I'm not a lot in this Hibernate/Spring/Acegi stuff currently but I'm
really curious about it.
I wonder, Jesper, if you wouldn't have an advantage of using James'
Tapernate stuff. If not, why ?
BTW, I think the Wiki is the best place where such excellent mail
should end up !
Cheers
ZedroS
On 7/11/06, James Carman <[EMAIL PROTECTED]> wrote:
You can tell HiveMind to use a different password encoder if you want. All
you have to do is override the symbol hivemind.acegi.dao.passwordEncoder:
<contribution configuration-id="hivemind.ApplicationDefaults">
<default
symbol="hivemind.acegi.dao.passwordEncoder"
value="org.acegisecurity.providers.encoding.Md5PasswordEncoder"/>
</contribution>
-----Original Message-----
From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz
Sent: Tuesday, July 11, 2006 3:31 AM
To: [email protected]
Subject: Tapestry + Acegi + Spring integration
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The integration of Tapestry, Acegi and Spring seems to be a hot topic.
I have created a simple example that shows how that can be done. The
complete source code can be found here:
http://www.zedlitz.de/tapestry-acegi.zip (8kB)
If you have Maven2 installed you can go into the directoy tapestry-acegi and
enter the command "mvn jetty6:run". Then you can access the application via
this URL: http://localhost:8080/tapestry-acegi/app
First I needed two pages (one secured):
* src/main/webapp/Home.html
* src/main/webapp/Secured.html
Each of these pages is accompanied by a Java class:
* src/main/java/de/zedlitz/tapestry/acegi/Home.java
* src/main/java/de/zedlitz/tapestry/acegi/Secured.java (This is the only
place where you have to specify that this page is secured!)
I have to tell Tapestry in which package to find the classes:
* src/main/webapp/WEB-INF/tapestry-acegi.application
A standard webapplication setup for Tapestry and Spring:
* src/main/webapp/WEB-INF/web.xml
The Spring configuration is also not spectacular. Every Spring enabled
application that uses Acegi has something like that.
* src/main/resources/applicationContext.xml
Only three beans are created here:
* memoryAuthenticationDao (In the example the username and password is
specified here. But of course you can put any complex bean here to retrieve
user information.)
* daoAuthenticationProvider
* authenticationManager
Now the interesting part - how to put it together:
* src/main/resources/META-INF/hivemodule.xml
* src/main/java/de/zedlitz/tapestry/acegi/UserDetailsServiceImpl.java
The service point "SpringApplicationInitializer" gives you access to
Spring's beans. I have written an implementation for the service
"hivemind.acegi.dao.UserDetailsService",
de.zedlitz.tapestry.acegi.UserDetailsServiceImpl that combines a Spring
UserDetailsService, the PasswordEncoder and the configured salt. From
hivemodule.xml:
<implementation service-id="hivemind.acegi.dao.UserDetailsService">
<invoke-factory>
<construct class="de.zedlitz.tapestry.acegi.UserDetailsServiceImpl">
<set-object property="userDetailsService"
value="spring:memoryAuthenticationDao"/>
<set-service property="passwordEncoder"
service-id="hivemind.acegi.dao.PasswordEncoder"/>
<set property="salt" value="DUKE"/>
</construct>
</invoke-factory>
</implementation>
The dependencies from pom.xml are probably also interesting:
* tapestry/tapestry-annotations 4.0.1
* tapestry/tapestry 4.0.1
* org.springframework/spring 1.2.6
* org.acegisecurity/acegi-security-tiger 1.0.1
* com.javaforge.tapestry/tapestry-spring 0.1.2
* com.javaforge.tapestry/tapestry-acegi 0.1-SNAPSHOT
* com.javaforge.hivemind/hivemind-acegi-dao 0.1-SNAPSHOT
I think that the solution could be made easier. My UserDetailsServiceImpl
class basicly forwards a UserDetails object. The encoding of the password
could be unnecessary if you could tell Hivemind to use a different
PasswordEncoder.
Jesper
- --
Jesper Zedlitz eMail : [EMAIL PROTECTED]
Homepage : http://www.zedlitz.de
ICQ# : 23890711
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFEs1OgjSxW58yLxdgRAnqvAKDAfjpbyZPSLroWSK/xSWtVd6YwhACg63tF
U7a/UQZyLIf8IHXa0/WUV0o=
=vFNN
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
