SEC-271: autoconfig work

sandbox/spring-security-config/.classpath

@@ -32,7 +32,7 @@
 	<classpathentry kind="var" path="M2_REPO/org/springframework/spring-core/2.0.4/spring-core-2.0.4.jar" sourcepath="/spring"/>
 	<classpathentry kind="var" path="M2_REPO/org/springframework/spring-support/2.0.4/spring-support-2.0.4.jar"/>
 	<classpathentry kind="var" path="M2_REPO/commons-logging/commons-logging/1.0.4/commons-logging-1.0.4.jar" sourcepath="M2_REPO/commons-logging/commons-logging/1.0.4/commons-logging-1.0.4-sources.jar"/>
-	<classpathentry kind="var" path="M2_REPO/org/springframework/spring-beans/2.0.4/spring-beans-2.0.4.jar"/>
+	<classpathentry kind="var" path="M2_REPO/org/springframework/spring-beans/2.0.4/spring-beans-2.0.4.jar" sourcepath="/spring"/>
 	<classpathentry kind="var" path="M2_REPO/jmock/jmock/1.0.1/jmock-1.0.1.jar" sourcepath="M2_REPO/jmock/jmock/1.0.1/jmock-1.0.1-sources.jar"/>
 	<classpathentry kind="var" path="M2_REPO/aopalliance/aopalliance/1.0/aopalliance-1.0.jar" sourcepath="M2_REPO/aopalliance/aopalliance/1.0/aopalliance-1.0-sources.jar"/>
 	<classpathentry kind="var" path="M2_REPO/commons-codec/commons-codec/1.3/commons-codec-1.3.jar" sourcepath="M2_REPO/commons-codec/commons-codec/1.3/commons-codec-1.3-sources.jar"/>

sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationRepositoryBeanDefinitionParser.java

@@ -70,13 +70,6 @@ public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDe
 			repositoryBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE,
 					new RuntimeBeanReference(userDetailsRef));
 		}
-		else {
-			// autodetect userDetailsService from App Context
-			RootBeanDefinition depConfigurer = new RootBeanDefinition(
-					AuthenticationRepositoryDependenciesConfigurer.class);
-			BeanDefinitionHolder holder = new BeanDefinitionHolder(depConfigurer, parserContext.getReaderContext().generateBeanName(depConfigurer));
-			registerBeanDefinition(holder, parserContext.getRegistry());
-		}
 		return repositoryBeanDef;
 	}
 

sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AutoConfigBeanDefinitionParser.java

@@ -0,0 +1,51 @@
+/**
+ * 
+ */
+package org.acegisecurity.config;
+
+import org.acegisecurity.context.HttpSessionContextIntegrationFilter;
+import org.acegisecurity.ui.logout.LogoutFilter;
+import org.springframework.beans.factory.config.BeanDefinition;
+import org.springframework.beans.factory.support.AbstractBeanDefinition;
+import org.springframework.beans.factory.support.RootBeanDefinition;
+import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
+import org.springframework.beans.factory.xml.BeanDefinitionParser;
+import org.springframework.beans.factory.xml.ParserContext;
+import org.w3c.dom.Element;
+
+/**
+ * Parses 'autoconfig' tag and creates all the required
+ * <code>BeanDefinition</code>s with their default configurations. It also
+ * resolves their dependencies and wire them together.
+ * 
+ * @author Vishal Puri
+ * 
+ */
+public class AutoConfigBeanDefinitionParser  implements BeanDefinitionParser {
+
+	public BeanDefinition parse(Element element, ParserContext parserContext) {
+		createAndRegisterBeanDefinitionForHttpSessionContextIntegrationFilter(parserContext);
+		createAndRegisterBeanDefinitionForLogoutFilter(parserContext);
+		
+		return null;
+	}
+
+	private void createAndRegisterBeanDefinitionForLogoutFilter(ParserContext parserContext) {
+		RootBeanDefinition defintion =LogoutFilterBeanDefinitionParser.doCreateBeanDefinitionWithDefaults();
+		registerBeanDefinition(parserContext, defintion);
+	}
+
+	private void createAndRegisterBeanDefinitionForHttpSessionContextIntegrationFilter(ParserContext parserContext) {
+		RootBeanDefinition defintion = ContextIntegrationBeanDefinitionParser.doCreateBeanDefinitionWithDefaults();
+		registerBeanDefinition(parserContext, defintion);
+	}
+
+	/**
+	 * @param parserContext
+	 * @param defintion
+	 */
+	private void registerBeanDefinition(ParserContext parserContext, RootBeanDefinition defintion) {
+		parserContext.getRegistry().registerBeanDefinition(parserContext.getReaderContext().generateBeanName(defintion), defintion);
+	}
+
+}

sandbox/spring-security-config/src/main/java/org/acegisecurity/config/ContextIntegrationBeanDefinitionParser.java

