p : perms) {
-                permClones.add(p);
-            }
-            clone.setPermissions(permClones);
-        }
-
-        return clone;
-    }
-
-    public void clearPermissions() {
-        Set<Permission> perms = getPermissions();
-        if (perms != null && !perms.isEmpty()) {
-            permissions.clear();
-        }
-    }
-
 }
 
 

Modified: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/User.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/User.java?rev=749156&r1=749109&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/User.java (original)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/User.java Mon Mar  2 03:08:14 2009
@@ -16,68 +16,54 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.jsecurity.samples.sprhib.party;
+package org.jsecurity.samples.sprhib.model;
 
-import org.jsecurity.authc.Account;
-import org.jsecurity.authz.Permission;
-import org.jsecurity.samples.sprhib.security.Role;
-import org.jsecurity.subject.PrincipalCollection;
-import org.jsecurity.subject.SimplePrincipalCollection;
-
-import java.text.DateFormat;
-import java.util.*;
-import java.util.regex.Pattern;
+import org.hibernate.annotations.Cache;
+import org.hibernate.annotations.CacheConcurrencyStrategy;
+import org.hibernate.annotations.Index;
+
+import javax.persistence.*;
+import java.util.HashSet;
+import java.util.Set;
 
 /**
- * Simple class that represents any User domain entity in any application.  It extends the {@link Person Person} class
- * to show a non-trivial class hierarchy, since such hierarchies exist in most Hibernate applications in one form
- * or another.  Naturally you could ignore the parent class in your application, but it does represent a clean
- * OO way of modeling things.
- *
- * <p>This class implements the {@link org.jsecurity.authc.Account} interface for dead-simple integration
- * with JSecurity - this allows you to use your User objects directly inside of
- * {@link org.jsecurity.realm.Realm Realm} implementations, significantly reducing the implementation effort.</p>
+ * Simple class that represents any User domain entity in any application.
  *
  * <p>Because this class performs its own Realm and Permission checks, and these can happen frequently enough in a
- * production application, it is highly recommended that the internal User {@link #getUserRoles} collection be cached
+ * production application, it is highly recommended that the internal User {@link #getRoles} collection be cached
  * in a 2nd-level cache when using JPA and/or Hibernate.  The hibernate xml configuration for this sample application
  * does in fact do this for your reference (see User.hbm.xml - the 'roles' declaration).</p>
- *
- * <p>If you ever decide not to use JSecurity, the only domain change would be to simply remove the
- * <code>Account</code> interface declaration</p>
- *
- * @author Les Hazlewood
  */
-public class User extends Person implements Account {
-
-    /**
-     * Requires 6 or more alphanumeric and/or punctuation characters.
-     */
-    public static final Pattern VALID_PASSWORD_PATTERN = Pattern.compile("[\\p{Alnum}\\p{Punct}]{6,255}");
-
-    public static final Pattern VALID_USERNAME_PATTERN = Pattern.compile("[\\p{Alnum}_-]{1,255}");
-
-    public static final String ROOT_USER_USERNAME = "root";
+@Entity
+@Table(name="users")
+@Cache(usage= CacheConcurrencyStrategy.READ_WRITE)
+public class User  {
 
+    private Long id;
     private String username;
+    private String email;
     private String password;
-    private String passwordResetKey; //UUID generated when they ask to reset the password
-    private Date passwordResetKeyTimestamp; //when they asked to reset the password
-    private Date lastLoginTimestamp; //can be null if never logged in
-    private Date lockTimestamp; //date the account was locked, null means unlocked (default behavior)
-    private boolean sessionTimeoutEnabled = true; //per-user session configuration
+    private Set<Role> roles = new HashSet<Role>();
 
-    private Set<Role> roles;
 
-    public User() {
+    @Id
+    @GeneratedValue
+    public Long getId() {
+        return id;
     }
 
