18 năm trước cách đây · 0b0b174eda
--- a/core/src/main/java/org/springframework/security/config/AuthenticationProviderBeanDefinitionParser.java
+++ b/core/src/main/java/org/springframework/security/config/AuthenticationProviderBeanDefinitionParser.java
@@ -1,11 +1,8 @@
 
				 package org.springframework.security.config;
			
 
				 
			
 
				 import org.springframework.beans.factory.config.BeanDefinition;
			
 
				-import org.springframework.beans.factory.support.RootBeanDefinition;
			
 
				 import org.springframework.beans.factory.xml.BeanDefinitionParser;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
 
				-import org.springframework.security.providers.dao.DaoAuthenticationProvider;
			
 
				-import org.springframework.util.xml.DomUtils;
			
 
				 import org.w3c.dom.Element;
			
 
				 
			
 
				 /**
			
@@ -15,23 +12,7 @@ import org.w3c.dom.Element;
 
				 class AuthenticationProviderBeanDefinitionParser implements BeanDefinitionParser {
			
 
				 
			
 
				     public BeanDefinition parse(Element element, ParserContext parserContext) {
			
 
				-        ConfigUtils.registerProviderManagerIfNecessary(parserContext);
			
 
				-
			
 
				-        RootBeanDefinition authProvider;
			
 
				-
			
 
				         // TODO: Proper implementation
			
 
				-        Element userServiceElt = DomUtils.getChildElementByTagName(element, "user-service");
			
 
				-
			
 
				-        if (userServiceElt != null) {
			
 
				-            authProvider = new RootBeanDefinition(DaoAuthenticationProvider.class);
			
 
				-            BeanDefinition userDetailsService = new UserServiceBeanDefinitionParser().parse(userServiceElt, parserContext);
			
 
				-            authProvider.getPropertyValues().addPropertyValue("userDetailsService", userDetailsService);
			
 
				-        } else {
			
 
				-            throw new IllegalArgumentException("Only support user-service provider at the moment.");
			
 
				-        }
			
 
				-
			
 
				-        ConfigUtils.getRegisteredProviders(parserContext).add(authProvider);
			
 
				-
			
 
				         return null;
			
 
				     }
			
 
				 }
			
--- a/core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java
+++ b/core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java
@@ -14,7 +14,8 @@ public class SecurityNamespaceHandler extends NamespaceHandlerSupport {
 
				         registerBeanDefinitionParser("ldap", new LdapBeanDefinitionParser());
			
 
				         registerBeanDefinitionParser("http", new HttpSecurityBeanDefinitionParser());
			
 
				         registerBeanDefinitionParser("user-service", new UserServiceBeanDefinitionParser());
			
 
				-        registerBeanDefinitionParser("authentication-provider", new AuthenticationProviderBeanDefinitionParser());
			
 
				+        registerBeanDefinitionParser("repository", new RepositoryBeanDefinitionParser());
			
 
				+        //registerBeanDefinitionParser("authentication-provider", new AuthenticationProviderBeanDefinitionParser());
			
 
				         registerBeanDefinitionDecorator("intercept-methods", new InterceptMethodsBeanDefinitionDecorator());
			
 
				         registerBeanDefinitionDecorator("filter-chain-map", new FilterChainMapBeanDefinitionDecorator());        
			
 
				     }
			
--- a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
+++ b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
@@ -6,7 +6,7 @@ datatypes xsd = "http://www.w3.org/2001/XMLSchema-datatypes"
 
				 
			
 
				 default namespace = "http://www.springframework.org/schema/security"
			
 
				 
			
 
				-start = http | ldap
			
 
				+start = http | ldap | repository
			
 
				 
			
 
				 # targetNamespace="http://www.springframework.org/schema/security"
			
 
				 
			
@@ -156,12 +156,14 @@ anonymous.attlist &=
 
				 	## The granted authority that should be assigned to the anonymous request. Commonly this is used to assign the anonymous request particular roles, which can subsequently be used in authorization decisions.
			
 
				     [ a:defaultValue = "ROLE_ANONYMOUS" ] attribute grantedAuthority {xsd:string}?
			
 
				 
			
 
				-authentication-provider =
			
 
				-    element authentication-provider {authentication-provider.attlist, (user-service | jdbc-user-service)}
			
 
				-authentication-provider.attlist &= empty
			
 
				+repository =
			
 
				+     element repository {repository.attlist, (user-service | jdbc-user-service | custom-user-service)}
			
 
				+repository.attlist &=
			
 
				+	## Indicates the repository should have an authentication provider created. If unspecified, defaults to true.
			