@@ -4,7 +4,9 @@
 package org.acegisecurity.config;
 
 import org.acegisecurity.context.HttpSessionContextIntegrationFilter;
+import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.beans.factory.support.BeanDefinitionBuilder;
+import org.springframework.beans.factory.support.RootBeanDefinition;
 import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser;
 import org.springframework.beans.factory.xml.ParserContext;
 import org.springframework.core.Conventions;
@@ -20,12 +22,10 @@ import org.w3c.dom.NamedNodeMap;
  * 
  */
 public class ContextIntegrationBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
-	
+
 	private static final String HTTP_SESSION_CONTEXT_INTEGRATION = "session-context-integration";
-	
+
 	private static final String SESSION_CREATION = "sessionCreation";
-	
-	
 
 	private static final String IF_REQUIRED = "ifRequired";
 
@@ -33,46 +33,55 @@ public class ContextIntegrationBeanDefinitionParser extends AbstractSingleBeanDe
 
 	private static final String NEVER = "never";
 
-	
-	
+	private static final String ALLOW_SESSION_CREATION = "allowSessionCreation";
+
+	private BeanDefinitionBuilder builder;
+
 	protected Class getBeanClass(Element element) {
 		return HttpSessionContextIntegrationFilter.class;
 	}
-	
-	
 
 	protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
-		
+
 		NamedNodeMap attributes = element.getAttributes();
-		
+
 		for (int x = 0; x < attributes.getLength(); x++) {
 			Attr attribute = (Attr) attributes.item(x);
 			String attributeName = attribute.getLocalName();
-			if ( !ID_ATTRIBUTE.equals(attributeName)) {
+			if (!ID_ATTRIBUTE.equals(attributeName)) {
 				if (attributeName.equals(SESSION_CREATION)) {
 					String sessionCreation = element.getAttribute(SESSION_CREATION);
-					
-					if(sessionCreation.equals(IF_REQUIRED)) {
-						builder.addPropertyValue("allowSessionCreation", Boolean.TRUE);
-					}
-					
-					if(sessionCreation.equals(ALWAYS)) {
-						builder.addPropertyValue("allowSessionCreation", Boolean.TRUE);
-					}
-					
-					if(sessionCreation.equals(NEVER)) {
-						builder.addPropertyValue("allowSessionCreation", Boolean.FALSE);
-					}
+					createBeanDefinition(builder, sessionCreation);
 				}
-				else{			
+				else {
 					String propertyName = Conventions.attributeNameToPropertyName(attributeName);
-					Assert.state(StringUtils.hasText(propertyName),
-							"Illegal property name returned from 'extractPropertyName(String)': cannot be null or empty.");
-					builder.addPropertyValue(propertyName, attribute.getValue());			
+					Assert
+							.state(StringUtils.hasText(propertyName),
+									"Illegal property name returned from 'extractPropertyName(String)': cannot be null or empty.");
+					builder.addPropertyValue(propertyName, attribute.getValue());
 				}
 			}
-		}	
+		}
+	}
+
+	private void createBeanDefinition(BeanDefinitionBuilder builder, String attribute) {
+		if (attribute.equals(IF_REQUIRED)) {
+			builder.addPropertyValue(ALLOW_SESSION_CREATION, Boolean.TRUE);
+		}
+		else if (attribute.equals(ALWAYS)) {
+			builder.addPropertyValue(ALLOW_SESSION_CREATION, Boolean.TRUE);
+		}
+		else if (attribute.equals(NEVER)) {
+			builder.addPropertyValue(ALLOW_SESSION_CREATION, Boolean.FALSE);
+		}
+		else {
+			doCreateBeanDefinitionWithDefaults();
+		}
 	}
-}
 
-	
+	protected static RootBeanDefinition doCreateBeanDefinitionWithDefaults() {
+		RootBeanDefinition definition = new RootBeanDefinition(HttpSessionContextIntegrationFilter.class);
+		definition.getPropertyValues().addPropertyValue(ALLOW_SESSION_CREATION, Boolean.TRUE);
+		return definition;
+	}
+}

sandbox/spring-security-config/src/main/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParser.java