+    public void setId(Long id) {
+        this.id = id;
+    }
 
     /**
      * Returns the username associated with this user account;
      *
      * @return the username associated with this user account;
      */
+    @Basic(optional=false)
+    @Column(length=100)
+    @Index(name="idx_users_username")
     public String getUsername() {
         return username;
     }
@@ -86,11 +72,23 @@
         this.username = username;
     }
 
+    @Basic(optional=false)
+    @Index(name="idx_users_email")
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
     /**
      * Returns the password for this user.
      *
      * @return this user's password
      */
+    @Basic(optional=false)
+    @Column(length=255)
     public String getPassword() {
         return password;
     }
@@ -99,302 +97,18 @@
         this.password = password;
     }
 
-    /**
-     * If the user forgets their password, this key is set first.  If they then request to reset their password, they
-     * must submit this key for the reset request to be valid.  Otherwise, the password reset is timed out after a
-     * certain amount of time after {@link #getPasswordResetKeyTimestamp() passwordResetKeyTimestamp}
-     *
-     * @return
-     */
-    public String getPasswordResetKey() {
-        return passwordResetKey;
-    }
-
-    public void setPasswordResetKey(String passwordResetKey) {
-        this.passwordResetKey = passwordResetKey;
-    }
-
-    public Date getPasswordResetKeyTimestamp() {
-        return passwordResetKeyTimestamp;
-    }
-
-    public void setPasswordResetKeyTimestamp(Date passwordResetKeyTimestamp) {
-        this.passwordResetKeyTimestamp = passwordResetKeyTimestamp;
-    }
-
-    /**
-     * Returns the timestamp this User last logged in successfully to the application, or
-     * <tt>null</tt> if the user has never logged in.
-     *
-     * @return the timestamp this User last logged in successfully to the application, or
-     *         <tt>null</tt> if the user has never logged in.
-     */
-    public Date getLastLoginTimestamp() {
-        return lastLoginTimestamp;
-    }
-
-    /**
-     * Sets the timestamp this User last logged in successfully to the application.
-     *
-     * @param lastLoginTimestamp the timestamp this User last logged in successfully to the
-     *                           application.
-     */
-    public void setLastLoginTimestamp(Date lastLoginTimestamp) {
-        this.lastLoginTimestamp = lastLoginTimestamp;
-    }
-
-    /**
-     * Returns the time when this account was locked, either due to too many login attempts, an
-     * explicit lock-out by an administrator, or because of some other security reason. <p>This
-     * method returns <tt>null</tt> if the account is not locked and is considered to be in good
-     * standing</p>
-     *
-     * @return the time when this account was locked, or <tt>null</tt> if this account is not locked
-     *         and is considered to be in good standing.
-     */
-    public Date getLockTimestamp() {
-        return lockTimestamp;
-    }
-
-    public void setLockTimestamp(Date lockTimestamp) {
-        this.lockTimestamp = lockTimestamp;
-    }
-
-    /**
-     * Returns whether or not this particular user account can expire due to inactivity. <p>Defaults
-     * to <tt>true</tt> as almost all user accounts should expire due to inactivity.
-     *
-     * @return <tt>true</tt> if this user's sessions can timeout due to inactivity, <tt>false</tt>
-     *         otherwise.
-     */
-    public boolean isSessionTimeoutEnabled() {
-        return sessionTimeoutEnabled;
-    }
-
-    public void setSessionTimeoutEnabled(boolean sessionTimeoutEnabled) {
-        this.sessionTimeoutEnabled = sessionTimeoutEnabled;
-    }
-
-    /**
-     * Returns whether or not this user account is locked, thereby preventing further log-ins.
-     *
-     * @return <tt>true</tt> if this user account is locked and will not be allowed to log-in,
-     *         <tt>false</tt>
-     */
-    public boolean isLocked() {
-        return getLockTimestamp() != null;
-    }
 
