Author: gmazza
Date: Mon Aug 12 21:28:09 2013
New Revision: 1513259
URL: http://svn.apache.org/r1513259
Log:
ROL-1968: Upgrade to Spring Security 3.1.4.RELEASE
Removed:
roller/trunk/app/src/main/resources/META-INF/spring.schemas
roller/trunk/app/src/main/resources/spring-security-2.0.1-openidfix.xsd
Modified:
roller/trunk/app/pom.xml
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/RollerContext.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetails.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
roller/trunk/app/src/main/webapp/WEB-INF/security.xml
roller/trunk/app/src/main/webapp/roller-ui/logout-redirect.jsp
Modified: roller/trunk/app/pom.xml
URL:
http://svn.apache.org/viewvc/roller/trunk/app/pom.xml?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/pom.xml (original)
+++ roller/trunk/app/pom.xml Mon Aug 12 21:28:09 2013
@@ -24,7 +24,7 @@
<testPlanetCache>${project.build.testOutputDirectory}${file.separator}planetcache</testPlanetCache>
<lucene.version>4.4.0</lucene.version>
<spring.version>3.2.4.RELEASE</spring.version>
- <spring.security.version>2.0.7.RELEASE</spring.security.version>
+ <spring.security.version>3.1.4.RELEASE</spring.security.version>
</properties>
<dependencies>
@@ -268,7 +268,13 @@
<dependency>
<groupId>org.springframework.security</groupId>
- <artifactId>spring-security-core</artifactId>
+ <artifactId>spring-security-config</artifactId>
+ <version>${spring.security.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-ldap</artifactId>
<version>${spring.security.version}</version>
</dependency>
@@ -308,12 +314,6 @@
</exclusions>
</dependency>
- <dependency>
- <groupId>org.springframework.ldap</groupId>
- <artifactId>spring-ldap</artifactId>
- <version>1.2</version>
- </dependency>
-
<!-- OpenID deps -->
<dependency>
Modified:
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/RollerContext.java
URL:
http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/RollerContext.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
---
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/RollerContext.java
(original)
+++
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/RollerContext.java
Mon Aug 12 21:28:09 2013
@@ -25,15 +25,15 @@ import java.util.Iterator;
import javax.servlet.ServletContext;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
-import org.springframework.security.providers.AuthenticationProvider;
-import org.springframework.security.providers.ProviderManager;
-import org.springframework.security.providers.dao.DaoAuthenticationProvider;
-import org.springframework.security.providers.dao.UserCache;
-import org.springframework.security.providers.encoding.Md5PasswordEncoder;
-import org.springframework.security.providers.encoding.PasswordEncoder;
-import org.springframework.security.providers.encoding.ShaPasswordEncoder;
-import
org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider;
-import
org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.ProviderManager;
+import
org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.core.userdetails.UserCache;
+import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
+import org.springframework.security.authentication.encoding.PasswordEncoder;
+import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
+import
org.springframework.security.authentication.RememberMeAuthenticationProvider;
+import
org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.roller.weblogger.WebloggerException;
@@ -245,7 +245,7 @@ public class RollerContext extends Conte
boolean doEncrypt = Boolean.valueOf(encryptPasswords).booleanValue();
if (doEncrypt) {
- DaoAuthenticationProvider provider = (DaoAuthenticationProvider)
ctx.getBean("org.springframework.security.providers.dao.DaoAuthenticationProvider#0");
+ DaoAuthenticationProvider provider = (DaoAuthenticationProvider)
ctx.getBean("org.springframework.security.authentication.dao.DaoAuthenticationProvider#0");
String algorithm =
WebloggerConfig.getProperty("passwds.encryption.algorithm");
PasswordEncoder encoder = null;
if (algorithm.equalsIgnoreCase("SHA")) {
@@ -262,8 +262,8 @@ public class RollerContext extends Conte
}
if (WebloggerConfig.getBooleanProperty("securelogin.enabled")) {
- AuthenticationProcessingFilterEntryPoint entryPoint =
- (AuthenticationProcessingFilterEntryPoint)