@@ -4,7 +4,11 @@
 package org.acegisecurity.config;
 
 import org.acegisecurity.ui.logout.LogoutFilter;
+import org.acegisecurity.ui.logout.SecurityContextLogoutHandler;
+import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
+import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.beans.factory.support.AbstractBeanDefinition;
+import org.springframework.beans.factory.support.ManagedList;
 import org.springframework.beans.factory.support.RootBeanDefinition;
 import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
 import org.springframework.beans.factory.xml.ParserContext;
@@ -23,6 +27,8 @@ public class LogoutFilterBeanDefinitionParser extends AbstractBeanDefinitionPars
 
 	private static final String LOGOUT_URL = "logoutUrl";
 
+	private static final String REDIRECT_AFTER_LOGOUT_URL_VALUE = "/";
+
 	// ~ Methods
 	// ================================================================================================
 
@@ -30,27 +36,45 @@ public class LogoutFilterBeanDefinitionParser extends AbstractBeanDefinitionPars
 
 		// add the properties
 		RootBeanDefinition definition = new RootBeanDefinition(LogoutFilter.class);
+		doCreateBeanDefinition(definition, element, parserContext, false);
+		return definition;
+	}
+
+	/**
+	 * 
+	 * @param definition
+	 * @param element
+	 * @param parserContext
+	 * @param isAutoconfig
+	 * @see {@link AutoConfigBeanDefinitionParser}
+	 */
+	private void doCreateBeanDefinition(RootBeanDefinition definition, Element element, ParserContext parserContext,
+			boolean isAutoconfig) {
+
 		setConstructorArgumentIfAvailable(0, element, REDIRECT_AFTER_LOGOUT_URL, "logoutSuccessUrl", definition);
-		
 		setPropertyIfAvailable(element, LOGOUT_URL, "filterProcessesUrl", definition);
-
+		/* TODO: Move this logic to LogoutFilter itlself */
 		// register BFPP to check if LogoutFilter does not have setHandlers
-		// populated, introspect app ctx for LogoutHandlers, using Ordered (if
+		// populated, introspect app ctx for LogoutHandlers, using Ordered
+		// (if
 		// present, otherwise assume Integer.MAX_VALUE)
 		RootBeanDefinition bfpp = new RootBeanDefinition(LogoutHandlerOrderResolver.class);
 		parserContext.getReaderContext().registerWithGeneratedName(bfpp);
 
-		return definition;
 	}
 
 	private void setConstructorArgumentIfAvailable(int index, Element element, String attribute, String property,
 			RootBeanDefinition definition) {
 		String propertyValue = element.getAttribute(attribute);
 		if (StringUtils.hasText(propertyValue)) {
-			definition.getConstructorArgumentValues().addIndexedArgumentValue(index, propertyValue);
+			addConstructorArgument(index, definition, propertyValue);
 		}
 	}
 
+	private void addConstructorArgument(int index, RootBeanDefinition definition, String propertyValue) {
+		definition.getConstructorArgumentValues().addIndexedArgumentValue(index, propertyValue);
+	}
+
 	private void setPropertyIfAvailable(Element element, String attribute, String property,
 			RootBeanDefinition definition) {
 		String propertyValue = element.getAttribute(attribute);
@@ -59,6 +83,26 @@ public class LogoutFilterBeanDefinitionParser extends AbstractBeanDefinitionPars
 		}
 	}
 
-	//
+	/**
+	 * Creates <code>BeanDefintion</code> as required by 'autoconfig' tag
+	 * 
+	 * @param definition The BeanDefinition for Logoutfilter
+	 * @param element
+	 * @param parserContext
+	 * @param isAutoconfig
+	 * @return definition
+	 */
+	protected static RootBeanDefinition doCreateBeanDefinitionWithDefaults() {
+		RootBeanDefinition definition = new RootBeanDefinition(LogoutFilter.class);
+		definition.getConstructorArgumentValues().addIndexedArgumentValue(0, REDIRECT_AFTER_LOGOUT_URL_VALUE);
+		// create BeanDefinitions for LogoutHandlers
+		// (TokenBasedRememberMeServices) and (SecuritycontextLogoutHandler)
+		ManagedList handlers = new ManagedList();
+		RootBeanDefinition rememberMeServices = RememberMeServicesBeanDefinitionParser.doCreateBeanDefintionWithDefaults();
+		handlers.add(rememberMeServices);
+		handlers.add(new RootBeanDefinition(SecurityContextLogoutHandler.class));
+		definition.getConstructorArgumentValues().addIndexedArgumentValue(1, handlers);
+		return definition;
+	}
 
