Menu
▾
▴
[Openutils-svn] SF.net SVN: openutils: [640] trunk/openutils-hibernate-security
|
From: <fc...@us...> - 2008-02-19 15:37:09
|
Revision: 640
http://openutils.svn.sourceforge.net/openutils/?rev=640&view=rev
Author: fcarone
Date: 2008-02-19 07:36:46 -0800 (Tue, 19 Feb 2008)
Log Message:
-----------
SecurityIntegrationTest updated
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java
trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml
trunk/openutils-hibernate-security/src/test/resources/log4j.xml
trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml
trunk/openutils-hibernate-security/src/test/resources/spring-database.xml
trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml
trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml
trunk/openutils-hibernate-security/src/test/resources/spring-security.xml
trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml
Property Changed:
----------------
trunk/openutils-hibernate-security/
Property changes on: trunk/openutils-hibernate-security
___________________________________________________________________
Name: svn:ignore
- target
.settings
.checkstyle
.classpath
.project
derby.log
+ target
.settings
.checkstyle
.classpath
.project
derby.log
test-output
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java 2008-02-19 15:36:46 UTC (rev 640)
@@ -1,5 +1,17 @@
/*
- * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
+ * Copyright Openmind http://www.openmindonline.it
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
package it.openutils.hibernate.security.aop;
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java 2008-02-19 15:36:46 UTC (rev 640)
@@ -32,7 +32,6 @@
import org.acegisecurity.vote.AccessDecisionVoter;
import org.apache.commons.beanutils.BeanUtils;
import org.apache.commons.lang.StringUtils;
-import org.apache.commons.lang.enums.EnumUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.framework.ReflectiveMethodInvocation;
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java 2008-02-19 15:36:46 UTC (rev 640)
@@ -3,24 +3,31 @@
import it.openutils.hibernate.example.FilterMetadata;
import it.openutils.hibernate.security.apptest.DummyDAO;
import it.openutils.hibernate.security.apptest.DummyDataobject;
-import it.openutils.testing.junit.DbUnitTestCase;
+import it.openutils.hibernate.security.apptest.DummyObjectManager;
+import it.openutils.testing.DbUnitExecution;
+import it.openutils.testing.junit.AbstractDbUnitJunitSpringContextTests;
-import java.sql.SQLException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
+import org.acegisecurity.AccessDeniedException;
import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.AuthenticationProvider;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
-import org.dbunit.database.DatabaseConfig;
-import org.dbunit.database.IDatabaseConnection;
+import org.dbunit.operation.InsertOperation;
import org.hibernate.criterion.Criterion;
import org.hibernate.criterion.Order;
import org.junit.Assert;
import org.junit.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestExecutionListeners;
+import org.springframework.test.context.transaction.TransactionConfiguration;
+import org.springframework.test.context.transaction.TransactionalTestExecutionListener;
+import org.springframework.transaction.annotation.Transactional;
/*
@@ -31,28 +38,27 @@
* @author fcarone
* @version $Id: $
*/
-public class SecurityIntegrationTest extends DbUnitTestCase
+@ContextConfiguration(locations = {"/spring-tests.xml" })
+@DbUnitExecution(datasets = {"/SecurityIntegrationTest-load.xml" }, dataSource = "dataSource", //
+ dataTypeFactory = HsqlDatatypeFactory.class,
+ insertOperation = InsertOperation.class)
+@TestExecutionListeners({TransactionalTestExecutionListener.class })
+@Transactional
+@TransactionConfiguration(transactionManager = "transactionManager")
+public class SecurityIntegrationTest extends AbstractDbUnitJunitSpringContextTests
{
+ @Autowired
private DummyDAO securedObject;
+ @Autowired
+ private AuthenticationProvider authenticationProvider;
+ @Autowired
+ private DummyObjectManager dummyObjectManager;
- /**
- * {@inheritDoc}
- */
- @Override
- protected IDatabaseConnection createConnection() throws SQLException
