Menu
▾
▴
[Openutils-svn] SF.net SVN: openutils: [392] trunk/openutils-hibernate-security/src
|
From: <fc...@us...> - 2007-08-09 08:47:25
|
Revision: 392
http://openutils.svn.sourceforge.net/openutils/?rev=392&view=rev
Author: fcarone
Date: 2007-08-09 01:47:26 -0700 (Thu, 09 Aug 2007)
Log Message:
-----------
The interceptor has been basically implemented. manager tests infrastructure started.
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
Added Paths:
-----------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateRUDSecurityInterceptor.java
trunk/openutils-hibernate-security/src/main/resources/docs/
trunk/openutils-hibernate-security/src/main/resources/docs/TODO
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/impl/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/impl/SecurityManagerImplTest.java
trunk/openutils-hibernate-security/src/test/resources/database.properties
trunk/openutils-hibernate-security/src/test/resources/dataset.dtd
trunk/openutils-hibernate-security/src/test/resources/hibernate.cfg.xml
trunk/openutils-hibernate-security/src/test/resources/log4j.dtd
trunk/openutils-hibernate-security/src/test/resources/log4j.xml
trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml
trunk/openutils-hibernate-security/src/test/resources/spring-database.xml
trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml
trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml
trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml
Removed Paths:
-------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateSecurityInterceptor.java
Added: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateRUDSecurityInterceptor.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateRUDSecurityInterceptor.java (rev 0)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateRUDSecurityInterceptor.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,101 @@
+/*
+ * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
+ */
+package it.openutils.hibernate.security.aop;
+
+import it.openutils.hibernate.security.dataobject.SecurityRule;
+import it.openutils.hibernate.security.services.SecurityRuleManager;
+
+import java.util.List;
+
+import org.acegisecurity.GrantedAuthority;
+import org.acegisecurity.context.SecurityContextHolder;
+import org.aopalliance.intercept.MethodInterceptor;
+import org.aopalliance.intercept.MethodInvocation;
+import org.apache.commons.lang.StringUtils;
+import org.hibernate.Filter;
+import org.hibernate.SessionFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * This is a Hibernate Read-Update-Delete security interceptor. This enforces a DENY_ALL default policy.
+ * @author fcarone
+ * @version $Id: $
+ */
+public class HibernateRUDSecurityInterceptor implements MethodInterceptor
+{
+
+ /**
+ * Logger.
+ */
+ private Logger log = LoggerFactory.getLogger(HibernateRUDSecurityInterceptor.class);
+
+ private SecurityRuleManager securityRuleManager;
+
+ private SessionFactory sessionFactory;
+
+ /**
+ * {@inheritDoc}
+ */
+ public Object invoke(MethodInvocation invocation) throws Throwable
+ {
+ Object[] arguments = invocation.getArguments();
+
+ String entity = StringUtils.EMPTY;
+ for (int i = 0; i < arguments.length; i++)
+ {
+ Object argument = arguments[i];
+ if (sessionFactory.getClassMetadata(argument.getClass()) != null)
+ {
+ entity = argument.getClass().getCanonicalName();
+ break;
+ }
+ }
+
+ // the current invocation is not about any session managed entity
+ if (StringUtils.isEmpty(entity))
+ {
+ return invocation.proceed();
+ }
+
+ GrantedAuthority[] authorities = SecurityContextHolder.getContext().getAuthentication().getAuthorities();
+ List<SecurityRule> rules = securityRuleManager.getRulesForRoles(entity, authorities);
+ if (rules.isEmpty())
+ {
+ String roles = StringUtils.EMPTY;
+ for (int i = 0; i < authorities.length; i++)
+ {
+ roles += authorities[i].getAuthority() + " ";
+ }
+ log.error("Access is denied for entity {}, and roles {}", entity, roles);
+ throw new SecurityException("Access is denied");
+ }
+ Filter filter = securityRuleManager.getEntityFilterFromRules(entity, rules);
+
+ sessionFactory.getCurrentSession().enableFilter(filter.getName());
+ Object result = invocation.proceed();
+ sessionFactory.getCurrentSession().disableFilter(filter.getName());
+ return result;
+ }
+
+ /**
+ * Sets the securityRuleManager.