ctx.getBean("_formLoginEntryPoint");
+ LoginUrlAuthenticationEntryPoint entryPoint =
+ (LoginUrlAuthenticationEntryPoint)
ctx.getBean("_formLoginEntryPoint");
entryPoint.setForceHttps(true);
}
Modified:
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
URL:
http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
---
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
(original)
+++
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
Mon Aug 12 21:28:09 2013
@@ -18,19 +18,23 @@
package org.apache.roller.weblogger.ui.core.filters;
+import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import javax.servlet.Filter;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.springframework.security.Authentication;
-import org.springframework.security.AuthenticationException;
-import org.springframework.security.providers.openid.OpenIDAuthenticationToken;
-import
org.springframework.security.ui.openid.OpenIDAuthenticationProcessingFilter;
-import org.springframework.security.userdetails.UsernameNotFoundException;
-import org.springframework.security.ui.openid.OpenIDConsumer;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.openid.OpenIDAuthenticationToken;
+import org.springframework.security.openid.OpenIDAuthenticationFilter;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.openid.OpenIDConsumer;
//import org.springframework.security.userdetails.openid.OpenIDUserAttribute;
@@ -39,41 +43,49 @@ import org.springframework.security.ui.o
* @author Tatyana Tokareva
*/
public class CustomOpenIDAuthenticationProcessingFilter
- extends OpenIDAuthenticationProcessingFilter implements Filter {
+ extends OpenIDAuthenticationFilter implements Filter {
private OpenIDConsumer consumer;
private String claimedIdentityFieldName = DEFAULT_CLAIMED_IDENTITY_FIELD;
private static Log log =
LogFactory.getLog(CustomOpenIDAuthenticationProcessingFilter.class);
@Override
- public Authentication attemptAuthentication(HttpServletRequest req) throws
AuthenticationException {
+ public Authentication attemptAuthentication(HttpServletRequest req,
HttpServletResponse rsp) throws AuthenticationException,
+ IOException {
OpenIDAuthenticationToken auth = null;
// Processing standard OpenId user authentication
- auth = (OpenIDAuthenticationToken) super.attemptAuthentication(req);
+ auth = (OpenIDAuthenticationToken) super.attemptAuthentication(req,
rsp);
+
+ if (auth != null) {
+ GrantedAuthority ga = (GrantedAuthority)
auth.getAuthorities().toArray()[0];
- if (auth.getAuthorities()[0].getAuthority().equals("openidLogin")) {
+ if (ga.getAuthority().equals("openidLogin")) {
- /* TODO: when Spring Security 2.1 is released, we can uncomment
- * this code, which will allow us to pre-populate the new user
- * registration form with information from the OpenID Provider.
- *
- Collection<OpenIDUserAttribute> sREGAttributesList =
auth.getAttributes();
- OpenIDUserAttribute openidName = new OpenIDUserAttribute(
- OpenIDUserAttribute.Attributes.openidname.toString(), "");
- openidName.setValue(auth.getIdentityUrl());
- sREGAttributesList.add(openidName);
-
- // TODO: find a better place to stash attributes
- UserManager mgr =
WebloggerFactory.getWeblogger().getUserManager();
- mgr.userAttributes.put(
- UserAttribute.Attributes.openidUrl.toString(),
- sREGAttributesList);
- */
-
- // Username not found in Roller for this user, so throw exception
- // which will route user to the new user registration page.
- throw new UsernameNotFoundException("ERROR no user: new openid
user");
+ /* TODO: when Spring Security 2.1 is released, we can uncomment
+ * this code, which will allow us to pre-populate the new user
+ * registration form with information from the OpenID Provider.
+ *
+ Collection<OpenIDUserAttribute> sREGAttributesList =
auth.getAttributes();
+ OpenIDUserAttribute openidName = new OpenIDUserAttribute(
+ OpenIDUserAttribute.Attributes.openidname.toString(), "");
+ openidName.setValue(auth.getIdentityUrl());
+ sREGAttributesList.add(openidName);
+
+ // TODO: find a better place to stash attributes
+ UserManager mgr =
WebloggerFactory.getWeblogger().getUserManager();
+ mgr.userAttributes.put(
+ UserAttribute.Attributes.openidUrl.toString(),
+ sREGAttributesList);
+ */
+
+ } else {
+ // route user to new user registration page.