 }

sandbox/spring-security-config/src/main/java/org/acegisecurity/config/PrincipalRepositoryBeanDefinitionParser.java

@@ -28,16 +28,17 @@ import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 
-/**   
+/**
  * @author vpuri
  * 
  */
 public class PrincipalRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser implements
 		BeanDefinitionParser {
-	
-	//	~ Static fields/initializers =====================================================================================
 
-    private static final Log logger = LogFactory.getLog(PrincipalRepositoryBeanDefinitionParser.class);
+	// ~ Static fields/initializers
+	// =====================================================================================
+
+	private static final Log logger = LogFactory.getLog(PrincipalRepositoryBeanDefinitionParser.class);
 
 	// ~ Instance fields
 	// ================================================================================================
@@ -76,15 +77,15 @@ public class PrincipalRepositoryBeanDefinitionParser extends AbstractBeanDefinit
 	private static final String GRANTED_AUTHORITY_REF = "granted-authority-ref";
 
 	private static final String AUTHORITY = "authority";
-	
-	private static final String AUTHORITY_BEAN_REF="authorityBeanRef";
+
+	private static final String AUTHORITY_BEAN_REF = "authorityBeanRef";
 
 	// ~ Method
 	// ================================================================================================
 	/**
 	 * 
 	 */
-	
+
 	protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
 		NodeList userDetailsServiceChildren = element.getChildNodes();
 		RootBeanDefinition userDetailsServiceDefinition = null;
@@ -95,7 +96,6 @@ public class PrincipalRepositoryBeanDefinitionParser extends AbstractBeanDefinit
 				Element ele = (Element) userDetailsService;
 				userDetailsServiceDefinition = parseUserDetailsServiceJdbcDefinition(ele);
 				userDetailsServiceDefinition.setSource(parserContext.extractSource(element));
-				parserContext.getReaderContext().registerWithGeneratedName(userDetailsServiceDefinition);
 			}
 			if (PROPERTIES.equals(userDetailsService.getLocalName())
 					&& userDetailsService.getNodeType() == Node.ELEMENT_NODE) {
@@ -105,7 +105,6 @@ public class PrincipalRepositoryBeanDefinitionParser extends AbstractBeanDefinit
 				userDetailsServiceDefinition.getPropertyValues().addPropertyValue(USER_PROPERTIES,
 						new RuntimeBeanReference(createPropertiesBeanDefinition(ele, parserContext)));
 				userDetailsServiceDefinition.setSource(parserContext.extractSource(element));
-				parserContext.getReaderContext().registerWithGeneratedName(userDetailsServiceDefinition);
 			}
 			if (USER_DEFINITION.equals(userDetailsService.getLocalName())
 					&& userDetailsService.getNodeType() == Node.ELEMENT_NODE) {
@@ -133,7 +132,6 @@ public class PrincipalRepositoryBeanDefinitionParser extends AbstractBeanDefinit
 		userMap.addUser(user);
 		definition.getPropertyValues().addPropertyValue("userMap", userMap);
 		return definition;
-
 	}
 
 	private String createPropertiesBeanDefinition(Element ele, ParserContext parserContext) {

sandbox/spring-security-config/src/main/java/org/acegisecurity/config/RememberMeFilterBeanDefinitionParser.java

@@ -41,9 +41,4 @@ public class RememberMeFilterBeanDefinitionParser extends AbstractBeanDefinition
 		} 
 		return rememberMeFilterBeanDef;
 	}
-	
-	
-	
-	
-
 }

sandbox/spring-security-config/src/main/java/org/acegisecurity/config/RememberMeServicesBeanDefinitionParser.java

@@ -15,41 +15,67 @@ import org.springframework.util.StringUtils;
 import org.w3c.dom.Element;
 