+ * @param securityRuleManager the securityRuleManager to set
+ */
+ public void setSecurityRuleManager(SecurityRuleManager securityRuleManager)
+ {
+ this.securityRuleManager = securityRuleManager;
+ }
+
+ /**
+ * Sets the sessionFactory.
+ * @param sessionFactory the sessionFactory to set
+ */
+ public void setSessionFactory(SessionFactory sessionFactory)
+ {
+ this.sessionFactory = sessionFactory;
+ }
+
+}
Deleted: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateSecurityInterceptor.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateSecurityInterceptor.java 2007-08-08 15:38:52 UTC (rev 391)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateSecurityInterceptor.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -1,26 +0,0 @@
-/*
- * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
- */
-package it.openutils.hibernate.security.aop;
-
-import org.aopalliance.intercept.MethodInterceptor;
-import org.aopalliance.intercept.MethodInvocation;
-
-
-/**
- * @author fcarone
- * @version $Id: $
- */
-public class HibernateSecurityInterceptor implements MethodInterceptor
-{
-
- /**
- * {@inheritDoc}
- */
- public Object invoke(MethodInvocation invocation) throws Throwable
- {
- // TODO Auto-generated method stub
- return null;
- }
-
-}
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2007-08-08 15:38:52 UTC (rev 391)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -35,11 +35,11 @@
/**
* @param bean The bean to set rules for
* @param securityRules The list of {@link SecurityRule}s to apply.
- * @throws ClassNotFoundException
- * @throws InstantiationException
- * @throws IllegalAccessException
- * @throws SecurityException
- * @throws NoSuchFieldException
+ * @throws ClassNotFoundException If the bean class has not been found
+ * @throws InstantiationException If the bean doesn't contain the no-arg constructor
+ * @throws IllegalAccessException If the bean properties cannot be accessed
+ * @throws SecurityException If the bean class cannot be accessed
+ * @throws NoSuchFieldException If the property contained in the security rule refers to a bean non-existent field
*/
public JavaBeanFilter(String bean, List<SecurityRule> securityRules)
throws ClassNotFoundException,
@@ -120,10 +120,10 @@
throw new IllegalArgumentException("Modifier " + securityRule.getModifier() + "not recognized");
}
subFilterCond += field.getAnnotation(Column.class).name()
- + modifier
- + startQuote
- + securityRule.getValue()
- + endQuote;
+ + modifier
+ + startQuote
+ + securityRule.getValue()
+ + endQuote;
filterName += securityRule.getValue();
}
@@ -132,7 +132,10 @@
}
// filtername is unique, but untraceable
- this.filterDefinition = new FilterDefinition(Integer.toString(filterName.hashCode()), filterDefCondition, new HashMap());
+ this.filterDefinition = new FilterDefinition(
+ Integer.toString(filterName.hashCode()),
+ filterDefCondition,
+ new HashMap());
}
/**
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java 2007-08-08 15:38:52 UTC (rev 391)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -5,9 +5,9 @@
import it.openutils.hibernate.security.dataobject.SecurityRule;
-import java.lang.reflect.InvocationTargetException;
import java.util.List;
+import org.acegisecurity.GrantedAuthority;
import org.hibernate.Filter;
@@ -75,4 +75,11 @@
*/
public Filter getEntityFilterFromRules(String entity, List<SecurityRule> rules) throws SecurityException,
ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchFieldException;
+
+ /**
+ * @param entity
+ * @param authorities
+ * @return
+ */
+ List<SecurityRule> getRulesForRoles(String entity, GrantedAuthority[] authorities);
}
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2007-08-08 15:38:52 UTC (rev 391)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -8,16 +8,10 @@
