Acegi with acl
- From: tk <tomaszkulej@xxxxxxxxx>
- Date: Wed, 30 Jan 2008 01:20:19 -0800 (PST)
Witam,
I wolud like use acl with acegi, my project look like:
Authorization process use LDAP, run fine. Access control for url look
like :
<bean id="filterInvocationInterceptor"
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager"
ref="authenticationManager"/>
<property name="accessDecisionManager"
ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
<!--Admin Links-->
<!--/mainMenu.html/**=user
/editProfile.html/**=user
itp.......
Now I would like use acl. What I do (earlier I turn off access control
which I use ):
in xml file :
<bean id="aclManager"
class="org.acegisecurity.acl.AclProviderManager">
<property name="providers">
<list>
<ref local="basicAclProvider"/>
</list>
</property>
</bean>
<bean id="basicAclProvider"
class="org.acegisecurity.acl.basic.BasicAclProvider">
<property name="basicAclDao">
<ref local="basicAclExtendedDao"/>
</property>
</bean>
<bean id="basicAclExtendedDao"
class="org.acegisecurity.acl.basic.jdbc.JdbcExtendedDaoImpl">
<property name="dataSource">
<ref bean="dataSource"/>
</property>
</bean>
create table :
CREATE TABLE acl_object_identity (
id BIGINT NOT NULL PRIMARY KEY,
object_identity nvarchar(250) NOT NULL,
parent_object BIGINT,
acl_class nvarchar(250) NOT NULL,
);
ALTER TABLE acl_object_identity
ADD CONSTRAINT unique_object_identity
FOREIGN KEY (parent_object)
REFERENCES acl_object_identity(id)
CREATE TABLE acl_permission (
id BIGINT NOT NULL PRIMARY KEY,
acl_object_identity BIGINT NOT NULL,
recipient nvarchar(100) NOT NULL,
mask int NOT NULL,
);
ALTER TABLE acl_permission
ADD CONSTRAINT unique_recipient
FOREIGN KEY (acl_object_identity)
REFERENCES acl_object_identity(id)
What kind of data i put into this table:
table acl_object_identity
id object_identity
parent_object acl_class
7 pl.tk.tdfs.*:1 NULL
org.acegisecurity.acl.basic.SimpleAclEntry
8 processInstances.html NULL
org.acegisecurity.acl.basic.SimpleAclEntry
9 processInstances.html/ NULL
org.acegisecurity.acl.basic.SimpleAclEntry
10 /processInstances.html/ NULL
org.acegisecurity.acl.basic.SimpleAclEntry
table acl_permission :
id acl_object_identity
recipient mask
3 7 tkulej
0
6 7 domainName\tkulej 0
13 8 domainName\tkulej 0
14 8
tkulej 0
15 9 domainName\tkulej 0
16 9
tkulej 0
17 10 domainName\tkulej 0
18 10
tkulej 0
So for user tkulej I turn off all permissions. I do this for two
way`s. The first is put all pacage`s into table acl_object_identity.
The second is put some url in table acl_object_identity (in this
example I also try for different way`s). The main problem is that the
acl isn`t run good, when I log as tkulej I have permission for url and
all object`s.
The Tomcat`a log`s :
DEBUG: 09:08:06,257 [main] Class:
org.springframework.jdbc.object.RdbmsOperation Message:
RdbmsOperation with SQL [SELECT RECIPIENT, MASK FROM acl_permission
WHERE acl_object_identity = ?] compiled
DEBUG: 09:08:06,257 [main] Class:
org.springframework.jdbc.object.RdbmsOperation Message:
RdbmsOperation with SQL [SELECT CHILD.ID, CHILD.OBJECT_IDENTITY,
CHILD.ACL_CLASS, PARENT.OBJECT_IDENTITY as PARENT_OBJECT_IDENTITY FROM
acl_object_identity as CHILD LEFT OUTER JOIN acl_object_identity as
PARENT ON CHILD.parent_object=PARENT.id WHERE CHILD.object_identity
= ?] compiled
....... so acl work (I`am not sure ?).
So if somebady know hot to configure acegi+acl I will wait for
respone, thank`s for help.
.
- Prev by Date: Re: XML support in Java 5?
- Next by Date: Re: Selecting target CPU for thread
- Previous by thread: A7Soft announced JExamXML release
- Next by thread: Problems with Taglibs
- Index(es):
Relevant Pages
|
