Hi guys,
For appfuse 1.9.4, I removed the line
<prop key="/users.html">userController</prop>
from "adminUrlMapping" bean in action-servlet.xml and everything
works normal as before, the same security check seems to
be done in security.xml already
E.g.
<bean id="filterInvocationInterceptor"
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
.....
/signup.html*=ROLE_ANONYMOUS,admin,user
/users.html*=admin
...
</value>
</property>
</bean>
So I was wandering if we even need adminUrlMapping bean at all
in action-servlet.xml if we simply do all security check in security.xml??
on the other hand, it looks like we replace acegi security on the
filterInvocationInterceptor bean part
with spring spring security like adminUrlMapping bean in
action-servlet.xml....
Thanks,
Sam