import it.openutils.hibernate.security.filter.JavaBeanFilter;
import it.openutils.hibernate.security.services.SecurityRuleManager;
-import java.beans.PropertyDescriptor;
-import java.lang.reflect.InvocationTargetException;
-import java.util.HashMap;
+import java.util.ArrayList;
import java.util.List;
-import java.util.Map;
-import javax.persistence.Entity;
-import javax.persistence.Table;
-
-import org.apache.commons.beanutils.PropertyUtils;
+import org.acegisecurity.GrantedAuthority;
import org.hibernate.Filter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -68,7 +62,7 @@
public Filter getEntityFilterFromRules(String entity, List<SecurityRule> rules) throws SecurityException,
ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchFieldException
{
- // @todo: check rules consistency with the given entity
+ // @todo: check rules consistency with the gentity
return new JavaBeanFilter(entity, rules);
}
@@ -119,4 +113,21 @@
{
securityRuleDAO.update(securityRule);
}
+
+ /**
+ * {@inheritDoc}
+ */
+ public List<SecurityRule> getRulesForRoles(String entity, GrantedAuthority[] authorities)
+ {
+ List<SecurityRule> rules = new ArrayList<SecurityRule>();
+ for (int i = 0; i < authorities.length; i++)
+ {
+ GrantedAuthority authority = authorities[i];
+ SecurityRule filter = new SecurityRule();
+ filter.setEntity(entity);
+ filter.setRole(authority.getAuthority());
+ rules.addAll(findFiltered(filter));
+ }
+ return rules;
+ }
}
Added: trunk/openutils-hibernate-security/src/main/resources/docs/TODO
===================================================================
--- trunk/openutils-hibernate-security/src/main/resources/docs/TODO (rev 0)
+++ trunk/openutils-hibernate-security/src/main/resources/docs/TODO 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,4 @@
+TODO (in sparse order)
+
+1. Evaluate the use of hibernate ClassMetadata, instead of using reflection. This could enable the
+ java bean filter to work on non-annotated but configured classes.
Added: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/impl/SecurityManagerImplTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/impl/SecurityManagerImplTest.java (rev 0)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/impl/SecurityManagerImplTest.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
+ */
+package it.openutils.hibernate.security.services.impl;
+
+import it.openutils.hibernate.security.services.SecurityRuleManager;
+import it.openutils.testing.junit.GenericsDbUnitTestCase;
+
+
+/**
+ * @author fcarone
+ * @version $Id: $
+ */
+public class SecurityManagerImplTest extends GenericsDbUnitTestCase<SecurityRuleManager>
+{
+
+ public void testManagerApplyRules() throws Exception
+ {
+
+ }
+
+}
Added: trunk/openutils-hibernate-security/src/test/resources/database.properties
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/database.properties (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/database.properties 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,11 @@
+# ATTENZIONE: queste propriet\xE0 sono utilizzate solo per gli unit tests
+# i file per la configurazione del db utilizzati dall'applicazione web sono in
+# src/main/web-app/WEB-INF
+
+hibernate.connection.driver=org.apache.derby.jdbc.EmbeddedDriver
+hibernate.dialect=org.hibernate.dialect.DerbyDialect
+hibernate.connection.username=ikam
+hibernate.connection.password=
+hibernate.connection.url=jdbc:derby:target/db/openutils-usermanagement-db-test;create=true
+hibernate.hbm2ddl.auto=update
+
Added: trunk/openutils-hibernate-security/src/test/resources/dataset.dtd
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/dataset.dtd (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/dataset.dtd 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,13 @@