-    /**
-     * Convenience method for updating the state to locked.
-     *
-     * @param locked whether or not this user account will be locked.
-     * @see #getLockTimestamp()
-     */
-    public void setLocked(boolean locked) {
-        if (locked) {
-            if (getLockTimestamp() == null) {
-                setLockTimestamp(new Date());
-            }
-        } else {
-            setLockTimestamp(null);
-        }
-    }
-
-    public Set<Role> getUserRoles() {
+    @ManyToMany
+    @JoinTable(name="users_roles")
+    @Cache(usage=CacheConcurrencyStrategy.READ_WRITE)
+    public Set<Role> getRoles() {
         return roles;
     }
 
-    public void setUserRoles(Set<Role> roles) {
+    public void setRoles(Set<Role> roles) {
         this.roles = roles;
     }
 
-    public Role getRole(String name) {
-        Collection<Role> roles = getUserRoles();
-        if (roles != null && !roles.isEmpty()) {
-            for (Role role : roles) {
-                if (role.getName().equals(name)) {
-                    return role;
-                }
-            }
-        }
-        return null;
-    }
-
-    /**
-     * Adds a Role to this user's collection of {@link #getRoles() roles}.
-     *
-     * <p>If the existing roles collection is <tt>null</tt>, a new collection will be created and
-     * assigned to this User and then the Role will be added.
-     *
-     * @param r the Role to add/associate with this User
-     */
-    public void add(Role r) {
-        Set<Role> roles = getUserRoles();
-        if (roles == null) {
-            roles = new LinkedHashSet<Role>();
-            setUserRoles(roles);
-        }
-        roles.add(r);
-    }
-
-    public boolean removeRole(Role r) {
-        Set<Role> roles = getUserRoles();
-        return roles != null && roles.remove(r);
-    }
-
-    protected String getPrivateRoleName(PrincipalCollection principals) {
-        return getClass().getName() + "_PRIVATE_ROLE_" + PrincipalCollection.class.getName();
-    }
-
-    protected Role createPrivateRole(PrincipalCollection principals) {
-        String privateRoleName = getPrivateRoleName(principals);
-        return new Role(privateRoleName, this);
-    }
-
-    public Set<Permission> getPermissions() {
-        Set<Permission> permissions = new HashSet<Permission>();
-        for (Role role : roles) {
-            permissions.addAll(role.getPermissions());
-        }
-        return permissions;
-    }
-
-    public Set<String> getRolenames() {
-        Set<String> rolenames = new HashSet<String>();
-        for (Role role : roles) {
-            rolenames.add(role.getName());
-        }
-        return rolenames;
-    }
-
-    public void addRole(String roleName) {
-        Role existing = getRole(roleName);
-        if (existing == null) {
-            Role role = new Role(roleName);
-            add(role);
-        }
-    }
-
-    public void addRoles(Set<String> roleNames) {
-        if (roleNames != null && !roleNames.isEmpty()) {
-            for (String name : roleNames) {
-                addRole(name);
-            }
-        }
-    }
-
-    public void addAll(Collection<Role> roles) {
-        if (roles != null && !roles.isEmpty()) {
-            Set<Role> existingRoles = getUserRoles();
-            if (existingRoles == null) {
-                existingRoles = new LinkedHashSet<Role>(roles.size());
-                setUserRoles(existingRoles);
-            }
-            existingRoles.addAll(roles);
-        }
-    }
-
-
-    public static boolean isValidPassword(String password) {
-        return password != null && VALID_PASSWORD_PATTERN.matcher(password).matches();
-    }
-
-    public static boolean isValidUsername(String username) {
-        return username != null && VALID_USERNAME_PATTERN.matcher(username).matches();
-    }
-
-
-    public StringBuffer toStringBuffer() {
-        StringBuffer sb = super.toStringBuffer();
-        sb.append(",username=").append(getUsername());
-        sb.append(",password=<protected>");
-        DateFormat df = DateFormat.getInstance();
-        Date ts = getLastLoginTimestamp();
-        if (ts != null) {
-            sb.append(",lastLoginTimestamp=").append(df.format(ts));
-        }
-        ts = getLockTimestamp();
-        if (ts != null) {
-            sb.append(",lockTimestamp=").append(df.format(ts));
-        }
-        sb.append(",sessionTimeoutEnabled=").append(isSessionTimeoutEnabled());
-
-        return sb;
-    }
-
-    public boolean onEquals(Object o) {
-        if (o instanceof User) {
-            User u = (User) o;
-            return getUsername().equals(u.getUsername());
-        }
-
-        return false;
-    }
-
-    public int hashCode() {
-        return getUsername().hashCode();
-    }
-
-    @Override
-    @SuppressWarnings({"CloneDoesntDeclareCloneNotSupportedException"})
-    public Object clone() {
-        User clone = (User) super.clone();
-        clone.setUsername(getUsername());
-        clone.setPassword(getPassword());
-        clone.setPasswordResetKey(getPasswordResetKey());
-        clone.setPasswordResetKeyTimestamp(getPasswordResetKeyTimestamp());
-        clone.setLastLoginTimestamp(getLastLoginTimestamp());
-        clone.setLockTimestamp(getLockTimestamp());
-        clone.setSessionTimeoutEnabled(isSessionTimeoutEnabled());
-        return clone;
-    }
-
-    public static void main(String[] args) {
-        String username = "s-ls";
-        if (!isValidUsername(username)) {
-            System.out.println("Not a valid username!");
-        } else {
-            System.out.println("Valid username.");
-        }
-    }
-
-    /* ===========
-       JSecurity Account implementations below here.
-       =========== */
-    public PrincipalCollection getPrincipals() {
-        //The realm name must match the name of the configured realm.
-        return new SimplePrincipalCollection(getId(), "DefaultRealm");
-    }
-
-    public Object getCredentials() {
-        return getPassword();
-    }
-
-    public boolean isCredentialsExpired() {
-        //if applications wanted to expire passwords after a certain amount of time, this method would calculate
-        //true or false based on the current time and a passwordLastUpdateTimestamp;
-
-        //this sample app doesn't use this feature, so just return false always:
-        return false;
-    }
-
-    public Collection<String> getRoles() {
-        return getRolenames();
-    }
-
-    public Collection<String> getStringPermissions() {
-        // This model uses object permissions, so this method isn't implemented
-        return null;
-    }
-
-    public Collection<Permission> getObjectPermissions() {
-        Set<Permission> permissions = new HashSet<Permission>();
-        for (Role role : getUserRoles()) {
-            permissions.addAll(role.getPermissions());
-        }
-        return permissions;
-    }
 }
 
