acegi的MethodSecurityInterceptor 博客分类: acegi study AcegiBeanDAOXMLCache
程序员文章站
2024-02-13 10:24:34
...
2006-06-06
acegi的MethodSecurityInterceptor实现
AfterInvocationProviderImp
ApplicationEventPublisherImp
BankManager
BankManagerImp
BankManagerImpTest
applicationContext.xml
users.properties
acegi的MethodSecurityInterceptor实现
AfterInvocationProviderImp
package com.bulain.test;
import org.acegisecurity.AccessDeniedException;
import org.acegisecurity.Authentication;
import org.acegisecurity.ConfigAttribute;
import org.acegisecurity.ConfigAttributeDefinition;
import org.acegisecurity.afterinvocation.AfterInvocationProvider;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.log4j.Logger;
public class AfterInvocationProviderImp implements AfterInvocationProvider {
private static Logger logger = Logger.getLogger(AfterInvocationProviderImp.class);
public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject)
throws AccessDeniedException {
return returnedObject;
}
public boolean supports(ConfigAttribute attribute) {
logger.info("ConfigAttribute: " + attribute);
if (attribute.getAttribute().equals("BANKSECURITY_CUSTOMER")) {
return true;
}
return false;
}
public boolean supports(Class clazz) {
logger.info("Class: " + clazz);
if (clazz == MethodInvocation.class) {
return true;
}
return false;
}
}
ApplicationEventPublisherImp
package com.bulain.test;
import org.apache.log4j.Logger;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationEventPublisher;
public class ApplicationEventPublisherImp implements ApplicationEventPublisher {
private static Logger logger = Logger.getLogger(ApplicationEventPublisherImp.class);
public void publishEvent(ApplicationEvent event) {
logger.info("publishEvent: " + event);
}
}
BankManager
package com.bulain.test;
public interface BankManager {
/**
* Delete something
*/
public void deleteSomething(int id);
/**
* Delete another
*/
public void deleteAnother(int id);
/**
* Get balance
*/
public float getBalance(int id);
}
BankManagerImp
package com.bulain.test;
import org.apache.log4j.Logger;
public class BankManagerImp implements BankManager {
private static Logger logger = Logger.getLogger(BankManagerImp.class);
public void deleteSomething(int id) {
logger.info("deleteSomething()");
}
public void deleteAnother(int id) {
logger.info("deleteAnother()");
}
public float getBalance(int id) {
logger.info("getBalance()");
return 0;
}
}
BankManagerImpTest
package com.bulain.test;
import junit.framework.TestCase;
import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.AuthenticationProvider;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.xml.XmlBeanFactory;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
public class BankManagerImpTest extends TestCase {
static Resource resource = new ClassPathResource("applicationContext.xml");
static BeanFactory factory = new XmlBeanFactory(resource);
private static void createSecureContext(final BeanFactory bf, final String username, final String password) {
AuthenticationProvider provider = (AuthenticationProvider) bf.getBean("daoAuthenticationProvider");
Authentication auth = provider.authenticate(new UsernamePasswordAuthenticationToken(username, password));
SecurityContextHolder.getContext().setAuthentication(auth);
}
// Clear the security context after each test.
public void teardown() {
SecurityContextHolder.setContext(new SecurityContextImpl());
}
public static void main(String[] args) {
junit.textui.TestRunner.run(BankManagerImpTest.class);
}
/*
* Test method for 'com.bulain.test.BankManagerImp.deleteSomething(int)'
*/
public void testDeleteSomething() {
BankManager bankManager = (BankManager) factory.getBean("bankManager");
createSecureContext(factory, "marissa", "koala");
bankManager.deleteSomething(10);
}
/*
* Test method for 'com.bulain.test.BankManagerImp.deleteAnother(int)'
*/
public void testDeleteAnother() {
BankManager bankManager = (BankManager) factory.getBean("bankManager");
createSecureContext(factory, "marissa", "koala");
bankManager.deleteAnother(10);
}
/*
* Test method for 'com.bulain.test.BankManagerImp.getBalance(int)'
*/
public void testGetBalance() {
BankManager bankManager = (BankManager) factory.getBean("bankManager");
createSecureContext(factory, "manager", "manager");
bankManager.getBalance(10);
}
}
applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans> <bean id="bankManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> <property name="validateConfigAttributes"> <value>true</value> </property> <property name="applicationEventPublisher"> <bean class="com.bulain.test.ApplicationEventPublisherImp"/> </property> <property name="authenticationManager"> <ref bean="authenticationManager"/> </property> <property name="accessDecisionManager"> <ref bean="accessDecisionManager"/> </property> <property name="runAsManager"> <ref bean="runAsManager"/> </property> <property name="afterInvocationManager"> <ref bean="afterInvocationManager"/> </property> <property name="objectDefinitionSource"> <value>com.bulain.test.BankManager.delete*=ROLE_SUPERVISOR,RUN_AS_SERVER com.bulain.test.BankManager.getBalance=ROLE_TELLER,ROLE_SUPERVISOR,BANKSECURITY_CUSTOMER,RUN_AS_SERVER</value> </property> </bean> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref local="daoAuthenticationProvider"/> <bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> <property name="key" value="changeThis"/> </bean> <bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> <property name="key" value="changeThis"/> </bean> </list> </property> </bean> <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions" value="false"/> <property name="decisionVoters"> <list> <bean class="org.acegisecurity.vote.RoleVoter"/> <bean class="org.acegisecurity.vote.AuthenticatedVoter"/> </list> </property> </bean> <bean id="runAsManager" class="org.acegisecurity.runas.RunAsManagerImpl"> <property name="key" value="KEY"/> </bean> <bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager"> <property name="providers"> <list> <bean class="com.bulain.test.AfterInvocationProviderImp"/> </list> </property> </bean> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService"/> <property name="userCache"> <bean class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"> <property name="cache"> <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <property name="cacheManager"> <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> </property> <property name="cacheName" value="userCache"/> </bean> </property> </bean> </property> </bean> <bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> <property name="userProperties"> <bean class="org.springframework.beans.factory.config.PropertiesFactoryBean"> <property name="location" value="users.properties"/> </bean> </property> </bean> <bean id="bankManagerImp" class="com.bulain.test.BankManagerImp"/> <bean id="bankManager" class="org.springframework.aop.framework.ProxyFactoryBean"> <property name="interceptorNames"> <list> <value>bankManagerSecurity</value> </list> </property> <property name="target"><ref local="bankManagerImp"/></property> </bean> </beans>
users.properties
marissa=koala,ROLE_SUPERVISOR dianne=emu,ROLE_USER scott=wombat,ROLE_USER peter=opal,disabled,ROLE_USER