+<!ELEMENT dataset (table*)>
+<!ELEMENT table (column+,row+)>
+<!ATTLIST table
+ name CDATA #REQUIRED
+>
+<!ELEMENT row (value|null)+>
+<!ELEMENT column (#PCDATA)>
+<!ELEMENT value (#PCDATA)>
+<!ELEMENT null EMPTY>
+<!--
+nb una tabella senza righe sarebbe valida (per cancellare tutto il contenuto),
+ma NON DEVE ESISTERE NEI NOSTRI TEST IN QUANTO TUTTE LE TABELLE VENGONO SVUOTATE PRIMA DEL CARICAMENTO
+-->
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/hibernate.cfg.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/hibernate.cfg.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/hibernate.cfg.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,8 @@
+<!DOCTYPE hibernate-configuration PUBLIC
+ "-//Hibernate/Hibernate Configuration DTD 3.0//EN"
+ "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd">
+<hibernate-configuration>
+ <session-factory>
+ <mapping class="it.openutils.hibernate.security.dataobject.SecurityRule" />
+ </session-factory>
+</hibernate-configuration>
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/log4j.dtd
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/log4j.dtd (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/log4j.dtd 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,166 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+
+<!-- Authors: Chris Taylor, Ceki Gulcu. -->
+
+<!-- Version: 1.2 -->
+
+<!-- A configuration element consists of optional renderer
+elements,appender elements, categories and an optional root
+element. -->
+
+<!ELEMENT log4j:configuration (renderer*, appender*,(category|logger)*,root?,
+ categoryFactory?)>
+
+<!-- The "threshold" attribute takes a level value such that all -->
+<!-- logging statements with a level equal or below this value are -->
+<!-- disabled. -->
+
+<!-- Setting the "debug" enable the printing of internal log4j logging -->
+<!-- statements. -->
+
+<!-- By default, debug attribute is "null", meaning that we not do touch -->
+<!-- internal log4j logging settings. The "null" value for the threshold -->
+<!-- attribute can be misleading. The threshold field of a repository -->
+<!-- cannot be set to null. The "null" value for the threshold attribute -->
+<!-- simply means don't touch the threshold field, the threshold field -->
+<!-- keeps its old value. -->
+
+<!ATTLIST log4j:configuration
+ xmlns:log4j CDATA #FIXED "http://jakarta.apache.org/log4j/"
+ threshold (all|debug|info|warn|error|fatal|off|null) "null"
+ debug (true|false|null) "null"
+>
+
+<!-- renderer elements allow the user to customize the conversion of -->
+<!-- message objects to String. -->
+
+<!ELEMENT renderer EMPTY>
+<!ATTLIST renderer
+ renderedClass CDATA #REQUIRED
+ renderingClass CDATA #REQUIRED
+>
+
+<!-- Appenders must have a name and a class. -->
+<!-- Appenders may contain an error handler, a layout, optional parameters -->
+<!-- and filters. They may also reference (or include) other appenders. -->
+<!ELEMENT appender (errorHandler?, param*, layout?, filter*, appender-ref*)>
+<!ATTLIST appender
+ name ID #REQUIRED
+ class CDATA #REQUIRED
+>
+
+<!ELEMENT layout (param*)>
+<!ATTLIST layout
+ class CDATA #REQUIRED
+>
+
+<!ELEMENT filter (param*)>
+<!ATTLIST filter
+ class CDATA #REQUIRED
+>
+
+<!-- ErrorHandlers can be of any class. They can admit any number of -->
+<!-- parameters. -->
+
+<!ELEMENT errorHandler (param*, root-ref?, logger-ref*, appender-ref?)>
+<!ATTLIST errorHandler
+ class CDATA #REQUIRED
+>
+
+<!ELEMENT root-ref EMPTY>
+
+<!ELEMENT logger-ref EMPTY>
+<!ATTLIST logger-ref
+ ref IDREF #REQUIRED
+>
+
+<!ELEMENT param EMPTY>
+<!ATTLIST param
+ name CDATA #REQUIRED
+ value CDATA #REQUIRED
+>
+
+
+<!-- The priority class is org.apache.log4j.Level by default -->
+<!ELEMENT priority (param*)>
+<!ATTLIST priority
+ class CDATA #IMPLIED