 /**
- * Parses 
+ * Parses
  * @author vpuri
- *
+ * 
  */
 public class RememberMeServicesBeanDefinitionParser extends AbstractBeanDefinitionParser implements
 		BeanDefinitionParser {
-	
+
 	private static final String PRINCIPAL_REPOSITORY_BEAN_REF = "principalRepositoryBeanRef";
-	
+
 	private static final String USER_DETAILS_SERVICE_PROPERTY = "userDetailsService";
-	
+
 	/*
-	 * key is optional; if unspecified, pick a rnd int and use for all unspecified key properties for acegi beans
+	 * key is optional; if unspecified, pick a rnd int and use for all
+	 * unspecified key properties for acegi beans
 	 */
 	private static final String KEY = "key";
 
 	protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
-		Assert.notNull(parserContext, "ParserContext must not be null");		
-		
+		RootBeanDefinition rememberMeServicesBeanDef = createBeanDefinition(element, parserContext);
+		return rememberMeServicesBeanDef;
+	}
+
+	private  RootBeanDefinition createBeanDefinition(Element element, ParserContext parserContext) {
+		Assert.notNull(parserContext, "ParserContext must not be null");
+
 		RootBeanDefinition rememberMeServicesBeanDef = new RootBeanDefinition(TokenBasedRememberMeServices.class);
-		
-		String keyValue = element.getAttribute(KEY);
-		if (StringUtils.hasLength(keyValue)) {
-			rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(KEY,keyValue);
-		}  else {
-			// pick a rnd int
+
+		String keyValue = "";
+		String rememberMeServicesRef = "";
+
+		if (element != null) {
+			keyValue = element.getAttribute(KEY);
+
+			if (StringUtils.hasLength(keyValue)) {
+				rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(KEY, keyValue);
+			}
+			else {
+				/*
+				 * TODO: pick a rnd int and apply it whenver required in
+				 * applicationcontext
+				 */
+				
+			}
+
+			// check if rememberMeServicesBeanRef is defined and if it's
+			// specified
+			// use its referred bean
+			rememberMeServicesRef = element.getAttribute(PRINCIPAL_REPOSITORY_BEAN_REF);
+			if (StringUtils.hasLength(rememberMeServicesRef)) {
+				rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE_PROPERTY,
+						new RuntimeBeanReference(rememberMeServicesRef));
+			}
 		}
-		
-		//	 check if rememberMeServicesBeanRef is defined and if it's specified use its referred bean
-		String rememberMeServicesRef = element.getAttribute(PRINCIPAL_REPOSITORY_BEAN_REF);
-		if (StringUtils.hasLength(rememberMeServicesRef)) {
-			rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE_PROPERTY,
-					new RuntimeBeanReference(rememberMeServicesRef));
-		}  
+
 		return rememberMeServicesBeanDef;
 	}
+	
+	protected static RootBeanDefinition doCreateBeanDefintionWithDefaults(){
+		RootBeanDefinition definition = new RootBeanDefinition(TokenBasedRememberMeServices.class);
+		definition.getPropertyValues().addPropertyValue(KEY, "key");
+		return definition;
+	}
 
 }

sandbox/spring-security-config/src/main/java/org/acegisecurity/config/SecurityAutoDetectNamepsaceHandler.java

@@ -0,0 +1,21 @@
+/**
+ * 
+ */
+package org.acegisecurity.config;
+
+import org.springframework.beans.factory.xml.NamespaceHandlerSupport;
+
+/**
+ * @author Vishal Puri
+ *
+ */
+public class SecurityAutoDetectNamepsaceHandler extends NamespaceHandlerSupport {
+
+	/* (non-Javadoc)
+	 * @see org.springframework.beans.factory.xml.NamespaceHandler#init()
+	 */
+	public void init() {
+		registerBeanDefinitionParser("autoconfig", new AutoConfigBeanDefinitionParser());
+	}
+
+}

sandbox/spring-security-config/src/main/java/org/acegisecurity/config/SecurityNamespaceHandler.java

@@ -28,6 +28,7 @@ public class SecurityNamespaceHandler extends NamespaceHandlerSupport {
 		registerBeanDefinitionParser("logout-support", new LogoutFilterBeanDefinitionParser());
 		registerBeanDefinitionParser("exception-translation", new ExceptionTranslationFilterBeanDefinitionParser());
 		registerBeanDefinitionParser("authentication-form", new AuthenticationProcessingFilterBeanDefinitionParser());
+		registerBeanDefinitionParser("autoconfig", new AutoConfigBeanDefinitionParser());
 	}
 
 }

sandbox/spring-security-config/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd

