首页 发现 帮助
注册 登录
github
/
spring-security
镜像自地址 https://github.com/spring-projects/spring-security
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

Added 'heavyduty' sample to sandbox for testing

Luke Taylor 17 年之前
父节点
01185475a1
当前提交
c184d2d8c5
共有 41 个文件被更改,包括 1592 次插入0 次删除
分列视图 显示文件统计
  1. 10 0
      sandbox/heavyduty/certificates/Readme.txt
  2. 22 0
      sandbox/heavyduty/certificates/ca.pem
  3. 二进制
      sandbox/heavyduty/certificates/dianne.p12
  4. 二进制
      sandbox/heavyduty/certificates/rod.p12
  5. 二进制
      sandbox/heavyduty/certificates/scott.p12
  6. 二进制
      sandbox/heavyduty/certificates/server.jks
  7. 166 0
      sandbox/heavyduty/pom.xml
  8. 51 0
      sandbox/heavyduty/src/main/java/bigbank/Account.java
  9. 7 0
      sandbox/heavyduty/src/main/java/bigbank/BankDao.java
  10. 32 0
      sandbox/heavyduty/src/main/java/bigbank/BankDaoStub.java
  11. 15 0
      sandbox/heavyduty/src/main/java/bigbank/BankService.java
  12. 40 0
      sandbox/heavyduty/src/main/java/bigbank/BankServiceImpl.java
  13. 21 0
      sandbox/heavyduty/src/main/java/bigbank/SeedData.java
  14. 34 0
      sandbox/heavyduty/src/main/java/bigbank/web/ListAccounts.java
  15. 39 0
      sandbox/heavyduty/src/main/java/bigbank/web/PostAccounts.java
  16. 11 0
      sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java
  17. 9 0
      sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java
  18. 46 0
      sandbox/heavyduty/src/main/java/sample/dao/GenericDAO.java
  19. 13 0
      sandbox/heavyduty/src/main/java/sample/dao/UserDAO.java
  20. 126 0
      sandbox/heavyduty/src/main/java/sample/dao/impl/GenericDAOImpl.java
  21. 27 0
      sandbox/heavyduty/src/main/java/sample/dao/impl/UserDAOImpl.java
  22. 106 0
      sandbox/heavyduty/src/main/java/sample/domain/User.java
  23. 16 0
      sandbox/heavyduty/src/main/java/sample/service/UserService.java
  24. 68 0
      sandbox/heavyduty/src/main/java/sample/service/impl/UserServiceImpl.java
  25. 24 0
      sandbox/heavyduty/src/main/resources/applicationContext-business.xml
  26. 2 0
      sandbox/heavyduty/src/main/webapp/META-INF/MANIFEST.MF
  27. 51 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-misc.xml
  28. 59 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-persistence.xml
  29. 82 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml
  30. 161 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
  31. 20 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/bank-servlet.xml
  32. 24 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/classes/META-INF/persistence.xml
  33. 8 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/classes/jdbc.properties
  34. 18 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/classes/log4j.properties
  35. 60 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/classes/users.ldif
  36. 27 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/jsp/listAccounts.jsp
  37. 81 0
      sandbox/heavyduty/src/main/webapp/WEB-INF/web.xml
  38. 18 0
      sandbox/heavyduty/src/main/webapp/index.jsp
  39. 47 0
      sandbox/heavyduty/src/main/webapp/login.jsp
  40. 15 0
      sandbox/heavyduty/src/main/webapp/secure/extreme/index.jsp
  41. 36 0
      sandbox/heavyduty/src/main/webapp/secure/index.jsp

+ 10 - 0
sandbox/heavyduty/certificates/Readme.txt
查看文件 

@@ -0,0 +1,10 @@
 
+This directory contains certificates and keys for use with SSL in the sample applications. Certificates are issued by
 
+our "Spring Security Test CA" certificate authority.
 
+
 
+ca.pem     - the certificate authority's certificate.
 
+server.jks - Java keystore containing the server certificate and privatekey. It Also contains the certificate authority
 
+             file and this is used as both keystore and truststore for they jetty server when running the samples with
 
+             the maven jetty plugin ("mvn jetty:run").
 
+
 
+rod.p12, dianne.p12, scott.p12 are all certificate/key combinations for client authentication and can be installed in
 
+your browser if you want to try out support for X.509 authentication.

+ 22 - 0
sandbox/heavyduty/certificates/ca.pem
查看文件 

@@ -0,0 +1,22 @@
 
+-----BEGIN CERTIFICATE-----

+MIIDojCCAoqgAwIBAgIEMKX1dzANBgkqhkiG9w0BAQUFADCBiTELMAkGA1UEBhMC

+R0IxETAPBgNVBAgTCFNjb3RsYW5kMRAwDgYDVQQHEwdHbGFzZ293MRkwFwYDVQQK

+ExBTcHJpbmcgRnJhbWV3b3JrMRgwFgYDVQQLEw9TcHJpbmcgU2VjdXJpdHkxIDAe

+BgNVBAMTF1NwcmluZyBTZWN1cml0eSBUZXN0IENBMB4XDTA4MDEyNTExMTIyMVoX

+DTE4MDIyNTAwMDAwMFowgYkxCzAJBgNVBAYTAkdCMREwDwYDVQQIEwhTY290bGFu

+ZDEQMA4GA1UEBxMHR2xhc2dvdzEZMBcGA1UEChMQU3ByaW5nIEZyYW1ld29yazEY

+MBYGA1UECxMPU3ByaW5nIFNlY3VyaXR5MSAwHgYDVQQDExdTcHJpbmcgU2VjdXJp

+dHkgVGVzdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALzl/wEe

+snYrwqaGZuB8hmwACtptazh1+eXCfd66FkioxlLF7yTnjCC7DT+vmMgSuThIEIsN

+xlxLpEgyU3bU8GIuR8wyYIyvuSMcptdFJLV7NKYuRycxpDuqimTM7Br0nfNgKVEv

+1QwguGWr6YN3aZ68/xe/D5xyPhakKu++7VFXIXw9f0+nqojdrFTqQ6l9GAVRgfX6

+h4JOaV1VFx83y2pnFj0iFneVxRcvXyWnyXlcOvJDIyVuyS/hYxb+E5rtBvp5XQ0o

+5CP4OMwCZGx/jEqlL8oO7BwEgu9aEBxKvoIKJmHDTHgWIxgawTrKabmong4utnMI

+yNrhsI77bmh2U7UCAwEAAaMQMA4wDAYDVR0PBAUDAwcGADANBgkqhkiG9w0BAQUF

+AAOCAQEAuD8W9Ukkfyi0y65mwguFVAqBC3RSTMRXcjbLQV4rMDM/Q9kjA6acY4Ta

+WgxGTwNCydqaqwDVsmn+6Je8Lp2xm9KLDLypVdNopGs+Mlfo55dhwqymXkQw1oJI

+CPhR3nBmGEnSWW0UY9bPlpxRF2D5GDVwpuxDtXvWa4baPwRRI9MxwPWHA3ITl+fc

+s9QVKy+pRAnuP9MSIp755cJ1CODOn2ElNCqnxxsZmcWcmI3LkHAwTmegl3PVvhrk

+MKMEA/neshh/M/hWGNTFt77Hoa7pU9dv5RCWFvZPqsUgPrwGrmUvcmSDir3lSWQm

+SuSED2LKVo+BFqwWS+jp49AR9b8B/Q==

+-----END CERTIFICATE-----

二进制
sandbox/heavyduty/certificates/dianne.p12
查看文件


二进制
sandbox/heavyduty/certificates/rod.p12
查看文件


二进制
sandbox/heavyduty/certificates/scott.p12
查看文件


二进制
sandbox/heavyduty/certificates/server.jks
查看文件


+ 166 - 0
sandbox/heavyduty/pom.xml
查看文件 

@@ -0,0 +1,166 @@
 
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
 
+    <modelVersion>4.0.0</modelVersion>
 
+    <groupId>org.springframework.security</groupId>
 
+    <artifactId>spring-security-heavyduty</artifactId>
 
+    <name>Spring Security - Heavy Duty Sample</name>
 
+    <packaging>war</packaging>
 
+    <version>2.0.0</version>
 
+    <dependencies>
 
+        <dependency>
 
+            <groupId>org.springframework.security</groupId>
 
+            <artifactId>spring-security-core</artifactId>
 
+            <version>${spring.security.version}</version>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>org.springframework.security</groupId>
 