+ throw new UsernameNotFoundException("ERROR no user: openid
authority not found");
+ }
+ } else {
+ // route user to new user registration page.
+ throw new UsernameNotFoundException("ERROR no user: openid
authentication failed");
}
return auth;
}
@@ -84,7 +96,7 @@ public class CustomOpenIDAuthenticationP
@Override
protected String lookupRealm(String returnToUrl) {
- String mapping = (String) getRealmMapping().get(returnToUrl);
+ String mapping = super.lookupRealm(returnToUrl);
if (mapping == null) {
try {
Modified:
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java
URL:
http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
---
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java
(original)
+++
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java
Mon Aug 12 21:28:09 2013
@@ -24,13 +24,15 @@ import org.apache.roller.weblogger.busin
import org.apache.roller.weblogger.pojos.User;
import org.springframework.dao.DataRetrievalFailureException;
import org.springframework.ldap.core.DirContextOperations;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.ldap.LdapAuthoritiesPopulator;
-import org.springframework.security.userdetails.UsernameNotFoundException;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.Assert;
+import java.util.Collection;
import java.util.List;
+import java.util.ArrayList;
/**
@@ -45,7 +47,7 @@ public class AuthoritiesPopulator implem
/* (non-Javadoc)
* @see
org.springframework.security.ldap.LdapAuthoritiesPopulator#getGrantedAuthorities(org.springframework.ldap.core.DirContextOperations,
String)
*/
- public GrantedAuthority[] getGrantedAuthorities(DirContextOperations
userData, String username) {
+ public Collection<GrantedAuthority>
getGrantedAuthorities(DirContextOperations userData, String username) {
// This check is probably unnecessary.
if (userData == null) {
@@ -68,17 +70,17 @@ public class AuthoritiesPopulator implem
}
int roleCount = roles.size() + (defaultRole != null ? 1 : 0);
- GrantedAuthority[] authorities = new GrantedAuthorityImpl[roleCount];
+ List<GrantedAuthority> authorities = new
ArrayList<GrantedAuthority>(roleCount); // SimpleGrantedAuthority[roleCount];
int i = 0;
for(String role : roles) {
- authorities[i++] = new GrantedAuthorityImpl(role);
+ authorities.add(new SimpleGrantedAuthority(role));
}
if (defaultRole != null) {
- authorities[roleCount-1] = defaultRole;
+ authorities.add(defaultRole);
}
- if (authorities.length == 0) {
+ if (authorities.size() == 0) {
// TODO: This doesn't seem like the right type of exception to
throw here, but retained it, fixed the message
throw new UsernameNotFoundException("User " + username + " has no
roles granted and there is no default role set.");
}
@@ -93,6 +95,6 @@ public class AuthoritiesPopulator implem
*/
public void setDefaultRole(String defaultRole) {
Assert.notNull(defaultRole, "The defaultRole property cannot be set to
null");
- this.defaultRole = new GrantedAuthorityImpl(defaultRole);
+ this.defaultRole = new SimpleGrantedAuthority(defaultRole);
}
}
Modified:
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java
URL:
http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
---
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java
(original)
+++
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java
Mon Aug 12 21:28:09 2013
@@ -26,9 +26,9 @@ import org.apache.roller.weblogger.Weblo
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.UserManager;
import org.apache.roller.weblogger.pojos.User;
-import org.springframework.security.Authentication;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.context.SecurityContextHolder;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
/**
* @author Elias Torres (<a
href="mailto:[email protected]";>[email protected]</a>)
Modified:
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
URL:
http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
---
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
(original)
+++
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
Mon Aug 12 21:28:09 2013
@@ -26,10 +26,10 @@ import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.servlet.http.HttpServletRequest;
-import org.springframework.security.Authentication;
-import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.ldap.LdapUserDetails;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.ldap.userdetails.LdapUserDetails;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.roller.weblogger.config.WebloggerConfig;
@@ -136,7 +136,9 @@ public class CustomUserRegistry {
locale = rollerDetails.getLocale();
timezone = rollerDetails.getTimeZone();
- } else if(userDetails instanceof LdapUserDetails) {
+ } /* Deprecated in Spring Security 2.0.x:
http://static.springsource.org/spring-security/site/docs/2.0.x/apidocs/
+ unsure if can be returned in Spring Security 3.1
