Thanks Ben , that's a vote for sanity in a world filled with overly verbose XML files.
--b On Sun, 20 Feb 2005 10:07:00 -0700, Matt Raible <[EMAIL PROTECTED]> wrote: > This looks very cool - anything to cut down the amount of XML needed for > Acegi Security is a good thing IMO. > > I just finished my chapter on security for Spring Live - do you think I > should scrap the old stuff and update it to reflect this "new way"? If > so, when will 0.8.0 (or will be it 1.0) be released? I know the answer > is probably "when it's ready", but it can't hurt to ask. ;-) > > Matt > > Ben Alex wrote: > > > I've just committed to CVS a FilterChainProxy class, docs and tests > > which make web.xml significantly simpler for Acegi Security-based > > applications. It means you only need a single FilterToBeanProxy in > > web.xml, which delegates to your FilterChainProxy. The > > FilterChainProxy is defined like this: > > > > <bean id="filterChainProxy" > > class="net.sf.acegisecurity.util.FilterChainProxy"> > > <property name="filterInvocationDefinitionSource"> > > <value> > > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON > > PATTERN_TYPE_APACHE_ANT > > > > /webServices/**=basicProcessingFilter,httpSessionIntegrationFilter,securityEnforcementFilter > > > > > > /**=authenticationProcessingFilter,httpSessionIntegrationFilter,securityEnforcementFilter > > > > </value> > > </property> > > </bean> > > > > It's fairly self-explanatory if you think of > > SecurityEnforcementFilter. The first entry matching the request > > pattern is used, and the configuration attributes define the > > application context bean names of filters to be executed. Filters are > > executed in the order they're declared. This really tidies up web.xml. > > The Contacts sample application demonstrates the approach. > > > > On a related matter, I've addressed the IoC container vs servlet > > container lifecycle issue. Now FilterToBeanProxy does NOT call > > init(FilterConfig) and destroy() unless the optional "lifecycle" > > initialization parameter is set to "servlet-container-managed". This > > means the IoC container is preferred for managing the lifecycle of > > proxied filters. I thought this was the right approach given (i) IoC > > containers provide a far richer and more predictable source of IoC / > > lifecycle interfaces than the servlet spec offers; (ii) the parameter > > can be set to invoke the servlet spec lifecycle methods if desired; > > and (iii) most Filters loaded with FilterToBeanProxy should expect to > > be hosted by an IoC container and would probably prefer the richer > > interfaces such a container exposes (certainly all the Acegi Security > > filters use the Spring interfaces and no-op the two servlet spec > > lifecycle methods). I did of course consider just changing the > > FilterToBeanProxy model - and make all delegates implement a > > "SimpleFilter" one-method interface instead of Filter - but I know > > many people use FilterToBeanProxy for "legacy" filters and it seems > > desirable to keep this functionality. Any comments are welcome. > > > > Best regards > > Ben > > > > > > > > ------------------------------------------------------- > > SF email is sponsored by - The IT Product Guide > > Read honest & candid reviews on hundreds of IT Products from real users. > > Discover which products truly live up to the hype. Start reading now. > > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click > > _______________________________________________ > > Home: http://acegisecurity.sourceforge.net > > Acegisecurity-developer mailing list > > Acegisecurity-developer@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT Products from real users. > Discover which products truly live up to the hype. Start reading now. > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click > _______________________________________________ > Home: http://acegisecurity.sourceforge.net > Acegisecurity-developer mailing list > Acegisecurity-developer@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer