Hello,
Well, maybe it´s no a very good example to use
method-level access securing, but can explain me how to use the "proxyAcegi"
proxy object?.
Maybe, the following example (it´s a very very
simple example) is more appropiate to use the MethodSecurityInterceptor.
I just want to learn to use correctly.
I have an interface "IImprime.java":
package
com.acotelsa.impresion;
public interface IImprime
{
String imprime();
String imprime();
}
And the implementation file:
"ImprimeImpl.java":
package
com.acotelsa.impresion;
public class ImprimeImpl implements
IImprime{
public String imprime()
{
System.out.println("Print message");
return "Print message";
}
public String imprime()
{
System.out.println("Print message");
return "Print message";
}
}
Finally, this is the aplicaction context file with
the beans:
<
bean id="proxyAcegi" class="org.springframework.aop.framework.ProxyFactoryBean"> <property name="proxyInterfaces"> <value>com.acotelsa.impresion.IImprime</value> </property> <property name="interceptorNames"> <list> <idref bean="methodSecurityInterceptor" /> <idref local="formDocumento" /> </list> </property></bean>
<bean id="formDocumento" class="com.acotelsa.impresion.ImprimeImpl" /> <bean id="methodSecurityInterceptor" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> <property name="validateConfigAttributes"> <value>true</value> </property> <property name="authenticationManager"> <ref bean="authenticationManager" /> </property> <property name="accessDecisionManager"> <ref bean="accessDecisionManager" /> </property> <property name="objectDefinitionSource"> <value>com.acotelsa.impresion.IImprime.imprime=ROLE_SUPERVISOR
</value> </property> </bean>How I can use the "proxyAcegi" proxy object? What I
must be do to this work correctly?.
Please, explain me with detail.
Thanks.
Regards.
----- Original Message -----
From: "Ben Alex" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Wednesday, March 15, 2006 4:44
AM
Subject: Re: [Acegisecurity-developer] Method-level
access problem
>> I want secure method invocations with Acegi.
>
> You need to use the "proxyAcegi" proxy object, so that the
> MethodSecurityInterceptor gets a chance to be used.
>
> The class being secured appears to be an MVC controller. Generally we
> don't recommend securing Controller instances in this manner. Instead use
> FilterSecurityInterceptor to protect particular URL patterns from being
> invoked unless specific GrantedAuthority[]s are held. See the Contacts
> Sample.
>
> Best regards
> Ben
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting language
> that extends applications into web and mobile media. Attend the live webcast
> and join the prime developer group breaking into this new coding territory!
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
> _______________________________________________
> Home: http://acegisecurity.org
> Acegisecurity-developer mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>
>
> Mensaje analizado por el Sistema de Detección de Virus McAfee de Acotel. El hecho de que dicho mensaje haya sido tratado NO excluye que pueda contener virus no catalogados a fecha de hoy.
> ----------------------------------------
> Message analyzed by the McAfee Virus Detection System at Acotel. The fact that this message has passed analysis doesn't exclude the possibility of being infected by an undetected virus.
>
