Revision: 1499
http://svn.sourceforge.net/spring-rich-c/?rev=1499&view=rev
Author: ge0ffrey
Date: 2006-10-06 07:41:20 -0700 (Fri, 06 Oct 2006)
Log Message:
-----------
pom \t cleanup + support for commons-httpclient BASIC auth remoting (possibly
wrapped in SSL)
Modified Paths:
--------------
trunk/spring-richclient/full/pom.xml
trunk/spring-richclient/pom.xml
trunk/spring-richclient/samples/petclinic/standalone/pom.xml
trunk/spring-richclient/sandbox/pom.xml
trunk/spring-richclient/support/pom.xml
Added Paths:
-----------
trunk/spring-richclient/support/src/main/java/org/springframework/richclient/security/remoting/BasicAuthCommonsHttpInvokerProxyFactoryBean.java
Modified: trunk/spring-richclient/full/pom.xml
===================================================================
--- trunk/spring-richclient/full/pom.xml 2006-10-06 11:51:06 UTC (rev
1498)
+++ trunk/spring-richclient/full/pom.xml 2006-10-06 14:41:20 UTC (rev
1499)
@@ -1 +1 @@
-<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd";>
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient</artifactId>
<version>0.2.0</version>
</parent>
<artifactId>spring-richclient-full</artifactId>
<!--
TODO HACK packaging is pom but actually a jar is assembled and deployed
and used ar packaging jar in the release module.
Specifing it jar probably won't work as an empty jar would replace the
assembly jar in the repo.
-->
<packaging>pom</packaging>
<name>Spring richclient full (all modules)</name>
<description>
A convenience union of all of the modules (except sandbox and tiger).
</description>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>bin</id>
<phase>package</phase>
<configuration>
<descriptor>src/assembly/artifact.xml</descriptor>
</configuration>
<goals>
<goal>attached</goal>
</goals>
</execution>
<execution>
<id>src</id>
<phase>package</phase>
<configuration>
<descriptor>src/assembly/source.xml</descriptor>
</configuration>
<goals>
<goal>attached</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
<dependencies>
<!-- Internal -->
<dependency>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient-resources</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient-binding</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient-form</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient-support</artifactId>
</dependency>
</dependencies>
</project>
\ No newline at end of file
+<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd";>
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient</artifactId>
<version>0.2.0</version>
</parent>
<artifactId>spring-richclient-full</artifactId>
<!--
TODO HACK packaging is pom but actually a jar is assembled and deployed
and used ar packaging jar in the release module.
Specifing it jar probably won't work as an empty jar would replace the
assembly jar in the repo.
-->
<packaging>pom</packaging>
<name>Spring richclient full (all modules)</name>
<description>
A convenience union of all of the modules (except sandbox and tiger).
</description>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>bin</id>
<phase>package</phase>
<configuration>
<descriptor>src/assembly/artifact.xml</descriptor>
</configuration>
<goals>
<goal>attached</goal>
</goals>
</execution>
<execution>
<id>src</id>
<phase>package</phase>
<configuration>
<descriptor>src/assembly/source.xml</descriptor>
</configuration>
<goals>
<goal>attached</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
<dependencies>
<!-- Internal -->
<dependency>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient-resources</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient-binding</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient-form</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.richclient</groupId>
<artifactId>spring-richclient-support</artifactId>
</dependency>
</dependencies>
</project>
\ No newline at end of file
Modified: trunk/spring-richclient/pom.xml
===================================================================
--- trunk/spring-richclient/pom.xml 2006-10-06 11:51:06 UTC (rev 1498)
+++ trunk/spring-richclient/pom.xml 2006-10-06 14:41:20 UTC (rev 1499)
@@ -648,15 +648,15 @@
<artifactId>spring-modules-validation</artifactId>
<version>0.5</version>
<exclusions>
- <exclusion>
- <groupId>org.springframework</groupId>
- <artifactId>spring</artifactId>
- </exclusion>
+ <exclusion>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring</artifactId>
+ </exclusion>
</exclusions>
</dependency>
- <!-- Collections -->
- <dependency>
+ <!-- Collections -->