+            <artifactId>spring-security-core-tiger</artifactId>
 
+            <version>${spring.security.version}</version>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>org.springframework.security</groupId>
 
+            <artifactId>spring-security-taglibs</artifactId>
 
+            <version>${spring.security.version}</version>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>org.springframework</groupId>
 
+            <artifactId>spring-core</artifactId>
 
+            <version>${spring.version}</version>
 
+        </dependency>                
+        <dependency>
 
+            <groupId>org.springframework</groupId>
 
+            <artifactId>spring-context</artifactId>
 
+            <version>${spring.version}</version>
 
+        </dependency>        
+        <dependency>
 
+            <groupId>org.springframework</groupId>
 
+            <artifactId>spring-web</artifactId>
 
+            <version>${spring.version}</version>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>org.springframework</groupId>
 
+            <artifactId>spring-webmvc</artifactId>
 
+            <version>${spring.version}</version>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>org.springframework</groupId>
 
+            <artifactId>spring-jdbc</artifactId>
 
+            <scope>runtime</scope>
 
+            <version>${spring.version}</version>    
+        </dependency>
 
+        <dependency>
 
+            <groupId>org.springframework</groupId>
 
+            <artifactId>spring-orm</artifactId>
 
+            <version>${spring.version}</version>
 
+        </dependency>        
+        <dependency>
 
+            <groupId>org.springframework</groupId>
 
+            <artifactId>spring-aop</artifactId>
 
+            <scope>runtime</scope>
 
+            <version>${spring.version}</version>
 
+        </dependency>
 
+	    <dependency>
 
+	      <groupId>hsqldb</groupId>
 
+	      <artifactId>hsqldb</artifactId>
 
+	      <version>1.8.0.7</version>
 
+	      <scope>compile</scope>
 
+	    </dependency>
 
+	    <dependency>
 
+	      <groupId>org.hibernate</groupId>
 
+	      <artifactId>hibernate-entitymanager</artifactId>
 
+	      <version>3.3.2.GA</version>
 
+	      <scope>compile</scope>
 
+	    </dependency>
 
+	    <dependency>
 
+	      <groupId>net.sf.ehcache</groupId>
 
+	      <artifactId>ehcache</artifactId>
 
+	      <version>1.3.0</version>
 
+	      <scope>compile</scope>
 
+	    </dependency>
 
+	    <dependency>
 
+	        <groupId>org.aspectj</groupId>
 
+    		<artifactId>aspectjweaver</artifactId>
 
+	    	<optional>true</optional>
 
+		    <version>1.5.4</version>
 
+	    </dependency>	    
+	    <dependency>
 
+	        <groupId>org.aspectj</groupId>
 
+	    	<artifactId>aspectjrt</artifactId>
 
+		    <version>1.5.4</version>
 
+	    </dependency>
 
+        <dependency>
 
+            <groupId>javax.servlet</groupId>
 
+            <artifactId>servlet-api</artifactId>
 
+            <scope>provided</scope>
 
+            <version>2.4</version>
 
+        </dependency>        
+        <dependency>
 
+            <groupId>javax.servlet</groupId>
 
+            <artifactId>jstl</artifactId>
 
+            <scope>runtime</scope>
 
+            <version>1.1.2</version>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>taglibs</groupId>
 
+            <artifactId>standard</artifactId>
 
+            <scope>runtime</scope>
 
+            <version>1.1.2</version>            
+        </dependency>
 
+        <dependency>
 
+            <groupId>log4j</groupId>
 
+            <artifactId>log4j</artifactId>
 
+            <scope>runtime</scope>
 
+            <version>1.2.14</version>
 
+        </dependency>        
+    </dependencies>
 
+
 
+    <build>
 
+        <plugins>
 
+            <plugin>
 
+                <groupId>org.apache.maven.plugins</groupId>
 
+                <artifactId>maven-compiler-plugin</artifactId>
 
+                <configuration>
 
+                    <source>1.5</source>
 
+                    <target>1.5</target>
 
+                </configuration>
 
+            </plugin>
 
+            <plugin>
 
+                <groupId>org.apache.maven.plugins</groupId>
 
+                <artifactId>maven-eclipse-plugin</artifactId>
 
+                <version>2.5.1</version>
 
+                <configuration>
 
+                    <downloadSources>true</downloadSources>
 
+                    <wtpversion>2.0</wtpversion>
 
+                </configuration>
 
+            </plugin>            
+            <plugin>
 
+                <groupId>org.mortbay.jetty</groupId>
 
+                <artifactId>maven-jetty-plugin</artifactId>
 
+                <version>6.1.7</version>
 
+                <configuration>
 
+                    <contextPath>/tutorial</contextPath>
 
+                    <connectors>
 
+                        <connector implementation="org.mortbay.jetty.nio.SelectChannelConnector">
 
+                            <port>8080</port>
 
+                            <confidentialPort>8443</confidentialPort>
 
+                        </connector>
 
+                        <connector implementation="org.mortbay.jetty.security.SslSocketConnector">
 
+                            <port>8443</port>
 
+                            <keystore>certificates/server.jks</keystore>
 
+                            <password>password</password>
 
+                            <keyPassword>password</keyPassword>
 
+                            <truststore>certificates/server.jks</truststore>
 
+                            <trustPassword>password</trustPassword>
 
+                            <wantClientAuth>true</wantClientAuth>
 
+                            <needClientAuth>false</needClientAuth>
 
+                        </connector>
 
+                    </connectors>
 
+                </configuration>
 
+            </plugin>
 
+        </plugins>
 
+    </build>
 
+    <properties>        
+        <spring.version>2.5.3</spring.version>
 
+        <spring.security.version>2.0.1-SNAPSHOT</spring.security.version>
 
+    </properties>
 
+
 
+</project>

+ 51 - 0
sandbox/heavyduty/src/main/java/bigbank/Account.java
查看文件 

@@ -0,0 +1,51 @@
 
+package bigbank;
 
+
 
+/**
 
+ * Note this class does not represent best practice, as we are failing to
 
+ * encapsulate business logic (methods) and state in the domain object.
 
+ * Nevertheless, this demo is intended to reflect what people usually do,
 
+ * as opposed to what they ideally would be doing.
 