 

Copied: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/SampleRealm.java (from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/DefaultRealm.java)
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/SampleRealm.java?p2=incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/SampleRealm.java&p1=incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/DefaultRealm.java&r1=749109&r2=749156&rev=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/DefaultRealm.java (original)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/SampleRealm.java Mon Mar  2 03:08:14 2009
@@ -18,15 +18,17 @@
  */
 package org.jsecurity.samples.sprhib.security;
 
-import org.jsecurity.authc.AuthenticationException;
-import org.jsecurity.authc.AuthenticationInfo;
-import org.jsecurity.authc.AuthenticationToken;
-import org.jsecurity.authc.UsernamePasswordToken;
+import org.jsecurity.authc.*;
+import org.jsecurity.authc.credential.Sha256CredentialsMatcher;
 import org.jsecurity.authz.AuthorizationInfo;
+import org.jsecurity.authz.SimpleAuthorizationInfo;
 import org.jsecurity.realm.AuthorizingRealm;
-import org.jsecurity.samples.sprhib.party.eis.UserDAO;
+import org.jsecurity.samples.sprhib.dao.UserDAO;
+import org.jsecurity.samples.sprhib.model.Role;
+import org.jsecurity.samples.sprhib.model.User;
 import org.jsecurity.subject.PrincipalCollection;
-import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
 
