当前位置:首页 > 开发 > 编程语言 > 编程 > 正文

acegi的MethodSecurityInterceptor

发表于: 2006-06-06   作者:bulain   来源:转载   浏览次数:
摘要: 2006-06-06 acegi的MethodSecurityInterceptor实现 AfterInvocationProviderImp package com.bulain.test; import org.acegisecurity.AccessDeniedException; import org.acegisecurity.Authenticatio
2006-06-06

acegi的MethodSecurityInterceptor实现


AfterInvocationProviderImp

package com.bulain.test;

import org.acegisecurity.AccessDeniedException;
import org.acegisecurity.Authentication;
import org.acegisecurity.ConfigAttribute;
import org.acegisecurity.ConfigAttributeDefinition;
import org.acegisecurity.afterinvocation.AfterInvocationProvider;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.log4j.Logger;

public class AfterInvocationProviderImp implements AfterInvocationProvider {
	private static Logger logger = Logger.getLogger(AfterInvocationProviderImp.class);

	public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject)
			throws AccessDeniedException {
		return returnedObject;
	}

	public boolean supports(ConfigAttribute attribute) {
		logger.info("ConfigAttribute: " + attribute);
		if (attribute.getAttribute().equals("BANKSECURITY_CUSTOMER")) {
			return true;
		}
		return false;
	}

	public boolean supports(Class clazz) {
		logger.info("Class: " + clazz);
		if (clazz == MethodInvocation.class) {
			return true;
		}
		return false;
	}

}




ApplicationEventPublisherImp

package com.bulain.test;

import org.apache.log4j.Logger;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationEventPublisher;

public class ApplicationEventPublisherImp implements ApplicationEventPublisher {
	private static Logger logger = Logger.getLogger(ApplicationEventPublisherImp.class);

	public void publishEvent(ApplicationEvent event) {
		logger.info("publishEvent: " + event);
	}

}



BankManager

package com.bulain.test;

public interface BankManager {
	/**
	 * Delete something
	 */
	public void deleteSomething(int id);
	
	/**
	 * Delete another
	 */
	public void deleteAnother(int id);
	
	/**
	 * Get balance
	 */
	public float getBalance(int id);
}



BankManagerImp

package com.bulain.test;

import org.apache.log4j.Logger;

public class BankManagerImp implements BankManager {
	private static Logger logger = Logger.getLogger(BankManagerImp.class);

	public void deleteSomething(int id) {
		logger.info("deleteSomething()");
	}

	public void deleteAnother(int id) {
		logger.info("deleteAnother()");
	}

	public float getBalance(int id) {
		logger.info("getBalance()");
		return 0;
	}
}



BankManagerImpTest

package com.bulain.test;

import junit.framework.TestCase;

import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.AuthenticationProvider;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.xml.XmlBeanFactory;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;

public class BankManagerImpTest extends TestCase {
	static Resource resource = new ClassPathResource("applicationContext.xml");
	static BeanFactory factory = new XmlBeanFactory(resource);

	private static void createSecureContext(final BeanFactory bf, final String username, final String password) {
		AuthenticationProvider provider = (AuthenticationProvider) bf.getBean("daoAuthenticationProvider");
		Authentication auth = provider.authenticate(new UsernamePasswordAuthenticationToken(username, password));
		SecurityContextHolder.getContext().setAuthentication(auth);
	}

	// Clear the security context after each test.
	public void teardown() {
		SecurityContextHolder.setContext(new SecurityContextImpl());
	}

	public static void main(String[] args) {
		junit.textui.TestRunner.run(BankManagerImpTest.class);
	}

	/*
	 * Test method for 'com.bulain.test.BankManagerImp.deleteSomething(int)'
	 */
	public void testDeleteSomething() {
		BankManager bankManager = (BankManager) factory.getBean("bankManager");
		createSecureContext(factory, "marissa", "koala");

		bankManager.deleteSomething(10);
	}

	/*
	 * Test method for 'com.bulain.test.BankManagerImp.deleteAnother(int)'
	 */
	public void testDeleteAnother() {
		BankManager bankManager = (BankManager) factory.getBean("bankManager");
		createSecureContext(factory, "marissa", "koala");

		bankManager.deleteAnother(10);
	}

	/*
	 * Test method for 'com.bulain.test.BankManagerImp.getBalance(int)'
	 */
	public void testGetBalance() {
		BankManager bankManager = (BankManager) factory.getBean("bankManager");
		createSecureContext(factory, "manager", "manager");