+ * 
+ * @author Ben Alex
 
+ * @version $Id$
 
+ */
 
+public class Account {
 
+	private long id = -1;
 
+	private String holder;
 
+	private double balance;
 
+	
+	public Account(String holder) {
 
+		super();
 
+		this.holder = holder;
 
+	}
 
+
 
+	public long getId() {
 
+		return id;
 
+	}
 
+
 
+	public void setId(long id) {
 
+		this.id = id;
 
+	}
 
+
 
+	public String getHolder() {
 
+		return holder;
 
+	}
 
+
 
+	public void setHolder(String holder) {
 
+		this.holder = holder;
 
+	}
 
+
 
+	public double getBalance() {
 
+		return balance;
 
+	}
 
+
 
+	public void setBalance(double balance) {
 
+		this.balance = balance;
 
+	}
 
+
 
+	public String toString() {
 
+		return "Account[id=" + id + ",balance=" + balance +",holder=" + holder + "]";
 
+	}
 
+
 
+	
+}

+ 7 - 0
sandbox/heavyduty/src/main/java/bigbank/BankDao.java
查看文件 

@@ -0,0 +1,7 @@
 
+package bigbank;
 
+
 
+public interface BankDao {
 
+	public Account readAccount(Long id);
 
+	public void createOrUpdateAccount(Account account);
 
+	public Account[] findAccounts();
 
+}

+ 32 - 0
sandbox/heavyduty/src/main/java/bigbank/BankDaoStub.java
查看文件 

@@ -0,0 +1,32 @@
 
+package bigbank;
 
+
 
+import java.util.HashMap;
 
+import java.util.Map;
 
+
 
+public class BankDaoStub implements BankDao {
 
+	private long id = 0;
 
+	private Map accounts = new HashMap();
 
+	
+	public void createOrUpdateAccount(Account account) {
 
+		if (account.getId() == -1) {
 
+			id++;
 
+			account.setId(id);
 
+		}
 
+		accounts.put(new Long(account.getId()), account);
 
+		System.out.println("SAVE: " + account);
 
+	}
 
+
 
+	public Account[] findAccounts() {
 
+		Account[] a = (Account[]) accounts.values().toArray(new Account[] {});
 
+		System.out.println("Returning " + a.length + " account(s):");
 
+		for (int i = 0; i < a.length; i++) {
 
+			System.out.println(" > " + a[i]);
 
+		}
 
+		return a;
 
+	}
 
+
 
+	public Account readAccount(Long id) {
 
+		return (Account) accounts.get(id);
 
+	}
 
+
 
+}

+ 15 - 0
sandbox/heavyduty/src/main/java/bigbank/BankService.java
查看文件 

@@ -0,0 +1,15 @@
 
+package bigbank;
 
+
 
+import org.springframework.security.annotation.Secured;
 
+
 
+public interface BankService {
 
+	
+	@Secured("IS_AUTHENTICATED_ANONYMOUSLY")
 
+	public Account readAccount(Long id);
 
+		
+	@Secured("IS_AUTHENTICATED_ANONYMOUSLY")
 
+	public Account[] findAccounts();
 
+	
+	@Secured("ROLE_TELLER")
 
+	public Account post(Account account, double amount);
 
+}

+ 40 - 0
sandbox/heavyduty/src/main/java/bigbank/BankServiceImpl.java
查看文件 

@@ -0,0 +1,40 @@
 
+package bigbank;
 
+
 
+import org.aspectj.lang.annotation.Pointcut;
 
+import org.springframework.util.Assert;
 
+
 
+public class BankServiceImpl implements BankService {
 
+	private BankDao bankDao;
 
+
 
+	// Not used unless you declare a <protect-pointcut>
 
+	@Pointcut("execution(* bigbank.BankServiceImpl.*(..))")
 
+	public void myPointcut() {}
 
+
 
+	public BankServiceImpl(BankDao bankDao) {
 
+		Assert.notNull(bankDao);
 
+		this.bankDao = bankDao;
 
+	}
 
+
 
+	public Account[] findAccounts() {
 
+		return this.bankDao.findAccounts();
 
+	}
 
+
 
+	public Account post(Account account, double amount) {
 
+		Assert.notNull(account);
 
+		Assert.notNull(account.getId());
 
+		
+		// We read account bank from DAO so it reflects the latest balance
 
+		Account a = bankDao.readAccount(account.getId());
 
+		if (account == null) {
 
+			throw new IllegalArgumentException("Couldn't find requested account");
 
+		}
 
+		
+		a.setBalance(a.getBalance() + amount);
 
+		bankDao.createOrUpdateAccount(a);
 
+		return a;
 
+	}
 
+
 
+	public Account readAccount(Long id) {
 
+		return bankDao.readAccount(id);
 
+	}
 
+}

+ 21 - 0
sandbox/heavyduty/src/main/java/bigbank/SeedData.java
查看文件 

@@ -0,0 +1,21 @@
 
+package bigbank;
 
+
 
+import org.springframework.beans.factory.InitializingBean;
 
+import org.springframework.util.Assert;
 
+
 
+public class SeedData implements InitializingBean{
 
+	private BankDao bankDao;
 
+
 
+	public void afterPropertiesSet() throws Exception {
 
+		Assert.notNull(bankDao);
 
+		bankDao.createOrUpdateAccount(new Account("rod"));
 
+		bankDao.createOrUpdateAccount(new Account("dianne"));
 
+		bankDao.createOrUpdateAccount(new Account("scott"));
 
+		bankDao.createOrUpdateAccount(new Account("peter"));
 
+	}
 
+	
+	public void setBankDao(BankDao bankDao) {
 
+		this.bankDao = bankDao;
 
+	}
 
+	
+}

+ 34 - 0
sandbox/heavyduty/src/main/java/bigbank/web/ListAccounts.java
查看文件 

@@ -0,0 +1,34 @@
 
+package bigbank.web;
 
+
 
+import javax.servlet.http.HttpServletRequest;
 
+import javax.servlet.http.HttpServletResponse;
 
+
 
+import org.springframework.security.AuthenticationCredentialsNotFoundException;
 
+import org.springframework.util.Assert;
 
+import org.springframework.web.servlet.ModelAndView;
 
+import org.springframework.web.servlet.mvc.Controller;
 
+
 
+import bigbank.BankService;
 
+
 
+public class ListAccounts implements Controller {
 
+
 
+	private BankService bankService;
 
+	
+	public ListAccounts(BankService bankService) {
 
+		Assert.notNull(bankService);
 
+		this.bankService = bankService;
 
+	}
 
+
 
+	public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
 
+		// Security check (this is unnecessary if Spring Security is performing the authorization)
 
+//		if (request.getUserPrincipal() == null) {
 
+//			throw new AuthenticationCredentialsNotFoundException("You must login to view the account list (Spring Security message)"); // only for Spring Security managed authentication
 
+//		}
 
+		
+		// Actual business logic
 
+		ModelAndView mav = new ModelAndView("listAccounts");
 
+		mav.addObject("accounts", bankService.findAccounts());
 
+		return mav;
 
+	}
 
+
 
+}

+ 39 - 0
sandbox/heavyduty/src/main/java/bigbank/web/PostAccounts.java
查看文件 

@@ -0,0 +1,39 @@
 
+package bigbank.web;
 
+
 
+import javax.servlet.http.HttpServletRequest;
 
+import javax.servlet.http.HttpServletResponse;
 
+
 
+import org.springframework.security.AccessDeniedException;
 
+import org.springframework.util.Assert;
 
+import org.springframework.web.bind.ServletRequestUtils;
 
+import org.springframework.web.servlet.ModelAndView;
 
+import org.springframework.web.servlet.mvc.Controller;
 
+
 
+import bigbank.Account;
 
+import bigbank.BankService;
 
+
 
+public class PostAccounts implements Controller {
 
+
 
+	private BankService bankService;
 
+	
+	public PostAccounts(BankService bankService) {
 
+		Assert.notNull(bankService);
 
+		this.bankService = bankService;
 
+	}
 
+
 
+	public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
 
+		// Security check (this is unnecessary if Spring Security is performing the authorization)
 
+//		if (!request.isUserInRole("ROLE_TELLER")) {
 
+//			throw new AccessDeniedException("You must be a teller to post transactions (Spring Security message)"); // only for Spring Security managed authentication
 
+//		}
 
+		
+		// Actual business logic
 
+		Long id = ServletRequestUtils.getRequiredLongParameter(request, "id");
 
+		Double amount = ServletRequestUtils.getRequiredDoubleParameter(request, "amount");
 
+		Account a = bankService.readAccount(id);
 
+		bankService.post(a, amount);
 
+		
+		return new ModelAndView("redirect:listAccounts.html");
 
+	}
 
+
 
+}

+ 11 - 0
sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java
查看文件 

@@ -0,0 +1,11 @@
 
+package heavyduty.security.ui;
 
+
 
+import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
 
+
 
+public class HeavyDutyAuthenticationProcessingFilter extends AuthenticationProcessingFilter {
 
+	
+	
+
 
+	
+	
+}

+ 9 - 0
sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java
查看文件 

@@ -0,0 +1,9 @@
 
+package heavyduty.security.ui;
 
+
 
+import org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint;
 
+
 
+public class HeavyDutyEntryPoint extends AuthenticationProcessingFilterEntryPoint {
 
+
 
+	
+	
+}

+ 46 - 0
sandbox/heavyduty/src/main/java/sample/dao/GenericDAO.java
查看文件 

@@ -0,0 +1,46 @@
 
+package sample.dao;

+

+import java.io.Serializable;

+

+

+/**

+ * The Interface GenericDAO.