- {
- IDatabaseConnection connection = super.createConnection();
- DatabaseConfig config = connection.getConfig();
- config.setProperty(DatabaseConfig.PROPERTY_DATATYPE_FACTORY, new HsqlDatatypeFactory());
- return connection;
- }
-
private void authenticate(String username, String password)
{
- AuthenticationProvider authenticationProvider = (AuthenticationProvider) ctx.getBean("authenticationProvider");
Authentication authentication = new UsernamePasswordAuthenticationToken(username, password);
authentication = authenticationProvider.authenticate(authentication);
SecurityContextImpl sci = new SecurityContextImpl();
@@ -70,7 +76,6 @@
authenticate("UserUno", "password");
// test
- securedObject = (DummyDAO) ctx.getBean("dummyDAO");
DummyDataobject filter = new DummyDataobject();
List<DummyDataobject> dummyObjects = securedObject.findFiltered(
filter,
@@ -80,11 +85,134 @@
0,
new ArrayList<Criterion>());
Assert.assertNotNull(dummyObjects);
+ Assert.assertEquals(1, dummyObjects.size());
dummyObjects = securedObject.findFiltered(filter);
Assert.assertNotNull(dummyObjects);
Assert.assertEquals(1, dummyObjects.size());
+ }
+ /**
+ * @throws Exception Any exception
+ */
+ @Test
+ public void testUpdateOK() throws Exception
+ {
+ authenticate("UserUno", "password");
+ DummyDataobject filter = new DummyDataobject();
+ List<DummyDataobject> dummyObjects = securedObject.findFiltered(filter);
+ Assert.assertNotNull(dummyObjects);
+ DummyDataobject ddo = dummyObjects.get(0);
+
+ ddo.setStringValue("ModifiedValue");
+
+ dummyObjectManager.update(ddo);
}
+ /**
+ * @throws Exception Any exception
+ */
+ @Test(expected = AccessDeniedException.class)
+ public void testUpdateNoGo() throws Exception
+ {
+ authenticate("UserDue", "password");
+ DummyDataobject filter = new DummyDataobject();
+ List<DummyDataobject> dummyObjects = securedObject.findFiltered(filter);
+ Assert.assertNotNull(dummyObjects);
+ DummyDataobject ddo = dummyObjects.get(0);
+
+ ddo.setStringValue("ModifiedValue");
+
+ dummyObjectManager.update(ddo);
+ }
+
+ /**
+ * @throws Exception Any exception
+ */
+ @Test
+ public void testDeleteOk() throws Exception
+ {
+ authenticate("UserUno", "password");
+ DummyDataobject filter = new DummyDataobject();
+ List<DummyDataobject> dummyObjects = securedObject.findFiltered(filter);
+ Assert.assertNotNull(dummyObjects);
+ DummyDataobject ddo = dummyObjects.get(0);
+
+ dummyObjectManager.delete(ddo);
+ }
+
+ /**
+ * @throws Exception Any exception
+ */
+ @Test(expected = AccessDeniedException.class)
+ public void testDeleteNoGo() throws Exception
+ {
+ authenticate("UserDue", "password");
+ DummyDataobject filter = new DummyDataobject();
+ List<DummyDataobject> dummyObjects = securedObject.findFiltered(filter);
+ Assert.assertNotNull(dummyObjects);
+ DummyDataobject ddo = dummyObjects.get(0);
+
+ dummyObjectManager.delete(ddo);
+ }
+
+ /**
+ * @throws Exception Any exception
+ */
+ @Test(expected = AccessDeniedException.class)
+ public void testCreateNoGo() throws Exception
+ {
+ authenticate("UserUno", "password");
+ DummyDataobject filter = new DummyDataobject();
+ List<DummyDataobject> dummyObjects = securedObject.findFiltered(filter);
+ Assert.assertNotNull(dummyObjects);
+ DummyDataobject ddo = dummyObjects.get(0);
+
+ dummyObjectManager.create(ddo);
+ }
+
+ /**
+ * @throws Exception Any exception
+ */
+ @Test
+ public void testCreateOk() throws Exception
+ {
+ authenticate("UserDue", "password");
+ DummyDataobject filter = new DummyDataobject();
+ List<DummyDataobject> dummyObjects = securedObject.findFiltered(filter);
+ Assert.assertNotNull(dummyObjects);
+ DummyDataobject ddo = dummyObjects.get(0);
+
+ dummyObjectManager.create(ddo);
+ }
+
+ /**
+ * Sets the securedObject.
+ * @param securedObject the securedObject to set
+ */
+ public void setSecuredObject(DummyDAO securedObject)
+ {
+ this.securedObject = securedObject;
+ }
+
+
+ /**
+ * Sets the authenticationProvider.
+ * @param authenticationProvider the authenticationProvider to set
+ */
+ public void setAuthenticationProvider(AuthenticationProvider authenticationProvider)
+ {
+ this.authenticationProvider = authenticationProvider;
+ }
+
+
+ /**
+ * Sets the dummyObjectManager.
