acegi的MethodSecurityInterceptor 博客分类: acegi study AcegiBeanDAOXMLCache
程序员文章站
2024-02-13 10:24:34
...
2006-06-06
acegi的MethodSecurityInterceptor实现
AfterInvocationProviderImp
ApplicationEventPublisherImp
BankManager
BankManagerImp
BankManagerImpTest
applicationContext.xml
users.properties
acegi的MethodSecurityInterceptor实现
AfterInvocationProviderImp
package com.bulain.test; import org.acegisecurity.AccessDeniedException; import org.acegisecurity.Authentication; import org.acegisecurity.ConfigAttribute; import org.acegisecurity.ConfigAttributeDefinition; import org.acegisecurity.afterinvocation.AfterInvocationProvider; import org.aopalliance.intercept.MethodInvocation; import org.apache.log4j.Logger; public class AfterInvocationProviderImp implements AfterInvocationProvider { private static Logger logger = Logger.getLogger(AfterInvocationProviderImp.class); public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject) throws AccessDeniedException { return returnedObject; } public boolean supports(ConfigAttribute attribute) { logger.info("ConfigAttribute: " + attribute); if (attribute.getAttribute().equals("BANKSECURITY_CUSTOMER")) { return true; } return false; } public boolean supports(Class clazz) { logger.info("Class: " + clazz); if (clazz == MethodInvocation.class) { return true; } return false; } }
ApplicationEventPublisherImp
package com.bulain.test; import org.apache.log4j.Logger; import org.springframework.context.ApplicationEvent; import org.springframework.context.ApplicationEventPublisher; public class ApplicationEventPublisherImp implements ApplicationEventPublisher { private static Logger logger = Logger.getLogger(ApplicationEventPublisherImp.class); public void publishEvent(ApplicationEvent event) { logger.info("publishEvent: " + event); } }
BankManager
package com.bulain.test; public interface BankManager { /** * Delete something */ public void deleteSomething(int id); /** * Delete another */ public void deleteAnother(int id); /** * Get balance */ public float getBalance(int id); }
BankManagerImp
package com.bulain.test; import org.apache.log4j.Logger; public class BankManagerImp implements BankManager { private static Logger logger = Logger.getLogger(BankManagerImp.class); public void deleteSomething(int id) { logger.info("deleteSomething()"); } public void deleteAnother(int id) { logger.info("deleteAnother()"); } public float getBalance(int id) { logger.info("getBalance()"); return 0; } }
BankManagerImpTest
package com.bulain.test; import junit.framework.TestCase; import org.acegisecurity.Authentication; import org.acegisecurity.context.SecurityContextHolder; import org.acegisecurity.context.SecurityContextImpl; import org.acegisecurity.providers.AuthenticationProvider; import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; import org.springframework.beans.factory.BeanFactory; import org.springframework.beans.factory.xml.XmlBeanFactory; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; public class BankManagerImpTest extends TestCase { static Resource resource = new ClassPathResource("applicationContext.xml"); static BeanFactory factory = new XmlBeanFactory(resource); private static void createSecureContext(final BeanFactory bf, final String username, final String password) { AuthenticationProvider provider = (AuthenticationProvider) bf.getBean("daoAuthenticationProvider"); Authentication auth = provider.authenticate(new UsernamePasswordAuthenticationToken(username, password)); SecurityContextHolder.getContext().setAuthentication(auth); } // Clear the security context after each test. public void teardown() { SecurityContextHolder.setContext(new SecurityContextImpl()); } public static void main(String[] args) { junit.textui.TestRunner.run(BankManagerImpTest.class); } /* * Test method for 'com.bulain.test.BankManagerImp.deleteSomething(int)' */ public void testDeleteSomething() { BankManager bankManager = (BankManager) factory.getBean("bankManager"); createSecureContext(factory, "marissa", "koala"); bankManager.deleteSomething(10); } /* * Test method for 'com.bulain.test.BankManagerImp.deleteAnother(int)' */ public void testDeleteAnother() { BankManager bankManager = (BankManager) factory.getBean("bankManager"); createSecureContext(factory, "marissa", "koala"); bankManager.deleteAnother(10); } /* * Test method for 'com.bulain.test.BankManagerImp.getBalance(int)' */ public void testGetBalance() { BankManager bankManager = (BankManager) factory.getBean("bankManager"); createSecureContext(factory, "manager", "manager"); bankManager.getBalance(10); } }
applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans> <bean id="bankManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> <property name="validateConfigAttributes"> <value>true</value> </property> <property name="applicationEventPublisher"> <bean class="com.bulain.test.ApplicationEventPublisherImp"/> </property> <property name="authenticationManager"> <ref bean="authenticationManager"/> </property> <property name="accessDecisionManager"> <ref bean="accessDecisionManager"/> </property> <property name="runAsManager"> <ref bean="runAsManager"/> </property> <property name="afterInvocationManager"> <ref bean="afterInvocationManager"/> </property> <property name="objectDefinitionSource"> <value>com.bulain.test.BankManager.delete*=ROLE_SUPERVISOR,RUN_AS_SERVER com.bulain.test.BankManager.getBalance=ROLE_TELLER,ROLE_SUPERVISOR,BANKSECURITY_CUSTOMER,RUN_AS_SERVER</value> </property> </bean> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref local="daoAuthenticationProvider"/> <bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> <property name="key" value="changeThis"/> </bean> <bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> <property name="key" value="changeThis"/> </bean> </list> </property> </bean> <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions" value="false"/> <property name="decisionVoters"> <list> <bean class="org.acegisecurity.vote.RoleVoter"/> <bean class="org.acegisecurity.vote.AuthenticatedVoter"/> </list> </property> </bean> <bean id="runAsManager" class="org.acegisecurity.runas.RunAsManagerImpl"> <property name="key" value="KEY"/> </bean> <bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager"> <property name="providers"> <list> <bean class="com.bulain.test.AfterInvocationProviderImp"/> </list> </property> </bean> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService"/> <property name="userCache"> <bean class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"> <property name="cache"> <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <property name="cacheManager"> <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> </property> <property name="cacheName" value="userCache"/> </bean> </property> </bean> </property> </bean> <bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> <property name="userProperties"> <bean class="org.springframework.beans.factory.config.PropertiesFactoryBean"> <property name="location" value="users.properties"/> </bean> </property> </bean> <bean id="bankManagerImp" class="com.bulain.test.BankManagerImp"/> <bean id="bankManager" class="org.springframework.aop.framework.ProxyFactoryBean"> <property name="interceptorNames"> <list> <value>bankManagerSecurity</value> </list> </property> <property name="target"><ref local="bankManagerImp"/></property> </bean> </beans>
users.properties
marissa=koala,ROLE_SUPERVISOR dianne=emu,ROLE_USER scott=wombat,ROLE_USER peter=opal,disabled,ROLE_USER