+ value CDATA #REQUIRED
+>
+
+<!-- The level class is org.apache.log4j.Level by default -->
+<!ELEMENT level (param*)>
+<!ATTLIST level
+ class CDATA #IMPLIED
+ value CDATA #REQUIRED
+>
+
+
+<!-- If no level element is specified, then the configurator MUST not -->
+<!-- touch the level of the named category. -->
+<!ELEMENT category (param*,(priority|level)?,appender-ref*)>
+<!ATTLIST category
+ class CDATA #IMPLIED
+ name CDATA #REQUIRED
+ additivity (true|false) "true"
+>
+
+<!-- If no level element is specified, then the configurator MUST not -->
+<!-- touch the level of the named logger. -->
+<!ELEMENT logger (level?,appender-ref*)>
+<!ATTLIST logger
+ name ID #REQUIRED
+ additivity (true|false) "true"
+>
+
+
+<!ELEMENT categoryFactory (param*)>
+<!ATTLIST categoryFactory
+ class CDATA #REQUIRED>
+
+<!ELEMENT appender-ref EMPTY>
+<!ATTLIST appender-ref
+ ref IDREF #REQUIRED
+>
+
+<!-- If no priority element is specified, then the configurator MUST not -->
+<!-- touch the priority of root. -->
+<!-- The root category always exists and cannot be subclassed. -->
+<!ELEMENT root (param*, (priority|level)?, appender-ref*)>
+
+
+<!-- ==================================================================== -->
+<!-- A logging event -->
+<!-- ==================================================================== -->
+<!ELEMENT log4j:eventSet (log4j:event*)>
+<!ATTLIST log4j:eventSet
+ xmlns:log4j CDATA #FIXED "http://jakarta.apache.org/log4j/"
+ version (1.1|1.2) "1.2"
+ includesLocationInfo (true|false) "true"
+>
+
+
+
+<!ELEMENT log4j:event (log4j:message, log4j:NDC?, log4j:throwable?,
+ log4j:locationInfo?) >
+
+<!-- The timestamp format is application dependent. -->
+<!ATTLIST log4j:event
+ logger CDATA #REQUIRED
+ level CDATA #REQUIRED
+ thread CDATA #REQUIRED
+ timestamp CDATA #REQUIRED
+>
+
+<!ELEMENT log4j:message (#PCDATA)>
+<!ELEMENT log4j:NDC (#PCDATA)>
+
+<!ELEMENT log4j:throwable (#PCDATA)>
+
+<!ELEMENT log4j:locationInfo EMPTY>
+<!ATTLIST log4j:locationInfo
+ class CDATA #REQUIRED
+ method CDATA #REQUIRED
+ file CDATA #REQUIRED
+ line CDATA #REQUIRED
+>
Added: trunk/openutils-hibernate-security/src/test/resources/log4j.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/log4j.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/log4j.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
+<log4j:configuration>
+ <!-- log4j test configuration -->
+ <appender name="test-appender" class="org.apache.log4j.ConsoleAppender">
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%-5p %c.%M(%C{1}.java:%L) %m%n" />
+ <!-- <param name="ConversionPattern" value="%-5p %m%n" />-->
+ </layout>
+ </appender>
+ <category name="it">
+ <priority value="debug" />
+ </category>
+ <category name="org">
+ <priority value="warn" />
+ </category>
+ <category name="com">
+ <priority value="warn" />
+ </category>
+ <category name="net">
+ <priority value="warn" />
+ </category>
+ <category name="org.hibernate">
+ <priority value="warn" />
+ </category>
+ <category name="it.openutils.test.ApplicationContextHolder">
+ <priority value="info" />
+ </category>
+ <category name="it.openutils.test.BaseDAOTestCase">
+ <priority value="INFO" />
+ </category>
+ <category name="it.openutils">
+ <priority value="INFO" />
+ </category>
+ <category name="it.openutils.test">
+ <priority value="INFO" />
+ </category>
+ <category name="it.openutils.dbupdate.DbSetupManagerImpl">
+ <priority value="INFO" />
+ </category>
+ <root>
+ <priority value="debug" />
+ <appender-ref ref="test-appender" />
+ </root>
+</log4j:configuration>
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
+"http://www.springframework.org/dtd/spring-beans.dtd">
+<beans>
+ <bean id="securityRuleDAO" parent="txProxyTemplate">
+ <property name="target">