+ */

+public interface GenericDAO<T extends Serializable, PK extends Serializable> 

+{

+   	/**

+   	 * persist

+   	 * @param transientInstance objet to persist

+   	 */

+	void persist(T transientInstance);

+

+	

+	/**

+   	 * refresh

+   	 * @param instance objet to refresh

+   	 */

+	void refresh(T instance);

+

+	

+	/**

+   	 * delete

+   	 * @param persistentInstance objet to delete

+   	 */

+	void delete(T persistentInstance);

+

+	

+	/**

+   	 * merge

+   	 * @param detachedInstance objet to merge

+   	 * @return merged object

+   	 */

+	T merge(T detachedInstance);

+	

+	

+	/**

+   	 * read

+   	 * @param id of object to read

+   	 * @return read object

+   	 */

+	T read(PK id);

+}

+ 13 - 0
sandbox/heavyduty/src/main/java/sample/dao/UserDAO.java
查看文件 

@@ -0,0 +1,13 @@
 
+

+package sample.dao;

+

+import sample.domain.User;

+

+

+/**

+ * The Interface PatientDAO.

+ */

+public interface UserDAO extends GenericDAO<User,Long> {

+	

+	public User findByUsername(String username);

+}

+ 126 - 0
sandbox/heavyduty/src/main/java/sample/dao/impl/GenericDAOImpl.java
查看文件 

@@ -0,0 +1,126 @@
 
+package sample.dao.impl;

+

+import java.io.Serializable;

+

+import javax.persistence.EntityManager;

+import javax.persistence.PersistenceContext;

+

+import org.apache.commons.logging.Log;

+import org.apache.commons.logging.LogFactory;

+

+import sample.dao.GenericDAO;

+

+

+public class GenericDAOImpl<T extends Serializable, PK extends Serializable>

+		implements GenericDAO<T, PK> {

+	/** type */

+	private Class<T> type;

+

+	/** the logger */

+	private static final Log LOG = LogFactory.getLog(GenericDAOImpl.class);

+

+	@PersistenceContext

+	private EntityManager entityManager;

+

+	/**

+	 * Minimal constructor

+	 * 

+	 * @param t

+	 *            type POJO hibernate

+	 */

+	public GenericDAOImpl(Class<T> t) {

+		this.type = t;

+	}

+

+	/**

+	 * read data

+	 * 

+	 * @param id

+	 *            data id

+	 * @return data

+	 */

+	@SuppressWarnings("unchecked")

+	public T read(PK id) {

+		if (id == null) {

+			throw new IllegalArgumentException("Id cannot be null or empty");

+		}

+

+		// find() au lieu de getReference() pour forcer l'initialisation de

+		// l'objet, sinon on ne recupère

+		// qu'un proxy non-initialisé !

+		return entityManager.find(type, id);

+

+	}

+

+	/**

+	 * persist data

+	 * 

+	 * @param transientInstance

+	 *            data to persist

+	 * @see sido.common.dao.GenericDAO#persist(T)

+	 */

+	public void persist(T transientInstance) {

+		if (LOG.isDebugEnabled()) {

+			LOG.debug("Persisting instance of "

+					+ transientInstance.getClass().getSimpleName());

+		}

+		entityManager.persist(transientInstance);

+	}

+

+	/**

+	 * 

+	 * attach clean

+	 * 

+	 * @param instance

+	 *            data to attach

+	 * @see sido.common.dao.GenericDAO#refresh(T)

+	 */

+	public void refresh(T instance) {

+		if (LOG.isDebugEnabled()) {

+			LOG.debug("refreshing instance of "

+					+ instance.getClass().getSimpleName());

+		}

+		entityManager.refresh(instance);

+	}

+

+	/**

+	 * delete

+	 * 

+	 * @param persistentInstance

+	 *            data to delete

+	 * @see sido.common.dao.GenericDAO#delete(T)

+	 */

+	public void delete(T persistentInstance) {

+		if (LOG.isDebugEnabled()) {

+			LOG.debug("deleting instance of "

+					+ persistentInstance.getClass().getSimpleName());

+		}

+		entityManager.remove(persistentInstance);

+	}

+

+	/**

+	 * merge

+	 * 

+	 * @param detachedInstance

+	 *            data to merge

+	 * @return the merged data

+	 * @see sido.common.dao.GenericDAO#merge(T)

+	 */

+	@SuppressWarnings("unchecked")

+	public T merge(T detachedInstance) {

+		if (LOG.isDebugEnabled()) {

+			LOG.debug("merging instance of "

+					+ detachedInstance.getClass().getSimpleName());

+		}

+		return entityManager.merge(detachedInstance);

+	}

+

+	/**

+	 * @return the entityManager

+	 */

+	public EntityManager getEntityManager() {

+		return entityManager;

+	}

+

+

+}

+ 27 - 0
sandbox/heavyduty/src/main/java/sample/dao/impl/UserDAOImpl.java
查看文件 

@@ -0,0 +1,27 @@
 
+package sample.dao.impl;

+

+import org.springframework.stereotype.Repository;

+

+import sample.domain.User;

+

+/**

+ * UserDAOImpl

+ */

+@Repository

+public class UserDAOImpl extends GenericDAOImpl<User, Long> implements

+		sample.dao.UserDAO {

+

+	/**

+	 * Required constructor

+	 */

+	public UserDAOImpl() {

+		super(User.class);

+	}

+

+	public User findByUsername(String username) {

+		return (User) getEntityManager().createNamedQuery("User.findByUsername")

+				.setParameter("username", username).getSingleResult();

+	}

+	

+

+}

+ 106 - 0
sandbox/heavyduty/src/main/java/sample/domain/User.java
查看文件 

@@ -0,0 +1,106 @@
 
+

+

+package sample.domain;

+

+import java.io.Serializable;

+import java.util.Date;

+

+import javax.persistence.Basic;

+import javax.persistence.Entity;

+import javax.persistence.GeneratedValue;

+import javax.persistence.GenerationType;

+import javax.persistence.Id;

+import javax.persistence.NamedQuery;

+

+/**

+ * The Class Patient.

+ */

+@Entity

+@NamedQuery(name = "User.findByUsername", query = "from User where username= :username")

+public class User implements Serializable {

+

+	/** serialVersionUID */

+	private static final long serialVersionUID = 7073017148588882593L;

+

+	/** The id. */

+	@Id

+	@GeneratedValue(strategy=GenerationType.IDENTITY)

+	private Long id;

+

+	/** The username. */

+	@Basic(optional = false)

+	private String username;

+

+	/** The username. */

+	@Basic(optional = false)

+	private String password;

+

+	/**

+	 * Default constructor

+	 */

+	public User() {

+		super();

+	}

+

+	/**

+	 * @param username

+	 * @param password

+	 */

+	public User(String username, String password) {

+		super();

+		this.username = username;

+		this.password = password;

+	}

+

+	/**

+	 * @return the id

+	 */

+	public Long getId() {

+		return id;

+	}

+

+	/**

+	 * @param id the id to set

+	 */

+	public void setId(Long id) {

+		this.id = id;

+	}

+

+	/**

+	 * @return the username

+	 */

+	public String getUsername() {

+		return username;

+	}

+

+	/**

+	 * @param username the username to set

+	 */

+	public void setUsername(String username) {

+		this.username = username;