@@ -4,7 +4,10 @@
 	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
 	targetNamespace="http://www.springframework.org/schema/security"
 	elementFormDefault="qualified" attributeFormDefault="unqualified">
-
+	
+	
+	<xsd:element name="autoconfig"/>
+	
 	<xsd:element name="session-context-integration">
 		<xsd:complexType>
 			<xsd:attribute name="id" type="xsd:ID">

sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AutoConfigBeanDefinitionParserTests.java

@@ -0,0 +1,35 @@
+/**
+ * 
+ */
+package org.acegisecurity.config;
+
+import javax.servlet.Filter;
+
+import junit.framework.TestCase;
+
+import org.acegisecurity.context.HttpSessionContextIntegrationFilter;
+import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.support.ClassPathXmlApplicationContext;
+
+/**
+ * @author Vishal Puri
+ * 
+ */
+public class AutoConfigBeanDefinitionParserTests extends TestCase {
+
+	public void testContextBeanDefinitionCreated() {
+		ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/auto-config.xml");
+		ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory();
+		String[] names = bf.getBeanNamesForType(HttpSessionContextIntegrationFilter.class);
+		assertEquals(1, names.length);
+		HttpSessionContextIntegrationFilter filter = (HttpSessionContextIntegrationFilter) bf.getBean(names[0]);
+		//	check properties
+		//get the bean
+		assertTrue(filter.isAllowSessionCreation());
+		assertFalse(filter.isForceEagerSessionCreation());
+		assertFalse(filter.isCloneFromHttpSession());
+	}
+	
+	
+}

sandbox/spring-security-config/src/test/java/org/acegisecurity/config/PrincipalRepositoryNamespaceTests.java

@@ -1,7 +1,4 @@
-/**
- * 
- */
-package org.acegisecurity.config;
+ package org.acegisecurity.config;
 
 import junit.framework.TestCase;
 

sandbox/spring-security-config/src/test/resources/log4j.properties

@@ -9,4 +9,4 @@ log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
 log4j.appender.stdout.layout.ConversionPattern=%d %p %c - %m%n
 
 log4j.category.org.acegisecurity=DEBUG
-log4j.category.org.springframework=DEBUG
+log4j.category.org.springframework=INFO

sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/applicationContext-acegi-security.xml

@@ -3,9 +3,7 @@
 <beans xmlns="http://www.springframework.org/schema/beans"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xmlns:security="http://www.springframework.org/schema/security"
-	xmlns:util="http://www.springframework.org/schema/util"
 	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd 
-	http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
 	http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
 
 	<!--

sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-basic-filter.xml

@@ -3,10 +3,8 @@
 <beans xmlns="http://www.springframework.org/schema/beans"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xmlns:security="http://www.springframework.org/schema/security"
-	xmlns:util="http://www.springframework.org/schema/util"
 	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd 
-	http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
-http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
+ http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
 
 	<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
 	<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->

sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/auto-config.xml

@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd 
+http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
+
+	<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
+	<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
+
+	<!-- 
+		<security:autodetect>
+		really behind the scenes will create an annotations-based
+		MethodSecurityInterceptor with the MethodDefinitionSourceAdvisor that
+		automatically detects annotated interfaces. So basically edit the
+		Clinic interface and pop @Secured("ROLE_SUPERVISOR") onto the storeVisit
+		method, re-run the app, and prove to the users that only users with
+		ROLE_SUPERVISOR in their properties file are now able to store a visit
+		to the clinic.
+	-->
+	<security:autoconfig/>
+	<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
+	<security:principal-repository id="userDetailsService">
+		<security:properties
+			resource="classpath:org/acegisecurity/config/user.properties" />
+	</security:principal-repository>
+
+	<!--<bean id="methodSecurityInterceptor" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
+		<property name="authenticationManager"><ref bean="authenticationManager"/></property>
+		<property name="accessDecisionManager">
+		<bean class="org.acegisecurity.vote.AffirmativeBased">
+		<property name="allowIfAllAbstainDecisions" value="false"/>
+		<property name="decisionVoters">
+		<list>
+		<bean class="org.acegisecurity.vote.RoleVoter"/>
+		<bean class="org.acegisecurity.vote.AuthenticatedVoter"/>
+		</list>
+		</property>
+		</bean>
+		</property>
+		<property name="objectDefinitionSource">
+		<value>
+		org.springframework.samples.petclinic.Clinic.*=IS_AUTHENTICATED_REMEMBERED
+		org.springframework.samples.petclinic.Clinic.storeVisit=ROLE_SUPERVISOR
+		</value>
+		</property>
+		</bean>
+	-->
+</beans>