 /**
  * The Spring/Hibernate sample application's one and only configured JSecurity Realm.
@@ -35,39 +37,47 @@
  * in the implementation and named it a 'HibernateRealm' or something similar.</p>
  *
  * <p>But we've decided to make the calls to the database using a UserDAO, since a DAO would be used in other areas
- * of a 'real' application in addition to here. We felt it better to use that same DAO to show code re-use.
- * That is, in a real app, there is no need to duplicate Hibernate calls in the Realm implementation if you've already
- * got a User DAO (as most apps would).  So, we just use that UserDAO here.</p>
- *
- * @author Les Hazlewood
+ * of a 'real' application in addition to here. We felt it better to use that same DAO to show code re-use.</p>
  */
-public class DefaultRealm extends AuthorizingRealm implements InitializingBean {
+@Component
+public class SampleRealm extends AuthorizingRealm {
 
     protected UserDAO userDAO = null;
 
-    public DefaultRealm() {
+    public SampleRealm() {
         setName("DefaultRealm"); //This name must match the name in the User class's getPrincipals() method
+        setCredentialsMatcher(new Sha256CredentialsMatcher());
     }
 
+    @Autowired
     public void setUserDAO(UserDAO userDAO) {
         this.userDAO = userDAO;
     }
 
-    public void afterPropertiesSet() throws Exception {
-        if (this.userDAO == null) {
-            throw new IllegalStateException("UserDAO property was not injected.  Please check your Spring config.");
-        }
-    }
-
     protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
         UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
-        return userDAO.findUser(token.getUsername());
+        User user = userDAO.findUser(token.getUsername());
+        if( user != null ) {
+            return new SimpleAuthenticationInfo(user.getId(), user.getPassword(), getName());
+        } else {
+            return null;
+        }
     }
 
 
     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
         Long userId = (Long) principals.fromRealm(getName()).iterator().next();
-        return userDAO.getUser(userId);
+        User user = userDAO.getUser(userId);
+        if( user != null ) {
+            SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
+            for( Role role : user.getRoles() ) {
+                info.addRole(role.getName());
+                info.addStringPermissions( role.getPermissions() );
+            }
+            return info;
+        } else {
+            return null;
+        }
     }
 
 }

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/DefaultUserService.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/DefaultUserService.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/DefaultUserService.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/DefaultUserService.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,79 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.service;
+
+import org.jsecurity.SecurityUtils;
+import org.jsecurity.crypto.hash.Sha256Hash;
+import org.jsecurity.samples.sprhib.dao.UserDAO;
+import org.jsecurity.samples.sprhib.model.User;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.List;
+
+/**
+ * Default implementation of the {@link UserService} interface.  This service implements
+ * operations related to User data.
+ */
+@Transactional
+@Service("userService")
+public class DefaultUserService implements UserService {
+
+    private UserDAO userDAO;
+
+    @Autowired
+    public void setUserDAO(UserDAO userDAO) {
+        this.userDAO = userDAO;
+    }
+
+    public User getCurrentUser() {
+        final Long currentUserId = (Long) SecurityUtils.getSubject().getPrincipal();
+        if( currentUserId != null ) {
+            return getUser(currentUserId);
+        } else {
+            return null;
+        }
+    }
+
+    public void createUser(String username, String email, String password) {
+        User user = new User();
+        user.setUsername(username);
+        user.setEmail(email);
+        user.setPassword( new Sha256Hash(password).toHex() );
+        userDAO.createUser( user );
+    }
+
+    public List<User> getAllUsers() {
+        return userDAO.getAllUsers();
+    }
+
+    public User getUser(Long userId) {
+        return userDAO.getUser(userId);
+    }
+
+    public void deleteUser(Long userId) {
+        userDAO.deleteUser( userId );
+    }
+
+    public void updateUser(User user) {
+        userDAO.updateUser( user );
+    }
+
+}