 
				+    attribute createProvider {"true" | "false"}?
			
 
				 
			
 
				 user-service =
			
 
				-    element user-service {user-service.attlist, (user* | jdbc-user-service)}
			
 
				+    element user-service {user-service.attlist, (user*)}
			
 
				 user-service.attlist &=
			
 
				     attribute properties {xsd:string}*
			
 
				 
			
@@ -175,6 +177,15 @@ user.attlist &=
 
				     attribute authorities {xsd:string}
			
 
				 
			
 
				 jdbc-user-service =
			
 
				-    element jdbc-user-service {jdbc-users.attlist, empty}
			
 
				-jdbc-users.attlist &= empty
			
 
				+	## Causes creation of a JDBC-based UserDetailsService.
			
 
				+    element jdbc-user-service {jdbc-user-service.attlist}
			
 
				+jdbc-user-service.attlist &=
			
 
				+	## The bean ID of the DataSource which provides the required tables.
			
 
				+    attribute dataSource {xsd:string}
			
 
				+
			
 
				+custom-user-service =
			
 
				+    element custom-user-service {custom-user-service.attlist}
			
 
				+custom-user-service.attlist &=
			
 
				+	## The bean ID of your custom UserDetailsService implementation.
			
 
				+    attribute id {xsd:string}
			
 
				 
			
--- a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
+++ b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
@@ -317,20 +317,34 @@
 
				       </xs:annotation>
			
 
				     </xs:attribute>
			
 
				   </xs:attributeGroup>
			
 
				-  <xs:element name="authentication-provider">
			
 
				+  <xs:element name="repository">
			
 
				     <xs:complexType>
			
 
				       <xs:choice>
			
 
				         <xs:element ref="security:user-service"/>
			
 
				         <xs:element ref="security:jdbc-user-service"/>
			
 
				+        <xs:element ref="security:custom-user-service"/>
			
 
				       </xs:choice>
			
 
				+      <xs:attributeGroup ref="security:repository.attlist"/>
			
 
				     </xs:complexType>
			
 
				   </xs:element>
			
 
				+  <xs:attributeGroup name="repository.attlist">
			
 
				+    <xs:attribute name="createProvider">
			
 
				+      <xs:annotation>
			
 
				+        <xs:documentation>Indicates the repository should have an authentication provider created. If unspecified, defaults to true.</xs:documentation>
			
 
				+      </xs:annotation>
			
 
				+      <xs:simpleType>
			
 
				+        <xs:restriction base="xs:token">
			
 
				+          <xs:enumeration value="true"/>
			
 
				+          <xs:enumeration value="false"/>
			
 
				+        </xs:restriction>
			
 
				+      </xs:simpleType>
			
 
				+    </xs:attribute>
			
 
				+  </xs:attributeGroup>
			
 
				   <xs:element name="user-service">
			
 
				     <xs:complexType>
			
 
				-      <xs:choice>
			
 
				+      <xs:sequence>
			
 
				         <xs:element minOccurs="0" maxOccurs="unbounded" ref="security:user"/>
			
 
				-        <xs:element ref="security:jdbc-user-service"/>
			
 
				-      </xs:choice>
			
 
				+      </xs:sequence>
			
 
				       <xs:attributeGroup ref="security:user-service.attlist"/>
			
 
				     </xs:complexType>
			
 
				   </xs:element>
			
@@ -348,6 +362,30 @@
 
				     <xs:attribute name="authorities" use="required" type="xs:string"/>
			
 
				   </xs:attributeGroup>
			
 
				   <xs:element name="jdbc-user-service">
			
 
				-    <xs:complexType/>
			
 
				+    <xs:annotation>
			
 
				+      <xs:documentation>Causes creation of a JDBC-based UserDetailsService.</xs:documentation>
			
 
				+    </xs:annotation>
			
 
				+    <xs:complexType>
			
 
				+      <xs:attributeGroup ref="security:jdbc-user-service.attlist"/>
			
 
				+    </xs:complexType>
			
 
				   </xs:element>
			
 
				+  <xs:attributeGroup name="jdbc-user-service.attlist">
			
 
				+    <xs:attribute name="dataSource" use="required" type="xs:string">
			
 
				+      <xs:annotation>
			
 
				+        <xs:documentation>The bean ID of the DataSource which provides the required tables.</xs:documentation>
			