+ * @param dummyObjectManager the dummyObjectManager to set
+ */
+ public void setDummyObjectManager(DummyObjectManager dummyObjectManager)
+ {
+ this.dummyObjectManager = dummyObjectManager;
+ }
+
}
Modified: trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml 2008-02-19 15:36:46 UTC (rev 640)
@@ -65,7 +65,7 @@
<value>GRUPPOUNO</value>
</row>
<row>
- <value>UserUno</value>
+ <value>UserDue</value>
<value>GRUPPODUE</value>
</row>
</table>
@@ -101,6 +101,22 @@
<value>1</value>
<value>EQUALS</value>
</row>
+ <row>
+ <value>2</value>
+ <value>RoleDue</value>
+ <value>it.openutils.hibernate.security.apptest.DummyDataobject</value>
+ <value>intValue</value>
+ <value>1</value>
+ <value>EQUALS</value>
+ </row>
+ <row>
+ <value>3</value>
+ <value>RoleTre</value>
+ <value>it.openutils.hibernate.security.apptest.DummyDataobject</value>
+ <value>intValue</value>
+ <value>1</value>
+ <value>EQUALS</value>
+ </row>
</table>
<table name="SECRULE_PERMISSION">
<column>ID_SECURITY_RULE</column>
@@ -109,6 +125,22 @@
<value>1</value>
<value>LOAD</value>
</row>
+ <row>
+ <value>1</value>
+ <value>MODIFY</value>
+ </row>
+ <row>
+ <value>2</value>
+ <value>DELETE</value>
+ </row>
+ <row>
+ <value>3</value>
+ <value>LOAD</value>
+ </row>
+ <row>
+ <value>3</value>
+ <value>CREATE</value>
+ </row>
</table>
<table name="DUMMYDATAOBJECT">
<column>ID</column>
Modified: trunk/openutils-hibernate-security/src/test/resources/log4j.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/log4j.xml 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/test/resources/log4j.xml 2008-02-19 15:36:46 UTC (rev 640)
@@ -38,9 +38,12 @@
<category name="it.openutils.dbupdate.DbSetupManagerImpl">
<priority value="INFO" />
</category>
- <category name="it.openutils.hibernate.security.aop">
+ <category name="it.openutils.hibernate.security">
<priority value="DEBUG" />
</category>
+ <category name="org.acegisecurity">
+ <priority value="DEBUG" />
+ </category>
<root>
<priority value="debug" />
<appender-ref ref="test-appender" />
Modified: trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml 2008-02-19 15:36:46 UTC (rev 640)
@@ -1,7 +1,7 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
-"http://www.springframework.org/dtd/spring-beans.dtd">
-<beans>
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd">
<bean id="userDAO" parent="txProxyTemplate">
<property name="target">
<bean class="it.openutils.usermanagement.dao.UserDAOImpl">
@@ -9,18 +9,19 @@
</bean>
</property>
</bean>
- <bean id="securityRuleDAO" parent="txProxyTemplate">
- <property name="target">
- <bean class="it.openutils.hibernate.security.dao.impl.SecurityRuleDAOImpl">
- <property name="sessionFactory" ref="sessionFactory" />
- </bean>
- </property>
+ <bean id="securityRuleDAO" parent="txProxyTemplate">
+ <property name="target">
+ <bean class="it.openutils.hibernate.security.dao.impl.SecurityRuleDAOImpl">
+ <property name="sessionFactory" ref="sessionFactory" />
+ </bean>
+ </property>
</bean>
<bean id="dummyDAO" parent="txProxyTemplate">
<property name="target">
<bean class="it.openutils.hibernate.security.apptest.DummyDaoImpl">
<property name="sessionFactory" ref="sessionFactory" />
+ <property name="aopenabled" value="true" />
</bean>
</property>
- </bean>
+ </bean>
</beans>
\ No newline at end of file
Modified: trunk/openutils-hibernate-security/src/test/resources/spring-database.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-database.xml 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-database.xml 2008-02-19 15:36:46 UTC (rev 640)
@@ -1,7 +1,7 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<beans>
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd">
<bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="location">
<value>classpath:database.properties</value>
Modified: trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml 2008-02-19 15:36:46 UTC (rev 640)
@@ -1,7 +1,7 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
-"http://www.springframework.org/dtd/spring-beans.dtd">
-<beans>
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd">
<bean id="sessionFactory" class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">
<property name="dataSource">
Modified: trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml 2008-02-19 15:36:46 UTC (rev 640)
@@ -1,17 +1,49 @@
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-<beans>
- <bean id="securityRuleManager" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean"
- autowire="byType">
- <property name="transactionManager">
- <ref bean="transactionManager" />
- </property>
- <property name="transactionAttributes">
- <props>
- <prop key="*">PROPAGATION_REQUIRED</prop>
- </props>
- </property>
- <property name="target">
- <bean class="it.openutils.hibernate.security.services.impl.SecurityRuleManagerImpl" autowire="byType"></bean>
- </property>
- </bean>
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+ <bean id="securityRuleManager" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
+ <property name="transactionManager">
+ <ref bean="transactionManager" />
+ </property>
+ <property name="transactionAttributes">