+ <dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
<version>3.1</version>
@@ -664,10 +664,10 @@
<!-- Codec -->
<dependency>
- <groupId>commons-codec</groupId>
- <artifactId>commons-codec</artifactId>
- <version>1.3</version>
- </dependency>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ <version>1.3</version>
+ </dependency>
<!-- Logging -->
<dependency>
@@ -919,6 +919,11 @@
<!-- Remoting -->
<dependency>
+ <groupId>commons-httpclient</groupId>
+ <artifactId>commons-httpclient</artifactId>
+ <version>3.0.1</version>
+ </dependency>
+ <dependency>
<groupId>com.caucho</groupId>
<artifactId>hessian</artifactId>
<version>2.1.12</version>
Modified: trunk/spring-richclient/samples/petclinic/standalone/pom.xml
===================================================================
--- trunk/spring-richclient/samples/petclinic/standalone/pom.xml
2006-10-06 11:51:06 UTC (rev 1498)
+++ trunk/spring-richclient/samples/petclinic/standalone/pom.xml
2006-10-06 14:41:20 UTC (rev 1499)
@@ -60,8 +60,8 @@
<artifactId>acegi-security</artifactId>
</dependency>
<!-- following dependencies are added so they will override the ones
in acegisecurity,
- because of the bug with exclusion we cannot exclude them. When
acegi is used
- as a dependency we therefor need to overwrite the following
spring modules-->
+ because of the bug with exclusion we cannot exclude them. When
acegi is used
+ as a dependency we therefor need to overwrite the following spring
modules-->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
Modified: trunk/spring-richclient/sandbox/pom.xml
===================================================================
--- trunk/spring-richclient/sandbox/pom.xml 2006-10-06 11:51:06 UTC (rev
1498)
+++ trunk/spring-richclient/sandbox/pom.xml 2006-10-06 14:41:20 UTC (rev
1499)
@@ -29,7 +29,7 @@
<type>test-jar</type>
</dependency>
- <!-- Components -->
+ <!-- Components -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
Modified: trunk/spring-richclient/support/pom.xml
===================================================================
--- trunk/spring-richclient/support/pom.xml 2006-10-06 11:51:06 UTC (rev
1498)
+++ trunk/spring-richclient/support/pom.xml 2006-10-06 14:41:20 UTC (rev
1499)
@@ -104,10 +104,10 @@
<optional>true</optional>
</dependency>
- <!-- Needed for SortedListModel to work
- Is actually added by
spring-modules-validation in
- a transitive way, but when not using
validation,
- this package is also needed -->
+ <!-- Needed for SortedListModel to work
+ Is actually added by spring-modules-validation in
+ a transitive way, but when not using validation,
+ this package is also needed -->
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
@@ -127,12 +127,12 @@
<optional>true</optional>
</dependency>
- <!-- Codec -->
+ <!-- Codec -->
<dependency>
- <groupId>commons-codec</groupId>
- <artifactId>commons-codec</artifactId>
- <optional>true</optional>
- </dependency>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ <optional>true</optional>
+ </dependency>
<!-- Components -->
<dependency>
@@ -174,6 +174,13 @@
<optional>true</optional>
</dependency>
+ <!-- Remoting -->
+ <dependency>
+ <groupId>commons-httpclient</groupId>
+ <artifactId>commons-httpclient</artifactId>
+ <optional>true</optional>
+ </dependency>
+
</dependencies>
</project>
Added:
trunk/spring-richclient/support/src/main/java/org/springframework/richclient/security/remoting/BasicAuthCommonsHttpInvokerProxyFactoryBean.java
===================================================================
---
trunk/spring-richclient/support/src/main/java/org/springframework/richclient/security/remoting/BasicAuthCommonsHttpInvokerProxyFactoryBean.java
(rev 0)
+++
trunk/spring-richclient/support/src/main/java/org/springframework/richclient/security/remoting/BasicAuthCommonsHttpInvokerProxyFactoryBean.java
2006-10-06 14:41:20 UTC (rev 1499)
@@ -0,0 +1,76 @@
+package org.springframework.richclient.security.remoting;
+
+import org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean;
+import
org.springframework.remoting.httpinvoker.CommonsHttpInvokerRequestExecutor;
+import org.springframework.richclient.security.AuthenticationAware;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.UsernamePasswordCredentials;
+import org.apache.commons.httpclient.auth.AuthScope;
+import org.acegisecurity.Authentication;
+
+/**
+ * Extension of <code>HttpInvokerProxyFactoryBean</code> that supports the use
of BASIC
+ * authentication on each HTTP request while using commons-httpclient.