 
				+      </xs:annotation>
			
 
				+    </xs:attribute>
			
 
				+  </xs:attributeGroup>
			
 
				+  <xs:element name="custom-user-service">
			
 
				+    <xs:complexType>
			
 
				+      <xs:attributeGroup ref="security:custom-user-service.attlist"/>
			
 
				+    </xs:complexType>
			
 
				+  </xs:element>
			
 
				+  <xs:attributeGroup name="custom-user-service.attlist">
			
 
				+    <xs:attribute name="id" use="required" type="xs:string">
			
 
				+      <xs:annotation>
			
 
				+        <xs:documentation>The bean ID of your custom UserDetailsService implementation.</xs:documentation>
			
 
				+      </xs:annotation>
			
 
				+    </xs:attribute>
			
 
				+  </xs:attributeGroup>
			
 
				 </xs:schema>
			
--- a/core/src/test/resources/org/springframework/security/config/http-security.xml
+++ b/core/src/test/resources/org/springframework/security/config/http-security.xml
@@ -25,12 +25,12 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
 
				         <remember-me key="doesntmatter" tokenRepository="tokenRepo"/>
			
 
				     </http>
			
 
				 
			
 
				-    <authentication-provider>
			
 
				+    <repository>
			
 
				         <user-service>
			
 
				             <user name="bob" password="bobspassword" authorities="ROLE_A,ROLE_B" />
			
 
				             <user name="bill" password="billspassword" authorities="ROLE_A,ROLE_B,AUTH_OTHER" />
			
 
				         </user-service>
			
 
				-    </authentication-provider>
			
 
				+    </repository>
			
 
				 
			
 
				     <beans:bean name="tokenRepo" class="org.springframework.security.ui.rememberme.InMemoryTokenRepositoryImpl"/>
			
 
				 
			
--- a/core/src/test/resources/org/springframework/security/config/method-security.xml
+++ b/core/src/test/resources/org/springframework/security/config/method-security.xml
@@ -16,11 +16,11 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
 
				         </intercept-methods>
			
 
				     </b:bean>
			
 
				 
			
 
				-    <authentication-provider>
			
 
				+    <repository>
			
 
				         <user-service>
			
 
				             <user name="bob" password="bobspassword" authorities="ROLE_A,ROLE_B" />
			
 
				             <user name="bill" password="billspassword" authorities="ROLE_A,ROLE_B,AUTH_OTHER" />
			
 
				         </user-service>
			
 
				-    </authentication-provider>
			
 
				+    </repository>
			
 
				 
			
 
				 </b:beans>
			
--- a/samples/tutorial/src/main/webapp/WEB-INF/applicationContext-security-ns.xml
+++ b/samples/tutorial/src/main/webapp/WEB-INF/applicationContext-security-ns.xml
@@ -23,16 +23,18 @@
 
				         <logout />

			
 
				         <concurrent-session-control maxSessions="1" exceptionIfMaximumExceeded="true"/>

			
 
				 

			
 
				-        <remember-me key="doesntmatter" tokenRepository="tokenRepo"/>

			
 
				+        <remember-me key="doesntmatter"/>

			
 
				     </http>

			
 
				- 

			
 
				+ <!--

			
 
				     <beans:bean name="tokenRepo" class="org.springframework.security.ui.rememberme.InMemoryTokenRepositoryImpl"/>

			
 
				-

			
 
				-    <authentication-provider>

			
 
				-        <user-service>

			
 
				-            <user name="bob" password="bobspassword" authorities="ROLE_SUPERVISOR" />

			
 
				-            <user name="bill" password="billspassword" authorities="ROLE_A,ROLE_B" />

			
 
				-        </user-service>

			
 
				-    </authentication-provider>

			
 
				+-->
			
 
				+	<repository>
			
 
				+	    <user-service>
			
 
				+	        <user name="bob" password="bobspassword" authorities="ROLE_SUPERVISOR" />
			
 
				+	        <user name="bill" password="billspassword" authorities="ROLE_A,ROLE_B" />
			
 
				+	    </user-service>
			
 
				+	</repository>
			
 
				+
			
 
				+	
			
 
				 

			
 
				 </beans:beans>