+	}

+

+	/**

+	 * Full constructor

+	 * @param username

+	 */

+	public User(String username, String password, Date derniereConnexion,

+			String key) {

+		super();

+		this.username = username;

+	}

+

+	/**

+	 * @return the password

+	 */

+	public String getPassword() {

+		return password;

+	}

+

+	/**

+	 * @param password the password to set

+	 */

+	public void setPassword(String password) {

+		this.password = password;

+	}

+}

+ 16 - 0
sandbox/heavyduty/src/main/java/sample/service/UserService.java
查看文件 

@@ -0,0 +1,16 @@
 
+package sample.service;

+

+import org.springframework.security.userdetails.UserDetails;

+import org.springframework.security.userdetails.UserDetailsService;

+

+public interface UserService extends UserDetailsService {

+	

+	/**

+	 * Register a new User in database

+	 * @param username

+	 */

+	public UserDetails register(String username, String password);

+	

+	

+	

+}

+ 68 - 0
sandbox/heavyduty/src/main/java/sample/service/impl/UserServiceImpl.java
查看文件 

@@ -0,0 +1,68 @@
 
+/**

+ * 

+ */

+package sample.service.impl;

+

+import org.apache.commons.logging.Log;

+import org.apache.commons.logging.LogFactory;

+import org.springframework.beans.factory.annotation.Autowired;

+import org.springframework.security.AuthenticationException;

+import org.springframework.security.GrantedAuthority;

+import org.springframework.security.GrantedAuthorityImpl;

+import org.springframework.security.userdetails.UserDetails;

+import org.springframework.security.userdetails.UsernameNotFoundException;

+import org.springframework.stereotype.Component;

+import org.springframework.stereotype.Service;

+import org.springframework.transaction.annotation.Transactional;

+

+import sample.dao.UserDAO;

+import sample.domain.User;

+import sample.service.UserService;

+

+/**

+ * @author A207119

+ * 

+ */

+@Component

+@Transactional

+public class UserServiceImpl implements UserService {

+

+	/** The logger */

+	private static final Log LOG = LogFactory.getLog(UserServiceImpl.class);

+

+	/** The User DAO */

+	@Autowired

+	private UserDAO userDAO = null;

+

+	public UserDetails loadUserByUsername(String username)

+			throws AuthenticationException {

+		try {

+			User user = userDAO.findByUsername(username);

+

+			return new org.springframework.security.userdetails.User(user

+					.getUsername(), user.getPassword(), true, true, true, true,

+					new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_USER") });

+		} catch (Exception e) {

+			LOG.error(e.getMessage(), e);

+			throw new UsernameNotFoundException("No matching account", e);

+		}

+	}

+

+	public UserDetails register(String username, String password) {

+		User user = new User(username, password);

+		userDAO.persist(user);

+		return new org.springframework.security.userdetails.User(user

+				.getUsername(), user.getPassword(), true, true, true, true,

+				new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_USER") });

+

+	}

+

+	/**

+	 * @param userDAO

+	 *            the userDAO to set

+	 */

+	public void setUserDAO(UserDAO userDAO) {

+		this.userDAO = userDAO;

+	}

+

+}

+ 24 - 0
sandbox/heavyduty/src/main/resources/applicationContext-business.xml
查看文件 

@@ -0,0 +1,24 @@
 
+<?xml version="1.0" encoding="UTF-8"?>
 
+
 
+<beans xmlns="http://www.springframework.org/schema/beans"
 
+    xmlns:security="http://www.springframework.org/schema/security"
 
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 
+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
 
+http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
 
+
 
+	<bean id="bankDao" class="bigbank.BankDaoStub"/>
 
+
 
+	<bean id="seedData" class="bigbank.SeedData">
 
+		<property name="bankDao" ref="bankDao"/>
 
+	</bean>
 
+
 
+	<bean id="bankService" class="bigbank.BankServiceImpl">
 
+		<constructor-arg ref="bankDao"/>
 
+        <!-- This will add a security interceptor to the bean
 
+        <security:intercept-methods>
 
+            <security:protect method="bigbank.BankService.*" access="IS_AUTHENTICATED_REMEMBERED" />
 
+            <security:protect method="bigbank.BankService.post" access="ROLE_TELLER" />
 
+        </security:intercept-methods>  -->
 
+	</bean>
 
+
 
+</beans>

+ 2 - 0
sandbox/heavyduty/src/main/webapp/META-INF/MANIFEST.MF
查看文件 

@@ -0,0 +1,2 @@
 
+Manifest-Version: 1.0

+

+ 51 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-misc.xml
查看文件 

@@ -0,0 +1,51 @@
 
+<?xml version="1.0" encoding="UTF-8"?>
 
+
 
+<!--
 
+  |
 
+  |  Miscellaneous beans added just to test configuration options
 
+  |
 
+  |  $Id$ 
+  -->
 
+
 
+<beans xmlns="http://www.springframework.org/schema/beans"
 
+    xmlns:sec="http://www.springframework.org/schema/security"
 
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 
+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
 
+                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
 
+
 
+    <bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
 
+        <property name="decisionVoters">
 
+            <list>
 
+                <bean class="org.springframework.security.vote.RoleVoter"/>
 
+                <bean class="org.springframework.security.vote.AuthenticatedVoter"/>
 
+            </list>
 
+        </property>
 
+    </bean>
 
+
 
+
 
+    <bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
 
+        <property name="authenticationManager" ref="authenticationManager"/>
 
+        <property name="accessDecisionManager" ref="accessDecisionManager"/>
 
+        <property name="objectDefinitionSource">
 
+            <value><![CDATA[
 
+                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
 
+                PATTERN_TYPE_APACHE_ANT
 
+                /secure/extreme/**=ROLE_SUPERVISOR
 
+                /secure/**=IS_AUTHENTICATED_REMEMBERED
 
+                /**=IS_AUTHENTICATED_ANONYMOUSLY
 
+            ]]></value>
 
+        </property>
 
+    </bean>
 
+    
+    <bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
 
+        <property name="authenticationManager" ref="authenticationManager"/>
 
+        <property name="authenticationEntryPoint" ref="basicProcessingFilterEntryPoint"/>
 
+    </bean>
 
+
 
+    <bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint">
 
+        <property name="realmName"><value>My Realm</value></property>
 
+    </bean>
 
+
 
+</beans>
 
+                        
+

+ 59 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-persistence.xml
查看文件 

@@ -0,0 +1,59 @@
 
+<?xml version="1.0" encoding="UTF-8"?>

+<beans xmlns="http://www.springframework.org/schema/beans"

+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

+  xmlns:aop="http://www.springframework.org/schema/aop"

+  xmlns:config="http://www.springframework.org/schema/config"

+  xmlns:tx="http://www.springframework.org/schema/tx"

+  xmlns:context="http://www.springframework.org/schema/context"

+  xmlns:security="http://www.springframework.org/schema/security"

+  xsi:schemaLocation="

+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd

+    http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd

+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd

+    http://www.springframework.org/schema/config http://www.springframework.org/schema/config/spring-config-2.5.xsd

+    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd

+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd">

+  

+  <bean id="AllPropertiesConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">

+    <property name="location">

+      <value>classpath:jdbc.properties</value>

+    </property>

+  </bean>
 
+

+  <tx:annotation-driven transaction-manager="transactionManager" />

+

+  <bean id="userDAO" class="sample.dao.impl.UserDAOImpl"/>

+  

+  <bean id="daoUserService" class="sample.service.impl.UserServiceImpl">

+    <property name="userDAO" ref="userDAO"/>

+  </bean>

+

+  <bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor">
 
+    <!--  property name="order" value="0"/ -->
 
+  </bean>

+  

+  <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">

+    <property name="entityManagerFactory" ref="entityManagerFactory" />

+    <property name="dataSource" ref="dataSource" />

+  </bean>

+

+  <bean id="entityManagerFactory"

