Inicio Explorar Axuda
Rexistro Iniciar sesión
github
/
spring-security
réplica de https://github.com/spring-projects/spring-security
2
0
Fork 0
Ficheiros Incidencias 0 Wiki
Árbore: 2c23c75f91
Ramas Etiquetas
spring-security
/
doc
/
xdocs
/
standalone.html

standalone.html 5.2 KB
Histórico Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 
  1. <!--
    2. 

  2.  * ========================================================================
    3. 

  3.  * 
    4. 

  4.  * Copyright 2005 Acegi Technology Pty Limited
    5. 

  5.  *
    6. 

  6.  * Licensed under the Apache License, Version 2.0 (the "License");
    7. 

  7.  * you may not use this file except in compliance with the License.
    8. 

  8.  * You may obtain a copy of the License at
    9. 

  9.  *
    10. 

  10.  *     http://www.apache.org/licenses/LICENSE-2.0
    11. 

  11.  *
    12. 

  12.  * Unless required by applicable law or agreed to in writing, software
    13. 

  13.  * distributed under the License is distributed on an "AS IS" BASIS,
    14. 

  14.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15. 

  15.  * See the License for the specific language governing permissions and
    16. 

  16.  * limitations under the License.
    17. 

  17.  * 
    18. 

  18.  * ========================================================================
    19. 

  19. -->
    20. 

  20. 

  21. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    22. 

  22. <html xmlns="http://www.w3.org/1999/xhtml">
    23. 

  23. 

  24. <head>
    25. 

  25. <title>Acegi Security Use Without Spring</title>
    26. 

  26. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
    27. 

  27. </head>
    28. 

  28. 

  29. <body>
    30. 

  30.   <h1>Acegi Security Use Without Spring</h1>
    31. 

  31.   
    32. 

  32.   <h2>Introduction</h2>
    33. 

  33.   <p>Sometimes we get asked can Acegi Security be used without Spring.
    34. 

  34.   This page provides a detailed answer.</p>
    35. 

  35.   
    36. 

  36.   <h2>History</h2>
    37. 

  37.   <p>Acegi Security started out as a method interceptor for Spring IoC container
    38. 

  38.   managed beans. Typically such beans provide services layer functions.
    39. 

  39.   Over time Acegi Security grew to offer authentication services, <code>ThreadLocal</code> management,
    40. 

  40.   web request filtering, extra AOP support,
    41. 

  41.   ACL features, additional authentication mechanisms and so on (for those interested,
    42. 

  42.   see our <a href="changes-report.html">change log</a>).</p>
    43. 

  43. 

  44.   <h2>Why Use Spring</h2>
    45. 

  45.   <p>There's plenty written about why the
    46. 

  46.   <a href="http://www.springframework.org">Spring Framework</a> 
    47. 

  47.   is a good fit for modern applications. If you're not familiar with the benefits
    48. 

  48.   Spring offers, please take a few minutes to learn more about it. In numerous
    49. 

  49.   situations Spring will save you many months (or even years) of development time.
    50. 

  50.   Not to mention your solutions will be better architected
    51. 

  51.   (designed), better coded (implemented), and better supported (maintained) in the future.
    52. 

  52.   </p>
    53. 

  53.   
    54. 

  54.   <h2>Acegi Security Dependencies on Spring</h2>
    55. 

  55.   <p>Acegi Security relies on the Spring IoC container to wire its classes, and execute lifecycle
    56. 

  56.   methods such as <code>afterPropertiesSet()</code>. Some Acegi Security classes also 
    57. 

  57.   publish events to the <code>ApplicationContext</code>, although you could provide a mock
    58. 

  58.   implementation of <code>ApplicationContext</code> easily enough which no-ops the method.
    59. 

  59.   In other words, if you particularly didn't want Spring in your application, you <i>could</i>
    60. 

  60.   avoid its use by writing equivalent getter, setter and lifecycle invocation processes
    61. 

  61.   in standard Java code. This is a natural consequence of the Spring way of development,
    62. 

  62.   which emphasises framework independence (it is <i>not</i> because we think there are good
    63. 

  63.   reasons people would <i>not</i> use Spring).</p>
    64. 

  64.   
    65. 

  65.   <p>If it sounds too hard (it's not) or counter-productive (it is) to replace Spring's IoC
    66. 

  66.   services, don't forget you can always deploy Acegi Security and the Spring
    67. 

  67.   IoC container solely for configuring Acegi Security. Spring does not mandate its
    68. 

  68.   use in every part of your application. It will work quite successfully doing nothing more than
    69. 

  69.   acting as a configuration mechanism for Acegi Security. Whilst some may regard this as excessive,
    70. 

  70.   it's really no different than the traditional approach of every framework having its very
    71. 

  71.   own XML or other proprietary configuration system. The main difference is that Spring is an
    72. 

  72.   actual de facto standard, and you can gradually introduce it to other parts of your application
    73. 

  73.   over time (if desired).</p>
    74. 

  74.   
    75. 

  75.   <p>Acegi Security does <i>not</i> use any other Spring capabilities. Most notably, the
    76. 

  76.   entire architecture is based around <code>Filter</code>s, not Spring's MVC framework.
    77. 

  77.   This allows it to be used with any MVC framework, or even with just straight JSPs.
    78. 

  78.   Acegi Security uses the AOP Alliance and AspectJ interfaces for method interception -
    79. 

  79.   it does not use any Spring-specific interfaces. As a consequence, Acegi Security is very
    80. 

  80.   portable to applications that do not leverage <i>any</i> of Spring's capabilities. We should note
    81. 

  81.   there are several very simple data access objects (DAOs) that use Spring's JDBC abstraction
    82. 

  82.   layer, although each of these are defined by a simple interface and it is very common in 
    83. 

  83.   even native Spring-powered applications for these to be re-implemented using the application's
    84. 

  84.   persistence framework of choice (eg Hibernate).
    85. 

  85.   
    86. 

  86.   <h1>Conclusion</h1>
    87. 

  87.   
    88. 

  88.   <p>In summary, we recommend you take a look at Spring and consider using it in your
    89. 

  89.   applications. Irrespective of whether you do so or not, we strongly recommend you use it
    90. 

  90.   for configuration and lifecycle management of Acegi Security. If that is also not desired,
    91. 

  91.   Acegi Security can easily be executed without Spring at all, providing you implement
    92. 

  92.   similar IoC services. Acegi Security has very minimal dependencies directly on Spring,
    93. 

  93.   with it being useful in many non-Spring applications and with non-Spring frameworks.
    94. 

  94. </body>
    95. 

  95. </html>
    96.