+ <props>
+ <prop key="*">PROPAGATION_REQUIRED</prop>
+ </props>
+ </property>
+ <property name="target">
+ <bean class="it.openutils.hibernate.security.services.impl.SecurityRuleManagerImpl" autowire="byType"></bean>
+ </property>
+ </bean>
+ <bean id="dummyObjectManager" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
+ <property name="transactionManager">
+ <ref bean="transactionManager" />
+ </property>
+ <property name="transactionAttributes">
+ <props>
+ <prop key="*">PROPAGATION_REQUIRED</prop>
+ </props>
+ </property>
+ <property name="target">
+ <bean class="it.openutils.hibernate.security.apptest.DummyObjectManagerImpl">
+ <property name="dummyDAO" ref="dummyDAO" />
+ </bean>
+ </property>
+ </bean>
+ <bean id="userManager" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
+ <property name="transactionManager">
+ <ref bean="transactionManager" />
+ </property>
+ <property name="transactionAttributes">
+ <props>
+ <prop key="*">PROPAGATION_REQUIRED</prop>
+ </props>
+ </property>
+ <property name="target">
+ <bean class="it.openutils.usermanagement.manager.UserManagerImpl">
+ <property name="passwordEncoder" ref="passwordEncoder" />
+ <property name="userDAO" ref="userDAO" />
+ </bean>
+ </property>
+ </bean>
</beans>
\ No newline at end of file
Modified: trunk/openutils-hibernate-security/src/test/resources/spring-security.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-security.xml 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-security.xml 2008-02-19 15:36:46 UTC (rev 640)
@@ -1,8 +1,11 @@
-<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:aop="http://www.springframework.org/schema/aop"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd">
+ xmlns:util="http://www.springframework.org/schema/util" xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd
+ http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd">
+
<aop:aspectj-autoproxy />
+
<bean id="securityAspect" class="it.openutils.hibernate.security.aop.AOPSecurity">
<property name="securityRuleManager" ref="securityRuleManager" />
<property name="enabled" value="true" />
@@ -12,26 +15,60 @@
</list>
</property>
</bean>
+
<bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.ShaPasswordEncoder" />
+
<bean id="userDetailsService" class="it.openutils.usermanagement.acegi.HibernateUserDetailsServiceImpl"
autowire="byType">
<property name="userDao" ref="userDAO" />
</bean>
- <bean id="authenticationProvider" class="org.springframework.aop.framework.ProxyFactoryBean" lazy-init="true">
- <property name="targetName" value="authenticationProviderDB" />
+
+ <bean id="authenticationProviderDB" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"
+ lazy-init="true">
+ <property name="userDetailsService" ref="userDetailsService" />
+ <property name="passwordEncoder" ref="passwordEncoder" />
</bean>
+
+ <bean id="authenticationManager" class="org.acegisecurity.MockAuthenticationManager" />
+
<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter" />
- <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
+
+ <bean id="securityRuleVoter" class="it.openutils.hibernate.security.filter.SecurityRuleAccessDecisionVoter">
+ <property name="securityRuleManager" ref="securityRuleManager" />
+ </bean>
+
+ <bean id="accessDecisionManager" class="org.acegisecurity.vote.UnanimousBased">
<property name="allowIfAllAbstainDecisions" value="false" />
<property name="decisionVoters">
<list>
<ref bean="roleVoter" />
+ <ref bean="securityRuleVoter" />
</list>
</property>
</bean>
- <bean id="authenticationProviderDB" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"
- lazy-init="true">
- <property name="userDetailsService" ref="userDetailsService" />
- <property name="passwordEncoder" ref="passwordEncoder" />
+
+ <bean id="securityInterceptor" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
+ <property name="authenticationManager" ref="authenticationManager" />
+ <property name="accessDecisionManager" ref="accessDecisionManager" />
+ <property name="objectDefinitionSource">
+ <value>
+ it.openutils.hibernate.security.apptest.DummyObjectManager.update=MODIFY
+ it.openutils.hibernate.security.apptest.DummyObjectManager.create=CREATE
+ it.openutils.hibernate.security.apptest.DummyObjectManager.delete=DELETE
+ </value>
+ </property>
</bean>
+
+ <bean class="org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator">
+ <property name="beanNames">
+ <list>
+ <idref bean="dummyObjectManager" />
+ </list>
+ </property>
+ <property name="interceptorNames">
+ <list>
+ <value>securityInterceptor</value>
+ </list>
+ </property>
+ </bean>
</beans>
Modified: trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml 2008-02-19 15:34:28 UTC (rev 639)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml 2008-02-19 15:36:46 UTC (rev 640)
@@ -1,6 +1,8 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-<beans>
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+
<import resource="classpath:spring-database.xml" />
<import resource="classpath:spring-hibernate.xml" />
<import resource="classpath:spring-dao.xml" />
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