+    class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">

+    <property name="dataSource" ref="dataSource" />

+    <property name="jpaVendorAdapter">

+      <bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">

+        <property name="generateDdl" value="${jpa.generateDdl}" />

+        <property name="showSql" value="${jpa.showSql}" />

+        <property name="databasePlatform" value="${jpa.dialect}" />

+      </bean>

+    </property>

+  </bean>

+

+  <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">

+    <property name="driverClassName" value="${jdbc.driver}" />

+    <property name="url" value="${jdbc.url}" />

+    <property name="username" value="${jdbc.username}" />

+    <property name="password" value="${jdbc.password}" />

+  </bean>

+

+</beans>

+ 82 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml
查看文件 

@@ -0,0 +1,82 @@
 
+<?xml version="1.0" encoding="UTF-8"?>

+

+<!--

+  - Sample namespace-based configuration

+  -

+  - $Id: applicationContext-security-ns.xml 2923 2008-04-12 17:17:46Z luke_t $

+  -->

+

+<b:beans xmlns="http://www.springframework.org/schema/security"

+    xmlns:b="http://www.springframework.org/schema/beans"

+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd

+                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">

+
 
+    <b:import resource="appContext-misc.xml"/>
 
+    

+	<global-method-security secured-annotations="enabled"/>		

+

+    <http entry-point-ref='customEntryPoint'>

+        <intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>

+        <intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_REMEMBERED" />

+		<!-- Disable web URI authorization, as we're using <global-method-security> and have @Secured the services layer instead

+        <intercept-url pattern="/listAccounts.html" access="IS_AUTHENTICATED_REMEMBERED" />

+        <intercept-url pattern="/post.html" access="ROLE_TELLER" />

+        -->

+        <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />

+<!--

+    Uncomment to enable X509 client authentication support -->

+        <x509 user-service-ref="daoUserService"/> 

+

+

+        <!-- All of this is unnecessary if auto-config="true" -->

+        <form-login />

+        <anonymous />

+        <!-- http-basic / -->

+        <logout />

+<!--          <remember-me user-service-ref="daoUserService"/> -->

+

+        <!-- Uncomment to limit the number of sessions a user can have -->

+        <concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true"/>

+    </http>
 
+    
+    <authentication-manager alias="authenticationManager"/> 
+    
+    <b:bean id="customAuthFilter" class="heavyduty.security.ui.HeavyDutyAuthenticationProcessingFilter">
 
+        <custom-filter after="AUTHENTICATION_PROCESSING_FILTER"/>
 
+        <b:property name="defaultTargetUrl" value="/"/>
 
+        <b:property name="authenticationManager" ref="authenticationManager"/>
 
+    </b:bean>
 
+    
+    <b:bean id="customEntryPoint" class="heavyduty.security.ui.HeavyDutyEntryPoint">
 
+        <b:property name="loginFormUrl" value="/login.jsp"/>
 
+    </b:bean>
 
+<!--     
+    <b:bean id="loginPageGenerator" class="org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter">
 
+        <custom-filter after="AUTHENTICATION_PROCESSING_FILTER"/>
 
+        <b:constructor-arg ref="customAuthFilter"/>
 
+    </b:bean>

+ -->

+    <!--

+    Usernames/Passwords are

+        rod/koala

+        dianne/emu

+        scott/wombat

+        peter/opal

+    -->
 
+    
+	<authentication-provider user-service-ref="daoUserService">
 
+	    <password-encoder hash="md5" />
 
+	</authentication-provider>
 
+

+    <authentication-provider>

+        <password-encoder hash="md5"/>

+        <user-service>

+            <user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />

+	        <user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />

+            <user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />

+            <user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />

+	    </user-service>

+	</authentication-provider>

+

+</b:beans>

+ 161 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
查看文件 

@@ -0,0 +1,161 @@
 
+<?xml version="1.0" encoding="UTF-8"?>
 
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
 
+
 
+<!--
 
+  - A simple "base bones" Acegi Security configuration.
 
+  -
 
+  - The sample includes the "popular" features that people tend to use.
 
+  - Specifically, form authentication, remember-me, and anonymous processing.
 
+  - Other features aren't setup, as these can be added later by inserting
 
+  - the relevant XML fragments as specified in the Reference Guide.
 
+  -
 
+  - To assist new users, the filters specified in the FilterChainProxy are
 
+  - declared in the application context in the same order. Collaborators
 
+  - required by those filters are placed at the end of the file.
 
+  -
 
+  - $Id: applicationContext-acegi-security.xml 2366 2007-12-11 19:18:44Z benalex $
 
+  -->
 
+
 
+<beans>
 
+
 
+	<bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
 
+		<property name="filterInvocationDefinitionSource">
 
+			<value><![CDATA[
 
+				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
 
+				PATTERN_TYPE_APACHE_ANT
 
+				/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
 
+			]]></value>
 
+		</property>
 
+	</bean>
 
+
 
+	<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>
 
+
 
+	<bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
 
+		<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
 
+		<constructor-arg>
 
+			<list>
 
+				<ref bean="rememberMeServices"/>
 
+				<bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
 
+			</list>
 
+		</constructor-arg>
 
+	</bean>
 
+
 
+	<bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
 
+		<property name="authenticationManager" ref="authenticationManager"/>
 
+		<property name="authenticationFailureUrl" value="/acegilogin.jsp?login_error=1"/>
 
+		<property name="defaultTargetUrl" value="/"/>
 
+		<property name="filterProcessesUrl" value="/j_spring_security_check"/>
 
+		<property name="rememberMeServices" ref="rememberMeServices"/>
 
+	</bean>
 
+
 
+    <bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
 
+        <property name="authenticationManager"><ref local="authenticationManager"/></property>
 
+        <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
 
+    </bean>
 
+
 
+    <bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint">
 
+        <property name="realmName"><value>My Realm</value></property>
 
+    </bean>
 
+
 
+	<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter"/>
 
+
 
+	<bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter">
 
+		<property name="authenticationManager" ref="authenticationManager"/>
 
+		<property name="rememberMeServices" ref="rememberMeServices"/>
 
+	</bean>
 
+
 
+	<bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter">
 
+		<property name="key" value="changeThis"/>
 
+		<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
 
+	</bean>
 
+
 
+	<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
 
+		<property name="authenticationEntryPoint">
 
+			<bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
 
+				<property name="loginFormUrl" value="/acegilogin.jsp"/>
 
+				<property name="forceHttps" value="false"/>
 
+			</bean>
 
+		</property>
 
+		<property name="accessDeniedHandler">
 
+			<bean class="org.springframework.security.ui.AccessDeniedHandlerImpl">
 
+				<property name="errorPage" value="/accessDenied.jsp"/>
 
+			</bean>
 
+		</property>
 
+	</bean>
 
+
 
+	<bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
 
+		<property name="allowIfAllAbstainDecisions" value="false"/>
 
+		<property name="decisionVoters">
 
+			<list>
 
+				<bean class="org.springframework.security.vote.RoleVoter"/>
 
+				<bean class="org.springframework.security.vote.AuthenticatedVoter"/>
 
+			</list>
 
+		</property>
 
+	</bean>
 
+
 
+	<bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
 
+		<property name="authenticationManager" ref="authenticationManager"/>
 
+		<property name="accessDecisionManager" ref="accessDecisionManager"/>
 
+		<property name="objectDefinitionSource">
 
+			<value><![CDATA[
 
+				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
 
+				PATTERN_TYPE_APACHE_ANT
 
+				/secure/extreme/**=ROLE_SUPERVISOR
 
+				/secure/**=IS_AUTHENTICATED_REMEMBERED
 
+				/**=IS_AUTHENTICATED_ANONYMOUSLY
 
+			]]></value>
 
+		</property>
 
+	</bean>
 
+
 
+	<bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices">
 
+		<property name="userDetailsService" ref="userDetailsService"/>
 
+		<property name="key" value="changeThis"/>
 
+	</bean>
 
+
 
+	<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
 
+		<property name="providers">
 
+			<list>
 
+				<ref local="daoAuthenticationProvider"/>
 
+				<bean class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
 
+					<property name="key" value="changeThis"/>
 
+				</bean>
 
+				<bean class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
 
+					<property name="key" value="changeThis"/>
 
+				</bean>
 
+			</list>
 
+		</property>
 
+	</bean>
 
+
 
+	<bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
 
+		<property name="userDetailsService" ref="userDetailsService"/>
 
+	</bean>
 
+
 
+	<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
 
+	<bean id="userDetailsService" class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
 