+ else if(userDetails instanceof LdapUserDetails) {
LdapUserDetails ldapDetails = (LdapUserDetails) userDetails;
Attributes attributes = ldapDetails.getAttributes();
@@ -146,7 +148,7 @@ public class CustomUserRegistry {
locale = getLdapAttribute(attributes,
WebloggerConfig.getProperty(LOCALE_LDAP_PROPERTY,
DEFAULT_LOCALE_LDAP_ATTRIBUTE));
timezone = getLdapAttribute(attributes,
WebloggerConfig.getProperty(TIMEZONE_LDAP_PROPERTY,
DEFAULT_TIMEZONE_LDAP_ATTRIBUTE));
- }
+ } */
}
boolean storePassword =
WebloggerConfig.getBooleanProperty("users.sso.passwords.save");
Modified:
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetails.java
URL:
http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetails.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
---
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetails.java
(original)
+++
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetails.java
Mon Aug 12 21:28:09 2013
@@ -17,7 +17,7 @@
*/
package org.apache.roller.weblogger.ui.core.security;
-import org.springframework.security.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetails;
/**
* An interface to extract additional properties from a UserDetails instance.
These extra
Modified:
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
URL:
http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
---
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
(original)
+++
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
Mon Aug 12 21:28:09 2013
@@ -1,13 +1,13 @@
package org.apache.roller.weblogger.ui.core.security;
+import java.util.ArrayList;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.UserDetailsService;
-import org.springframework.security.userdetails.UsernameNotFoundException;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.Weblogger;
import org.apache.roller.weblogger.business.WebloggerFactory;
@@ -51,23 +51,24 @@ public class RollerUserDetailsService im
}
String name;
String password;
- GrantedAuthority[] authorities;
+ ArrayList<SimpleGrantedAuthority> authorities;
// We are not throwing UsernameNotFound exception in case of
// openid authentication in order to recieve user SREG
attributes
// from the authentication filter and save them
if (userData == null) {
- authorities = new GrantedAuthority[1];
- GrantedAuthority g = new
GrantedAuthorityImpl("openidLogin");
- authorities[0] = g;
+ authorities = new ArrayList<SimpleGrantedAuthority>(1);
+ SimpleGrantedAuthority g = new
SimpleGrantedAuthority("openidLogin");
+ authorities.add(g);
name = "openid";
password = "openid";
} else {
- authorities = getAuthorities(userData, umgr);
+ authorities = getAuthorities(userData, umgr);
name = userData.getUserName();
password = userData.getPassword();
}
- UserDetails usr = new
org.springframework.security.userdetails.User(name, password, true,
authorities);
+ UserDetails usr = new
org.springframework.security.core.userdetails.User(name, password,
+ true, true, true, true, authorities);
return usr;
} else {
@@ -79,8 +80,9 @@ public class RollerUserDetailsService im
if (userData == null) {
throw new UsernameNotFoundException("ERROR no user: " +
userName);
}
- GrantedAuthority[] authorities = getAuthorities(userData,
umgr);
- return new
org.springframework.security.userdetails.User(userData.getUserName(),
userData.getPassword(), true, authorities);
+ ArrayList<SimpleGrantedAuthority> authorities =
getAuthorities(userData, umgr);
+ return new
org.springframework.security.core.userdetails.User(userData.getUserName(),
userData.getPassword(),
+ true, true, true, true, authorities);
}
} catch (WebloggerException ex) {
throw new DataAccessResourceFailureException("ERROR: fetching
roles", ex);
@@ -89,14 +91,14 @@ public class RollerUserDetailsService im
}
- private GrantedAuthority[] getAuthorities(User userData, UserManager
umgr) throws WebloggerException {
- List<String> roles = umgr.getRoles(userData);
- GrantedAuthority[] authorities = new
GrantedAuthorityImpl[roles.size()];
- int i = 0;
- for (String role : roles) {
- authorities[i++] = new GrantedAuthorityImpl(role);
- }
- return authorities;
- }
+ private ArrayList<SimpleGrantedAuthority> getAuthorities(User userData,
UserManager umgr) throws WebloggerException {
+ List<String> roles = umgr.getRoles(userData);
+ ArrayList<SimpleGrantedAuthority> authorities = new
ArrayList<SimpleGrantedAuthority>(roles.size());
+ int i = 0;
+ for (String role : roles) {
+ authorities.add(new SimpleGrantedAuthority(role));
+ }
+ return authorities;
+ }
}
Modified: roller/trunk/app/src/main/webapp/WEB-INF/security.xml
URL:
http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/security.xml?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/security.xml (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/security.xml Mon Aug 12 21:28:09
2013
@@ -17,22 +17,18 @@
directory of this distribution.