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/UserService.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/UserService.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/UserService.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/UserService.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.service;
+
+import org.jsecurity.samples.sprhib.model.User;
+
+import java.util.List;
+
+/**
+ * A service interface for accessing and modifying user data in the system.
+ */
+public interface UserService {
+
+    User getCurrentUser();
+
+    void createUser(String username, String email, String password);
+
+    List<User> getAllUsers();
+
+    User getUser(Long userId);
+
+    void deleteUser(Long userId);
+
+    void updateUser(User user);
+}

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/CurrentUserInterceptor.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/CurrentUserInterceptor.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/CurrentUserInterceptor.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/CurrentUserInterceptor.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.jsecurity.samples.sprhib.model.User;
+import org.jsecurity.samples.sprhib.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * A Spring MVC interceptor that adds the currentUser into the request as a request attribute
+ * before the JSP is rendered.  This operation is assumed to be fast because the User should be
+ * cached in the Hibernate second-level cache.
+ */
+@Component
+public class CurrentUserInterceptor extends HandlerInterceptorAdapter {
+
+    private UserService userService;
+
+    @Autowired
+    public void setUserService(UserService userService) {
+        this.userService = userService;
+    }
+
+    @Override
+    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
+        // Add the current user into the request
+        User currentUser = userService.getCurrentUser();
+        if( currentUser != null ) {
+            httpServletRequest.setAttribute( "currentUser", currentUser );
+        }
+    }
+}

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserCommand.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserCommand.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserCommand.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserCommand.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,76 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.jsecurity.crypto.hash.Sha256Hash;
+import org.jsecurity.samples.sprhib.model.User;
+import org.springframework.util.Assert;
+import org.springframework.util.StringUtils;
+
+/**
+ * Command binding object for editing a user.
+ */
+public class EditUserCommand {
+
+    private Long userId;
+    private String username;
+    private String email;
+    private String password;
+
+    public Long getUserId() {
+        return userId;
+    }
+
+    public void setUserId(Long userId) {
+        this.userId = userId;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public void updateUser(User user) {
+        Assert.isTrue( userId.equals( user.getId() ), "User ID of command must match the user being updated." );
+        user.setUsername( getUsername() );
+        user.setEmail( getEmail() );
+        if( StringUtils.hasText(getPassword()) ) {
+            user.setPassword( new Sha256Hash(getPassword()).toHex() );
+        }
+    }
+}

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserValidator.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserValidator.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserValidator.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserValidator.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.jsecurity.util.StringUtils;
+import org.springframework.validation.Errors;
+import org.springframework.validation.ValidationUtils;
+import org.springframework.validation.Validator;
+
+import java.util.regex.Pattern;
+
+/**
+ * Validator when editing a user.
+ */
+public class EditUserValidator implements Validator {
+
+    private static final String SIMPLE_EMAIL_REGEX = "[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,4}";
+
+    public boolean supports(Class aClass) {
+        return EditUserCommand.class.isAssignableFrom(aClass);
+    }
+
+    public void validate(Object o, Errors errors) {
+        EditUserCommand command = (EditUserCommand)o;
+        ValidationUtils.rejectIfEmptyOrWhitespace(errors, "username", "error.username.empty", "Please specify a username.");
+        ValidationUtils.rejectIfEmptyOrWhitespace(errors, "email", "error.email.empty", "Please specify an email address.");
+        if( StringUtils.hasText( command.getEmail() ) && !Pattern.matches( SIMPLE_EMAIL_REGEX, command.getEmail().toUpperCase() ) ) {
+            errors.rejectValue( "email", "error.email.invalid", "Please enter a valid email address." );
+        }
+    }
+
+}