+		<property name="userProperties">
 
+			<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
 
+				<property name="location" value="/WEB-INF/users.properties"/>
 
+			</bean>
 
+		</property>
 
+	</bean>
 
+
 
+	<!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
 
+	<bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener"/>
 
+
 
+	<bean id="daacc" class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"/>
 
+
 
+	<bean id="attributes" class="org.springframework.security.annotation.SecurityAnnotationAttributes"/>
 
+
 
+	<bean id="objectDefinitionSource" class="org.springframework.security.intercept.method.MethodDefinitionAttributes">
 
+		<property name="attributes"><ref local="attributes"/></property>
 
+	</bean>
 
+
 
+	<bean id="securityInterceptor" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
 
+		<property name="authenticationManager"><ref local="authenticationManager"/></property>
 
+		<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
 
+		<property name="objectDefinitionSource">
 
+			<ref local="objectDefinitionSource"/>
 
+		</property>
 
+	</bean>
 
+
 
+</beans>

+ 20 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/bank-servlet.xml
查看文件 

@@ -0,0 +1,20 @@
 
+<?xml version="1.0" encoding="UTF-8"?>
 
+
 
+<beans xmlns="http://www.springframework.org/schema/beans"
 
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 
+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
 
+
 
+	<bean name="/listAccounts.html" class="bigbank.web.ListAccounts">
 
+		<constructor-arg ref="bankService"/>
 
+	</bean>
 
+	
+	<bean name="/post.html" class="bigbank.web.PostAccounts">
 
+		<constructor-arg ref="bankService"/>
 
+	</bean>
 
+	
+	<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
 
+		<property name="prefix" value="/WEB-INF/jsp/"/>
 
+		<property name="suffix" value=".jsp"/>
 
+	</bean>
 
+
 
+</beans>

+ 24 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/classes/META-INF/persistence.xml
查看文件 

@@ -0,0 +1,24 @@
 
+<persistence xmlns="http://java.sun.com/xml/ns/persistence"

+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

+  xsi:schemaLocation="http://java.sun.com/xml/ns/persistence

+http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd"

+  version="1.0">

+

+  <persistence-unit name="SAMPLE" transaction-type="RESOURCE_LOCAL">

+    <provider>org.hibernate.ejb.HibernatePersistence</provider>

+    <class>sample.domain.User</class>

+    <properties>

+      <property name="hibernate.archive.autodetection" value="class" />

+      <property name="hibernate.format_sql" value="true" />

+      <property name="hibernate.dialect" value="org.hibernate.dialect.HSQLDialect" />

+      <!-- property name="hibernate.cache.provider_class"

+        value="org.hibernate.cache.EHCacheProvider" />

+      <property name="hibernate.cache.use_second_level_cache" value="true" />

+      <property name="hibernate.cache.use_query_cache" value="true" / -->

+      <property name="hibernate.max_fetch_depth" value="3" />

+      <property name="hibernate.default_batch_fetch_size" value="8" />

+      <property name="hibernate.generate_statistics" value="true" />

+    </properties>

+  </persistence-unit>

+

+</persistence>

+ 8 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/classes/jdbc.properties
查看文件 

@@ -0,0 +1,8 @@
 
+jpa.dialect=org.hibernate.dialect.HSQLDialect

+jpa.generateDdl=true

+jpa.showSql=true

+

+jdbc.driver=org.hsqldb.jdbcDriver

+jdbc.url=jdbc:hsqldb:mem:.

+jdbc.username=sa

+jdbc.password=

+ 18 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/classes/log4j.properties
查看文件 

@@ -0,0 +1,18 @@
 
+# Global logging configuration

+log4j.rootLogger=DEBUG, stdout

+

+log4j.logger.org.springframework.security=DEBUG, stdout

+

+# Console output...

+log4j.appender.stdout=org.apache.log4j.ConsoleAppender

+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout

+log4j.appender.stdout.layout.conversionPattern=[%p,%c{1},%L] - %m%n

+

+# Rolling log file output...

+#log4j.appender.fileout=org.apache.log4j.RollingFileAppender

+#log4j.appender.fileout.File=spring-security-tutorial.log

+#log4j.appender.fileout.File=${webapp.root}/WEB-INF/log4j.log

+#log4j.appender.fileout.MaxFileSize=1024KB

+#log4j.appender.fileout.MaxBackupIndex=1

+#log4j.appender.fileout.layout=org.apache.log4j.PatternLayout

+#log4j.appender.fileout.layout.conversionPattern=%d{ABSOLUTE} %5p %c{1},%t:%L - %m%n

+ 60 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/classes/users.ldif
查看文件 

@@ -0,0 +1,60 @@
 
+dn: ou=groups,dc=springframework,dc=org
 
+objectclass: top
 
+objectclass: organizationalUnit
 
+ou: groups
 
+
 
+dn: ou=people,dc=springframework,dc=org
 
+objectclass: top
 
+objectclass: organizationalUnit
 
+ou: people
 
+
 
+dn: uid=rod,ou=people,dc=springframework,dc=org
 
+objectclass: top
 
+objectclass: person
 
+objectclass: organizationalPerson
 
+objectclass: inetOrgPerson
 
+cn: Rod Johnson
 
+sn: Johnson
 
+uid: rod
 
+userPassword: koala
 
+
 
+dn: uid=dianne,ou=people,dc=springframework,dc=org
 
+objectclass: top
 
+objectclass: person
 
+objectclass: organizationalPerson
 
+objectclass: inetOrgPerson
 
+cn: Dianne Emu
 
+sn: Emu
 
+uid: dianne
 
+userPassword: emu
 
+
 
+dn: uid=scott,ou=people,dc=springframework,dc=org
 
+objectclass: top
 
+objectclass: person
 
+objectclass: organizationalPerson
 
+objectclass: inetOrgPerson
 
+cn: Scott
 
+sn: Wombat
 
+uid: scott
 
+userPassword: wombat
 
+
 
+dn: cn=user,ou=groups,dc=springframework,dc=org
 
+objectclass: top
 
+objectclass: groupOfNames
 
+cn: user
 
+member: uid=rod,ou=people,dc=springframework,dc=org
 
+member: uid=dianne,ou=people,dc=springframework,dc=org
 
+member: uid=scott,ou=people,dc=springframework,dc=org
 
+
 
+dn: cn=teller,ou=groups,dc=springframework,dc=org
 
+objectclass: top
 
+objectclass: groupOfNames
 
+cn: teller
 
+member: uid=rod,ou=people,dc=springframework,dc=org
 
+member: dianne=rod,ou=people,dc=springframework,dc=org
 
+
 
+dn: cn=supervisor,ou=groups,dc=springframework,dc=org
 
+objectclass: top
 
+objectclass: groupOfNames
 
+cn: supervisor
 
+member: uid=rod,ou=people,dc=springframework,dc=org

+ 27 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/jsp/listAccounts.jsp
查看文件 

@@ -0,0 +1,27 @@
 
+<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core_rt"%>
 
+
 
+<h1>Accounts</h1>
 
+
 
+<a href="index.jsp">Home3</a><br><br>
 
+
 
+<table>
 
+<c:forEach var="account" items="${accounts}">
 
+  <tr>
 
+  <td>
 
+      <c:out value="${account.id}"/>
 
+  </td>
 
+  <td>
 
+      <c:out value="${account.holder}"/>
 
+  </td>
 
+  <td>
 
+      <c:out value="${account.balance}"/>
 
+  </td>
 
+  <td>
 
+      <a href="post.html?id=<c:out value="${account.id}"/>&amount=-20.00">-$20</a>
 
+      <a href="post.html?id=<c:out value="${account.id}"/>&amount=-5.00">-$5</a>
 
+      <a href="post.html?id=<c:out value="${account.id}"/>&amount=5.00">+$5</a>
 
+      <a href="post.html?id=<c:out value="${account.id}"/>&amount=20.00">+$20</a>
 
+  </td>
 
+  </tr>
 
+</c:forEach>
 
+</table>

+ 81 - 0
sandbox/heavyduty/src/main/webapp/WEB-INF/web.xml
查看文件 

@@ -0,0 +1,81 @@
 
+<?xml version="1.0" encoding="UTF-8"?>

+<!--

+  - Tutorial web application

+  -

+  - $Id: web.xml 2809 2008-03-26 15:27:09Z luke_t $

+  -->

+

+<web-app xmlns="http://java.sun.com/xml/ns/j2ee"

+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

+  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">

+

+    <display-name>Spring Security Tutorial Application</display-name>

+    

+    <!--

+	  - Location of the XML file that defines the root application context

+	  - Applied by ContextLoaderListener.

+	  -->

+	<context-param>

+		<param-name>contextConfigLocation</param-name>

+		<param-value>

+			classpath:applicationContext-business.xml
 
+			/WEB-INF/appContext-persistence.xml

+			/WEB-INF/appContext-security.xml

+		</param-value>

+	</context-param>
 
+	
+    <context-param>
 
+        <param-name>log4jConfigLocation</param-name>
 
+        <param-value>/WEB-INF/classes/log4j.properties</param-value>
 
+    </context-param>	

+

+    <filter>

+        <filter-name>springSecurityFilterChain</filter-name>

+        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

+    </filter>

+

+    <filter-mapping>

+      <filter-name>springSecurityFilterChain</filter-name>

+      <url-pattern>/*</url-pattern>

+    </filter-mapping>

+
 
+    <listener>
 
+        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
 
+    </listener>
 
+

+	<!--

+	  - Loads the root application context of this web app at startup.

+	  - The application context is then available via

+	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).

+    -->

+	<listener>

+		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

+	</listener>

+

+	<!--

+	  - Publishes events for session creation and destruction through the application

+	  - context. Optional unless concurrent session control is being used.

+      -->

+    <listener>

+        <listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>

+    </listener>
 
+

+  <!--

+	- Provides core MVC application controller.

+    -->

+	<servlet>

+		<servlet-name>bank</servlet-name>

+		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>

+		<load-on-startup>1</load-on-startup>

+	</servlet>

+

+	<servlet-mapping>

+    	<servlet-name>bank</servlet-name>

+    	<url-pattern>*.html</url-pattern>

+ 	</servlet-mapping>

+

+     <welcome-file-list>

+		<welcome-file>index.jsp</welcome-file>

+	</welcome-file-list>

+

+</web-app>

+ 18 - 0
sandbox/heavyduty/src/main/webapp/index.jsp
查看文件 

@@ -0,0 +1,18 @@
 
+<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>

+<html>

+<body>

+<h1>Home Page</h1>

+<p>

+Anyone can view this page.

+</p>

+<p>

+If you're logged in, you can <a href="listAccounts.html">list accounts</a>.

+</p>

+<p>

+Your principal object is....: <%= request.getUserPrincipal() %>

+</p>

+

+<p><a href="secure/index.jsp">Secure page</a></p>

+<p><a href="secure/extreme/index.jsp">Extremely secure page</a></p>

+</body>

+</html>

+ 47 - 0
sandbox/heavyduty/src/main/webapp/login.jsp
查看文件 

@@ -0,0 +1,47 @@
 
+<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core_rt' %>
 
+<%@ page import="org.springframework.security.ui.AbstractProcessingFilter" %>
 
+<%@ page import="org.springframework.security.ui.webapp.AuthenticationProcessingFilter" %>
 
+<%@ page import="org.springframework.security.AuthenticationException" %>
 
+
 
+<!-- Not used unless you declare a <form-login login-page="/login.jsp"/> element -->
 
+
 
+<html>
 
+  <head>
 
+    <title>CUSTOM SPRING SECURITY LOGIN</title>
 
+  </head>
 
+
 
+  <body onload="document.f.j_username.focus();">
 
+    <h1>CUSTOM SPRING SECURITY LOGIN</h1>
 
+
 
+	<P>Valid users:
 
+	<P>
 
+	<P>username <b>rod</b>, password <b>koala</b>
 
+	<br>username <b>dianne</b>, password <b>emu</b>
 
+	<br>username <b>scott</b>, password <b>wombat</b>
 
+	<br>username <b>peter</b>, password <b>opal</b>
 
+	<p>
 
+
 
+    <%-- this form-login-page form is also used as the
 
+         form-error-page to ask for a login again.
 
+         --%>
 
+	<% if (session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY) != null) { %>
 
+      <font color="red">
 
+        Your login attempt was not successful, try again.<BR><BR>
 
+        Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
 
+      </font>
 
+    <% } %>
 
+
 
+    <form name="f" action="<c:url value='j_spring_security_check'/>" method="POST">
 
+      <table>
 
+        <tr><td>User:</td><td><input type='text' name='j_username' <% if (session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) != null) { %>value='<%= session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'<% } %>></td></tr>
 
+        <tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
 
+        <tr><td><input type="checkbox" name="_spring_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>
 
+
 
+        <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
 
+        <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
 
+      </table>
 
+
 
+    </form>
 
+
 
+  </body>
 
+</html>

+ 15 - 0
sandbox/heavyduty/src/main/webapp/secure/extreme/index.jsp
查看文件 

@@ -0,0 +1,15 @@
 
+<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags" %>

+

+<html>

+<body>

+<h1>VERY Secure Page</h1>

+This is a protected page. You can only see me if you are a supervisor.

+

+<authz:authorize ifAllGranted="ROLE_SUPERVISOR">

+   You have "ROLE_SUPERVISOR" (this text is surrounded by &lt;authz:authorize&gt; tags).

+</authz:authorize>

+

+<p><a href="../../">Home</a>

+<p><a href="../../j_spring_security_logout">Logout</a>

+</body>

+</html>

+ 36 - 0
sandbox/heavyduty/src/main/webapp/secure/index.jsp
查看文件 

@@ -0,0 +1,36 @@
 
+<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>

+

+<html>

+<body>

+<h1>Secure Page</h1>

+<p>

+This is a protected page. You can get to me if you've been remembered,

+or if you've authenticated this session.

+</p>

+

+<sec:authorize ifAllGranted="ROLE_SUPERVISOR">

+	You are a supervisor! You can therefore see the <a href="extreme/index.jsp">extremely secure page</a>.<br/><br/>

+</sec:authorize>

+

+<h3>Properties obtained using &lt;sec:authentication /&gt; tag</h3>

+<table border="1">

+<tr><th>Tag</th><th>Value</th></tr>

+<tr>

+<td>&lt;sec:authentication property='name' /&gt;</td><td><sec:authentication property="name"/></td>

+</tr>

+<tr>

+<td>&lt;sec:authentication property='principal.username' /&gt;</td><td><sec:authentication property="principal.username"/></td>

+</tr>

+<tr>

+<td>&lt;sec:authentication property='principal.enabled' /&gt;</td><td><sec:authentication property="principal.enabled"/></td>

+</tr>

+<tr>

+<td>&lt;sec:authentication property='principal.accountNonLocked' /&gt;</td><td><sec:authentication property="principal.accountNonLocked"/></td>

+</tr>

+</table>

+

+

+<p><a href="../">Home</a>

+<p><a href="../j_spring_security_logout">Logout</a>

+</body>

+</html>