+ <bean class="it.openutils.hibernate.security.dao.SecurityRuleDAOImpl">
+ <property name="sessionFactory" ref="sessionFactory" />
+ </bean>
+ </property>
+ </bean>
+</beans>
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/spring-database.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-database.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-database.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+ # ATTENZIONE: queste proprietà sono utilizzate solo per gli unit tests
+ # i file per la configurazione del db utilizzati dall'applicazione web sono in
+ # src/main/web-app/WEB-INF
+-->
+<beans>
+ <bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
+ <property name="location">
+ <value>classpath:database.properties</value>
+ </property>
+ </bean>
+ <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
+ <property name="driverClassName">
+ <value>${hibernate.connection.driver}</value>
+ </property>
+ <property name="url">
+ <value>${hibernate.connection.url}</value>
+ </property>
+ <property name="username">
+ <value>${hibernate.connection.username}</value>
+ </property>
+ <property name="password">
+ <value>${hibernate.connection.password}</value>
+ </property>
+ </bean>
+</beans>
Added: trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
+"http://www.springframework.org/dtd/spring-beans.dtd">
+<beans>
+
+ <bean id="sessionFactory" class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">
+ <property name="dataSource">
+ <ref bean="dataSource" />
+ </property>
+ <property name="configLocation">
+ <value>classpath:hibernate.cfg.xml</value>
+ </property>
+ <property name="configurationClass">
+ <value>org.hibernate.cfg.AnnotationConfiguration</value>
+ </property>
+ <property name="hibernateProperties">
+ <props>
+ <prop key="hibernate.dialect">${hibernate.dialect}</prop>
+ <prop key="hibernate.generate_statistics">false</prop>
+ <prop key="hibernate.bytecode.use_reflection_optimizer">true</prop>
+ <prop key="hibernate.show_sql">false</prop>
+ <prop key="hibernate.use_sql_comments">false</prop>
+ <prop key="hibernate.hbm2ddl.auto">${hibernate.hbm2ddl.auto}</prop>
+ </props>
+ </property>
+ </bean>
+ <bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">
+ <property name="sessionFactory">
+ <ref local="sessionFactory" />
+ </property>
+ </bean>
+ <bean id="txProxyTemplate" abstract="true"
+ class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
+ <property name="transactionManager">
+ <ref bean="transactionManager" />
+ </property>
+ <property name="transactionAttributes">
+ <props>
+ <prop key="save*">PROPAGATION_REQUIRED</prop>
+ <prop key="delete*">PROPAGATION_REQUIRED</prop>
+ <prop key="update*">PROPAGATION_REQUIRED</prop>
+ <prop key="clean*">PROPAGATION_REQUIRED</prop>
+ <prop key="*">PROPAGATION_REQUIRED,readOnly</prop>
+ </props>
+ </property>
+ </bean>
+</beans>
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,17 @@
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<beans>
+ <bean id="securityRuleManager" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean"
+ autowire="byType">
+ <property name="transactionManager">
+ <ref bean="transactionManager" />
+ </property>
+ <property name="transactionAttributes">
+ <props>
+ <prop key="*">PROPAGATION_REQUIRED</prop>
+ </props>
+ </property>
+ <property name="target">
+ <bean class="it.openutils.hibernate.security.services.impl.SecurityRuleManagerImpl" autowire="byType"></bean>
+ </property>
+ </bean>
+</beans>
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<beans>
+ <import resource="classpath:spring-database.xml" />
+ <import resource="classpath:spring-hibernate.xml" />
+ <import resource="classpath:spring-dao.xml" />
+ <import resource="classpath:spring-managers.xml" />
+</beans>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