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/HomeController.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/HomeController.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/HomeController.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/HomeController.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.jsecurity.samples.sprhib.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+/**
+ * Web controller used when loading the home page.
+ */
+@Controller
+public class HomeController {
+
+    private UserService userService;
+
+    @Autowired
+    public void setUserService(UserService userService) {
+        this.userService = userService;
+    }
+
+    @RequestMapping("/home")
+    public void viewHome(Model model) {
+        model.addAttribute( "users", userService.getAllUsers() );
+    }
+
+}

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginCommand.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginCommand.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginCommand.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginCommand.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,55 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+/**
+ * Command binding object for logging in.
+ */
+public class LoginCommand {
+
+    private String username;
+
+    private String password;
+
+    private boolean rememberMe;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public boolean isRememberMe() {
+        return rememberMe;
+    }
+
+    public void setRememberMe(boolean rememberMe) {
+        this.rememberMe = rememberMe;
+    }
+}

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginValidator.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginValidator.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginValidator.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginValidator.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.springframework.validation.Errors;
+import org.springframework.validation.ValidationUtils;
+import org.springframework.validation.Validator;
+
+/**
+ * Validator for login.
+ */
+public class LoginValidator implements Validator {
+    public boolean supports(Class aClass) {
+        return LoginCommand.class.isAssignableFrom(aClass);
+    }
+
+    public void validate(Object o, Errors errors) {
+        ValidationUtils.rejectIfEmptyOrWhitespace(errors, "username", "error.username.empty", "Please specify a username.");
+        ValidationUtils.rejectIfEmptyOrWhitespace(errors, "password", "error.password.empty", "Please specify a password.");
+    }
+}

Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/ManageUsersController.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/ManageUsersController.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/ManageUsersController.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/ManageUsersController.java Mon Mar  2 03:08:14 2009
@@ -0,0 +1,91 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.jsecurity.authz.annotation.RequiresPermissions;
+import org.jsecurity.samples.sprhib.model.User;
+import org.jsecurity.samples.sprhib.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.Assert;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+
+/**
+ * Web MVC controller that handles operations related to managing users, such as editing them and deleting them. 
+ */
+@Controller
+public class ManageUsersController {
+
+    private EditUserValidator editUserValidator = new EditUserValidator();
+
+    private UserService userService;
+
+    @Autowired
+    public void setUserService(UserService userService) {
+        this.userService = userService;
+    }
+
+    @RequestMapping("/manageUsers")
+    @RequiresPermissions("user:manage")
+    public void manageUsers(Model model) {
+        model.addAttribute("users", userService.getAllUsers());
+    }
+
+    @RequestMapping(value="/editUser",method= RequestMethod.GET)
+    @RequiresPermissions("user:edit")
+    public String showEditUserForm(Model model, @RequestParam Long userId, @ModelAttribute EditUserCommand command) {
+
+        User user = userService.getUser( userId );
+        command.setUserId(userId);
+        command.setUsername(user.getUsername());
+        command.setEmail(user.getEmail());
+        return "editUser";
+    }
+
+    @RequestMapping(value="/editUser",method= RequestMethod.POST)
+    @RequiresPermissions("user:edit")
+    public String editUser(Model model, @RequestParam Long userId, @ModelAttribute EditUserCommand command, BindingResult errors) {
+        editUserValidator.validate( command, errors );
+
+        if( errors.hasErrors() ) {
+            return "editUser";
+        }
+
+        User user = userService.getUser( userId );
+        command.updateUser( user );
+
+        userService.updateUser( user );
+
+        return "redirect:/s/manageUsers";
+    }
+
+    @RequestMapping("/deleteUser")
+    @RequiresPermissions("user:delete")
+    public String deleteUser(@RequestParam Long userId) {
+        Assert.isTrue( userId != 1, "Cannot delete admin user" );
+        userService.deleteUser( userId );
+        return "redirect:/s/manageUsers";
+    }
+
+}



Mime
View raw message