hello all,
I'am using spring security in my web app, I wanna get rolename from user
login to cuztom menu display in click, how to get role name value from user
that was login ?
thx
bheikamp wrote:
>
> Hi dian,
> I use Spring Security in Click, it works quit simpel, implement the spring
> security libs in you project. add the folowing configuration to your
> web.xml
>
> <!-- ================================== -->
> <!-- Servlet Context Listeners -->
> <!-- ================================== -->
> <listener>
> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
> </listener>
> <!-- ================================== -->
> <!-- CONTEXT PARAMETERS -->
> <!-- ================================== -->
> <context-param>
> <param-name>contextConfigLocation</param-name>
> <param-value>classpath:application-context.xml</param-value>
> </context-param>
> <filter>
> <filter-name>springSecurityFilterChain</filter-name>
> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
> </filter>
> <filter-mapping>
> <filter-name>springSecurityFilterChain</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
>
> add the folowing to your application context, provided that you implement
> a
> dataSource to your project, this you can also be done in spring by using
> hibernate as persistance layer.
>
> <security:http auto-config="true" access-denied-page="/denied.htm">
> <security:intercept-url pattern="/some_path/*" access="ROLE_ADMINISTRATOR"
> />
> <security:intercept-url pattern="/**"
> access="IS_AUTHENTICATED_ANONYMOUSLY"
> />
> <security:form-login login-page="/logon.htm"
> authentication-failure-url="/logon.htm?login_error=1" />
> </security:http>
> <security:authentication-provider>
> <security:jdbc-user-service data-source-ref="dataSource"
> authorities-by-username-query="SELECT username,authority FROM authority
> WHERE username=?"
> users-by-username-query="SELECT username,password,active FROM users WHERE
> username=?" />
> </security:authentication-provider>
>
> create 2 table's:
>
> - authority with a usernae and authority and make sure a user has a
> ROLE_ADMINISTRATOR or something like that, default it has to start with
> ROLE_,
> - users, with a username, password and active.
>
> your login page :
>
> public class LogonPage extends TemplatePage {
>
> public Form form = new Form();
>
> public LogonPage() {
> setTitle("Loging page");
>
> form.setActionURL("j_spring_security_check");
> form.setMethod("post");
> form.setJavaScriptValidation(true);
>
> TextField userName = new TextField("j_username");
> userName.setRequired(true);
> userName.setFocus(true);
> userName.setLabel("gebruikersNaam");
> form.add(userName);
>
> PasswordField password = new PasswordField("j_password");
> password.setRequired(true);
> password.setLabel("Wachtwoord");
> form.add(password);
>
> form.add(new NextButton("ok", " logon ", this, "onOkClicked"));
> }
>
> @Override public void onInit() {
> super.onInit();
> if (getParameter("login_error") != null &&
> getParameter("login_error").equals("1")) {
> msg = "fout bij aanmelden !";
> }
> }
> }
>
> that's all, this works much easier than the J2EE implementation.
>
> Suc6
>
> Kind Regards,
>
> Bert Heikamp
>
> 2009/1/6 dian ruzda <[email protected]>
>
>> Hello all,
>>
>> I still confuse to implements how to make authentification and
>> authorization in click framework.
>> I was read click manual and best practise but It can't explaine me more.
>> does any body can give me simple template about implementation security
>> in
>> click framework ?
>>
>>
>> thx..
>>
>
>
--
View this message in context:
http://n2.nabble.com/security-in-click-tp2116683p3191195.html
Sent from the click-user mailing list archive at Nabble.com.