-->
<beans:beans xmlns="http://www.springframework.org/schema/security";
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
- xmlns:beans="http://www.springframework.org/schema/beans";
- xsi:schemaLocation="http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
- http://www.springframework.org/schema/security
-
http://www.springframework.org/schema/security/spring-security-2.0.4.xsd";>
-
- <!--
-xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
-http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-2.0.1.xsd";>
--->
+ xmlns:beans="http://www.springframework.org/schema/beans";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+ http://www.springframework.org/schema/security
+
http://www.springframework.org/schema/security/spring-security-3.1.xsd";>
+
+ <http pattern="/images/**" security="none"/>
+ <http pattern="/scripts/**" security="none"/>
+ <http pattern="/styles/**" security="none"/>
- <http auto-config="false" lowercase-comparisons="true"
access-decision-manager-ref="accessDecisionManager">
- <intercept-url pattern="/images/**" filters="none"/>
- <intercept-url pattern="/scripts/**" filters="none"/>
- <intercept-url pattern="/styles/**" filters="none"/>
+ <http auto-config="false"
access-decision-manager-ref="accessDecisionManager">
<intercept-url pattern="/roller-ui/login-redirect**"
access="admin,editor"/>
<intercept-url pattern="/roller-ui/profile**" access="admin,editor"/>
<intercept-url pattern="/roller-ui/createWeblog**"
access="admin,editor"/>
@@ -47,15 +43,11 @@ http://www.springframework.org/schema/se
<remember-me user-service-ref="rollerUserService"
key="715F2448-3176-11DD-ABC6-9CD955D89593"/>
- </http>
-
- <!-- Read users from Roller API -->
- <authentication-provider user-service-ref="rollerUserService"/>
- <beans:bean id="rollerUserService"
-
class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService"/>
+ <custom-filter ref="openidAuthenticationProcessingFilter"
position="OPENID_FILTER"/>
+ </http>
- <beans:bean id="accessDecisionManager"
class="org.springframework.security.vote.AffirmativeBased">
+ <beans:bean id="accessDecisionManager"
class="org.springframework.security.access.vote.AffirmativeBased">
<beans:property name="allowIfAllAbstainDecisions" value="false"/>
<beans:property name="decisionVoters">
<beans:list>
@@ -63,39 +55,59 @@ http://www.springframework.org/schema/se
</beans:list>
</beans:property>
</beans:bean>
- <beans:bean id="roleVoter"
class="org.springframework.security.vote.RoleVoter">
+ <beans:bean id="roleVoter"
class="org.springframework.security.access.vote.RoleVoter">
<beans:property name="rolePrefix" value=""/>
</beans:bean>
- <beans:bean id="rememberMeAuthenticationProvider"
class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
- <!-- This ensures that remember-me is added as an authentication
provider -->
- <custom-authentication-provider />
+ <!-- Read users from Roller API -->
+ <authentication-manager alias='rollerAuthenticationManager'>
+ <authentication-provider user-service-ref="rollerUserService"/>
+ <authentication-provider ref="rememberMeAuthenticationProvider"/>
+ <authentication-provider ref="openIDAuthProvider"/>
+ </authentication-manager>
+
+ <beans:bean id="rollerUserService"
+
class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService"/>
+
+ <beans:bean id="rememberMeAuthenticationProvider"
+
class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
<beans:property name="key" value="springRocks"/>
</beans:bean>
- <!-- OpenID -->
