I forgot to mention that Spring Security is compatible with Stripesstuff SecurityManager:
http://www.stripesframework.org/display/stripes/Security+Interceptor+for+custom+authorization This is handy, because you then can use standard Java annotations to secure resolutions on actionbeans: @javax.annotation.security.RolesAllowed("ROLE_ADMIN") In you're code you can also query the principal and roles by using standard Java API: getContext().getRequest().isUserInRole("ROLE_ADMIN"); getContext().getRequest().getUserPrincipal().getName(); If you customize the Spring Security principal you can retrieve it like this: import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) getContext().getRequest().getUserPrincipal(); CustomPrincipal customPrincipal = (CustomPrincipal) token.getPrincipal(); userId = customPrincipal.getUserId(); "Brian McSweeney" <brian.mcswee...@gmail.com> wrote in message news:aanlktimol_cy4tgsi0pqnnx5ja9st4-kbiutiork0...@mail.gmail.com... > Super info, > > thanks a million...i'm slowly getting it working and of course, the > problem > I was experiencing was not stripes related but more the config of spring > security. Appreciate your help > > :) > > On Tue, May 11, 2010 at 11:24 AM, KR > <k-no-s...@a4consulting.nl> wrote: > >> Brian, Richard, >> >> I made a small how-to-spring-security. Remember, there is nothing special >> about using Spring Security with Stripes, so you can just follow the >> Spring >> documentation if I am not clear enough (or forgot something crucial.) >> >> First you will need to add the Spring and Spring Security jars (they are >> separate downloads) to you're classpath. >> >> Next you will need to configure you're web.xml. >> >> Besides the regular Spring ContextLoaderListener you will also need to >> add >> a >> Spring Security listener: >> >> <listener> >> >> >> >> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> >> >> </listener> >> >> <listener> >> >> >> >> <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class> >> >> </listener> >> >> In the same web.xml you also need to add a filter (make sure it's the >> first >> in the file!). In my application it looks like this: >> >> <filter> >> >> <filter-name>springSecurityFilterChain</filter-name> >> >> >> >> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> >> >> </filter> >> >> >> >> <filter-mapping> >> >> <filter-name>springSecurityFilterChain</filter-name> >> >> <url-pattern>/*</url-pattern> >> >> </filter-mapping> >> >> >> >> You will also need to add the locations of you're Spring configuration >> files: >> >> <context-param> >> >> <param-name>contextConfigLocation</param-name> >> >> <param-value> >> >> /WEB-INF/applicationContext.xml >> >> /WEB-INF/applicationContext-security.xml >> >> </param-value> >> >> </context-param> >> >> >> Then you'le need to configure you're applicationContext-security and >> customize classes. You can find detailed info about this in the Spring >> security documention: >> >> >> >> http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ns-config.html >> >> >> >> A good customization example of this can be found here: >> >> >> >> >> http://stackoverflow.com/questions/2683308/spring-security-3-database-authentication-with-hibernate/2701722#2701722 >> >> >> >> >> >> BTW, it would be much easier to ask this on Stack Overflow. I could then >> answer the question over there (much better layout). >> >> >> >> "Richard Hauswald" >> <richard.hausw...@googlemail.com> wrote in >> message >> news:aanlktiksr_aigzjdlrsi_blgbp_eyklhmjqwknipn...@mail.gmail.com... >> > Karen, >> > I'm also interested in this topic. Would you mind give me some startup >> > pointers? >> > Thankz, >> > Richard >> > >> > >> > On Mon, May 10, 2010 at 11:56 PM, KR >> > <k-no-s...@a4consulting.nl> wrote: >> >> Brian, >> >> >> >> No problems here, using Spring Security 3. >> >> >> >> Karen >> >> >> >> "Brian McSweeney" >> >> <brian.mcswee...@gmail.com> >> >> wrote in message >> >> news:aanlktinzuw1krhgrpcs3ucddoqeskcywejsrynhcu...@mail.gmail.com... >> >>> Hey folks, >> >>> >> >>> I'm having problems integrating spring security into a stripes >> >>> application. >> >>> Can anyone tell me if they've successfully done this before? >> >>> >> >>> thanks, >> >>> Brian >> >>> >> >> >> >> >> >> >> -------------------------------------------------------------------------------- >> >> >> >> >> >>> >> ------------------------------------------------------------------------------ >> >>> >> >>> >> >> >> >> >> >> >> -------------------------------------------------------------------------------- >> >> >> >> >> >>> _______________________________________________ >> >>> Stripes-users mailing list >> >>> Stripes-users@lists.sourceforge.net >> >>> https://lists.sourceforge.net/lists/listinfo/stripes-users >> >>> >> >> >> >> >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> >> >> _______________________________________________ >> >> Stripes-users mailing list >> >> Stripes-users@lists.sourceforge.net >> >> https://lists.sourceforge.net/lists/listinfo/stripes-users >> >> >> > >> > >> > >> > -- >> > Richard Hauswald >> > Blog: http://tnfstacc.blogspot.com/ >> > LinkedIn: http://www.linkedin.com/in/richardhauswald >> > Xing: http://www.xing.com/profile/Richard_Hauswald >> > >> > >> ------------------------------------------------------------------------------ >> >> >> >> >> ------------------------------------------------------------------------------ >> >> _______________________________________________ >> Stripes-users mailing list >> Stripes-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/stripes-users >> > > > > -- > ----------------------------------------- > Brian McSweeney > > Technology Director > Smarter Technology > web: http://www.smarter.ie > phone: +353868578212 > ----------------------------------------- > -------------------------------------------------------------------------------- > ------------------------------------------------------------------------------ > > -------------------------------------------------------------------------------- > _______________________________________________ > Stripes-users mailing list > Stripes-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/stripes-users > ------------------------------------------------------------------------------ _______________________________________________ Stripes-users mailing list Stripes-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/stripes-users