		bankManager.getBalance(10);
	}
}


applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
	<bean id="bankManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
		<property name="validateConfigAttributes">
			<value>true</value>
		</property>
		<property name="applicationEventPublisher">
			<bean class="com.bulain.test.ApplicationEventPublisherImp"/>
		</property>
		<property name="authenticationManager">
			<ref bean="authenticationManager"/>
		</property>
		<property name="accessDecisionManager">
			<ref bean="accessDecisionManager"/>
		</property>
		<property name="runAsManager">
			<ref bean="runAsManager"/>
		</property>
		<property name="afterInvocationManager">
			<ref bean="afterInvocationManager"/>
		</property>
		<property name="objectDefinitionSource">
			<value>com.bulain.test.BankManager.delete*=ROLE_SUPERVISOR,RUN_AS_SERVER
				com.bulain.test.BankManager.getBalance=ROLE_TELLER,ROLE_SUPERVISOR,BANKSECURITY_CUSTOMER,RUN_AS_SERVER</value>
		</property>
	</bean>
	
	<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
		<property name="providers">
			<list>
				<ref local="daoAuthenticationProvider"/>
				<bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
					<property name="key" value="changeThis"/>
				</bean>
				<bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
					<property name="key" value="changeThis"/>
				</bean>
			</list>
		</property>
	</bean>
	
	<bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
		<property name="allowIfAllAbstainDecisions" value="false"/>
		<property name="decisionVoters">
			<list>
				<bean class="org.acegisecurity.vote.RoleVoter"/>
				<bean class="org.acegisecurity.vote.AuthenticatedVoter"/>
			</list>
		</property>
	</bean>
	
	<bean id="runAsManager" class="org.acegisecurity.runas.RunAsManagerImpl">
		<property name="key" value="KEY"/>
	</bean>
	
	<bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager">
		<property name="providers">
			<list>
				<bean class="com.bulain.test.AfterInvocationProviderImp"/>
			</list>
		</property>
	</bean>
	
	<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
		<property name="userDetailsService" ref="userDetailsService"/>
		<property name="userCache">
			<bean class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
				<property name="cache">
					<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
						<property name="cacheManager">
							<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
						</property>
						<property name="cacheName" value="userCache"/>
					</bean>
				</property>
			</bean>
		</property>
	</bean>
	
	<bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
		<property name="userProperties">
			<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
				<property name="location" value="users.properties"/>
			</bean>
		</property>
	</bean>
	
	<bean id="bankManagerImp" class="com.bulain.test.BankManagerImp"/>
	
	<bean id="bankManager" class="org.springframework.aop.framework.ProxyFactoryBean">
		<property name="interceptorNames">	
			<list>
				<value>bankManagerSecurity</value>
			</list>		
		</property>
		<property name="target"><ref local="bankManagerImp"/></property>
	</bean>
</beans>


users.properties

marissa=koala,ROLE_SUPERVISOR
dianne=emu,ROLE_USER
scott=wombat,ROLE_USER
peter=opal,disabled,ROLE_USER

acegi的MethodSecurityInterceptor

  • 0

    开心

    开心

  • 0

    板砖

    板砖

  • 0

    感动

    感动

  • 0

    有用

    有用

  • 0

    疑问

    疑问

  • 0

    难过

    难过

  • 0

    无聊

    无聊

  • 0

    震惊

    震惊

编辑推荐
偶对Acegi Security System景仰已久,它利用了Spring提供的IOC和AOP的机制,实现了一个安全架构,让
Acegi是为基于Spring的应用提供的声明式安全框架。它通过在Spring的应用上下文中配置一系列的Bean完
好吧,我承认取的标题太笼统了,有点哗众取宠的嫌疑了。 首先说明,本篇要讨论的是对FilterSecurity
一般在一个应用系统中都会有权限的设计,最基本的权限设计会关系到五张表,用户表,角色表,权限表用
转自: 这里 灰色字体是本人对文章的理解和注释 概述:对于任何一个完整的应用系统,完善的认证和授
Acegi框架介绍 2008-08-26 作者:陈雄华 来源:IT168 概述 对于任何一个完整的应用系统,完善的认证
一、Acegi Security 介绍 1、为基于J2EE企业应用提供了全面安全服务 l将系统的安全逻辑从业务中分离
偶对Acegi Security System景仰已久,它利用了Spring提供的IOC和AOP的机制,实现了一个安全架构,让
概述 对于任何一个完整的应用系统,完善的认证和授权机制是必不可少的。Acegi Security(以下简称Ac
Acegi是为基于Spring的应用提供的声明式安全框架。它通过在Spring的应用上下文中配置一系列的Bean完
版权所有 IT知识库 CopyRight © 2009-2015 IT知识库 IT610.com , All Rights Reserved. 京ICP备09083238号