+ * Commons-httpclient can be easily configured to use SSL (so the BASIC
authentication isn't sniffable):
+ * <code>
+ * ProtocolSocketFactory authSSLProtocolSocketFactory = new
AuthSSLProtocolSocketFactory(null, null,
+ * truststoreUrl, TRUSTSTORE_PASSWORD);
+ * Protocol.registerProtocol("https", new Protocol("https",
authSSLProtocolSocketFactory, 443));
+ * </code>
+ * <p>
+ * This factory takes care of instantiating the proper invocation executor and
keeping
+ * it up to date with the latest user credentials. Once a more complete AOP
implementation
+ * is available, then this "token forwarding" can be removed as the default
executor is
+ * already wired to receive notifications when it is constructed by the
application
+ * context.
+ * <p>
+ * This configuration assumes that the user's credentials are "global" to the
application
+ * and every invocation should use the same credentials. If you need per-thread
+ * authentication then you should look at using a combination of
+ * [EMAIL PROTECTED]
org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean} and
+ * [EMAIL PROTECTED]
org.acegisecurity.context.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor}.
+ * <p>
+ * [EMAIL PROTECTED]
org.springframework.richclient.security.AuthenticationAware} is implemented in
order to get notifications of changes in
+ * the user's credentials. Please see the class documentation for
+ * <code>AuthenticationAware</code> to see how to configure the application
context so
+ * that authentication changes are broadcast properly.
+ * <p>
+ * @author Geoffrey De Smet
+ * @author Larry Streepy
+ */
+public class BasicAuthCommonsHttpInvokerProxyFactoryBean extends
HttpInvokerProxyFactoryBean implements AuthenticationAware {
+
+ /**
+ * Constructor. Install the default executor.
+ */
+ public BasicAuthCommonsHttpInvokerProxyFactoryBean() {
+ setHttpInvokerRequestExecutor(new CommonsHttpInvokerRequestExecutor());
+ }
+
+
+ /**
+ * Handle a change in the current authentication token.
+ * This method will fail fast if the executor isn't a
CommonsHttpInvokerRequestExecutor.
+ * @see
org.springframework.richclient.security.AuthenticationAware#setAuthenticationToken(org.acegisecurity.Authentication)
+ */
+ public void setAuthenticationToken(Authentication authentication) {
+ if( logger.isDebugEnabled() ) {
+ logger.debug("New authentication token: " + authentication);
+ }
+
+ CommonsHttpInvokerRequestExecutor executor
+ = (CommonsHttpInvokerRequestExecutor)
getHttpInvokerRequestExecutor();
+ HttpClient httpClient = executor.getHttpClient();
+ httpClient.getParams().setAuthenticationPreemptive(authentication !=
null);
+ UsernamePasswordCredentials usernamePasswordCredentials;
+ if (authentication != null) {
+ usernamePasswordCredentials = new UsernamePasswordCredentials(
+ authentication.getName(),
authentication.getCredentials().toString());
+ } else {
+ usernamePasswordCredentials = null;
+ }
+ httpClient.getState().setCredentials(AuthScope.ANY,
usernamePasswordCredentials);
+ }
+}
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
spring-rich-c-cvs mailing list
spring-rich-c-cvs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/spring-rich-c-cvs