- <authentication-manager alias='authenticationManagerAlias'/>
- <beans:bean id = "openIDAuthProvider"
class="org.springframework.security.providers.openid.OpenIDAuthenticationProvider">
- <custom-authentication-provider/>
+ <beans:bean id = "openIDAuthProvider"
class="org.springframework.security.openid.OpenIDAuthenticationProvider">
<beans:property name="userDetailsService" ref="rollerUserService"/>
</beans:bean>
- <beans:bean id="openidAuthenticationProcessingFilter"
class="org.apache.roller.weblogger.ui.core.filters.CustomOpenIDAuthenticationProcessingFilter">
+
+ <beans:bean id="openidAuthenticationProcessingFilter"
+
class="org.apache.roller.weblogger.ui.core.filters.CustomOpenIDAuthenticationProcessingFilter">
<beans:property name="claimedIdentityFieldName"
value="openid_identifier"/>
- <beans:property name="defaultTargetUrl" value="/roller-ui/menu.rol"/>
<beans:property name="filterProcessesUrl"
value="/roller_j_openid_security_check"/>
+ <beans:property name="authenticationManager"
ref="rollerAuthenticationManager"/>
+ <beans:property name="authenticationSuccessHandler"
ref="myAuthenticationSuccessHandler"/>
+ <beans:property name="authenticationFailureHandler"
ref="myAuthenticationFailureHandler"/>
+ </beans:bean>
+
+ <beans:bean id="myAuthenticationSuccessHandler"
+
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
+ <beans:property name="defaultTargetUrl" value="/roller-ui/menu.rol"/>
+ </beans:bean>
+
+ <beans:bean id="myAuthenticationFailureHandler"
+
class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
+ <beans:property name="defaultFailureUrl"
value="/roller-ui/login.rol?error=true"/>
<beans:property name="exceptionMappings">
<beans:props>
- <beans:prop
key="org.springframework.security.userdetails.UsernameNotFoundException">/roller-ui/register.rol
+ <beans:prop
key="org.springframework.security.core.userdetails.UsernameNotFoundException">
+ /roller-ui/register.rol
</beans:prop>
- <beans:prop
key="org.springframework.security.BadCredentialsException">/roller-ui/login.rol?error=true
+ <beans:prop
key="org.springframework.security.authentication.BadCredentialsException">
+ /roller-ui/login.rol?error=true
</beans:prop>
- <beans:prop
key="org.springframework.security.AuthenticationException">/roller-ui/login.rol?error=true
+ <beans:prop
key="org.springframework.security.core.AuthenticationException">
+ /roller-ui/login.rol?error=true
</beans:prop>
</beans:props>
</beans:property>
- <beans:property name="authenticationFailureUrl"
value="/roller-ui/login.rol?error=true"/>
- <beans:property name="authenticationManager"
ref="authenticationManagerAlias"/>
- <custom-filter position="OPENID_PROCESSING_FILTER"/>
</beans:bean>
-
+
</beans:beans>
Modified: roller/trunk/app/src/main/webapp/roller-ui/logout-redirect.jsp
URL:
http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/roller-ui/logout-redirect.jsp?rev=1513259&r1=1513258&r2=1513259&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/roller-ui/logout-redirect.jsp (original)
+++ roller/trunk/app/src/main/webapp/roller-ui/logout-redirect.jsp Mon Aug 12
21:28:09 2013
@@ -18,7 +18,7 @@
<%@ page language="java" contentType="text/html; charset=UTF-8" %>
<%@ page import="org.apache.roller.weblogger.ui.core.RollerSession" %>
<%@ page import="javax.servlet.http.Cookie" %>
-<%@ page
import="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices"
%>
+<%@ page
import="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices"
%>
<%
request.getSession().removeAttribute(RollerSession.ROLLER_SESSION);
