Tags
People
Badges
Help-
CORE FRAMEWORK
FEATURED COMPONENTS
-
RESOURCES
-
LEARN ZK
RESOURCES
Do not know much about the structure aplicastes in developing your security scheme, I have another, but the only problem is that one does not pass the datasource, because I have no static roles but took them out of a database I have with jpa, I appreciate you to tell me.
This is my actual code:
<authentication-manager>
<authentication-provider>
hash="md5"/> <password-encoder
<user-service>
name="rod" <user password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
name="dianne" <user password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
name="scott" <user password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
name="peter" <user password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
</ user-service>
</ authentication-provider>
</ authentication-manager>
And I want to parse the information from the database. as I do?, I clarify that I am working with .... jpa.
Help .... please.
Is that meant to be in web.xml? Are you missing closing tag characters?
I personally use Tomcat's JDBCRealm.
What I am missing here is that you say you take roles from db but I can see username and password in xml code...
If you will go against a database to verify the users data and get the roles you need a DAO authentication provider and a custom UserDetailSerciceImpl
Google for these words, or/and have a look on the Zksample2 sources. As an entry read the springSecurityContext.xml
best
Stephan
Apparently we have different time zones, until yesterday no one would help me perse, ok, I just want to validate my information from a mysql database, I have the following tables: Users, Groups, Group authority, authority, group member.
Now I have to configure the xml to find the data where I quiero.Esta part is I could not solve. I've been watching Terry zkexample 2, but I would like you to tell me what are the classes that actually interact with spring security for the user ID as you apply various things, guide me and I just want to develop my project.
A detailed files below which shows the configuration:
Bold TextApplication-context-security.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!--
- Spring namespace-based configuration
-->
<beans:beans xmlns:security="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<security:http>
<security:intercept-url pattern="/secure/extreme/**" access="hasRole('ROLE_SUPERVISOR')"/>
<security:intercept-url pattern="/secure/**" access="isAuthenticated()" />
<security:intercept-url pattern="/**" access="permitAll" />
<security:form-login login-page="/login.zul" default-target-url="/privatesection.zul" authentication-failure-url="/accessDenied.zul"/>
<security:logout logout-success-url="/login.zul"/>
</security:http>
<!-- THIS IS THE PART THAT DID NOT UNDERSTAND HOW TO SET UP OR LINK, THIS IS A WORK BASED ON AN EXAMPLE OF SMALL TALK.-->
<beans:bean id="passwordEncoder"
class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" />
<security:authentication-provider user-service-ref="userService">
<security:password-encoder ref="passwordEncoder"/>
</security:authentication-provider>
</beans:beans>
zk.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!--
Created by ZK Studio
-->
<zk>
<system-config>
<disable-event-thread/>
</system-config>
</zk>
Bold Textweb.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
<display-name>Talento</display-name>
<description>Spring+Zkoss sample web application</description>
<context-param>
<param-name>webAppRootKey</param-name>
<param-value>Talento.root</param-value>
</context-param>
<!--
- Location of the XML file that defines the root application context.
- Applied by ContextLoaderServlet.
-
- "/WEB-INF/applicationContext-jpa.xml" for the JPA configuration,
- "/WEB-INF/applicationContext-security.xml" for the spring security configuration,
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-jpa.xml
/WEB-INF/applicationContext-security.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!--
- Spring Security Filter Chains
-->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<description>
Used to cleanup when a session is destroyed</description>
<display-name>
ZK Session cleaner</display-name>
<listener-class>org.zkoss.zk.ui.http.HttpSessionListener</listener-class>
</listener>
<servlet>
<description>
The servlet loads the DSP pages</description>
<servlet-name>dspLoader</servlet-name>
<servlet-class>
org.zkoss.web.servlet.dsp.InterpreterServlet</servlet-class>
</servlet>
<servlet>
<description>
The ZK loader for ZUML pages</description>
<servlet-name>zkLoader</servlet-name>
<servlet-class>
org.zkoss.zk.ui.http.DHtmlLayoutServlet</servlet-class>
<init-param>
<param-name>update-uri</param-name>
<param-value>/zkau</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<description>
The asynchronous update engine for ZK</description>
<servlet-name>auEngine</servlet-name>
<servlet-class>
org.zkoss.zk.au.http.DHtmlUpdateServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>zkLoader</servlet-name>
<url-pattern>*.zul</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>zkLoader</servlet-name>
<url-pattern>*.zhtml</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>auEngine</servlet-name>
<url-pattern>/zkau/*</url-pattern>
</servlet-mapping>
<session-config>
<!-- Default to 5 minute session timeouts -->
<session-timeout>15</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>login.zul</welcome-file>
</welcome-file-list>
</web-app>
Bold Textapplication-context-jpa-xml:
<?xml version="1.0" encoding="UTF-8"?>
<!--
Application context definition for WebAppZk on JPA.
-->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:jee="http://www.springframework.org/schema/jee"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/jee
http://www.springframework.org/schema/jee/spring-jee-2.5.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-2.5.xsd">
<!--
========================= RESOURCE DEFINITIONS
=========================
-->
<!--
Activates a load-time weaver for the context. Any bean within the
context that implements LoadTimeWeaverAware (such as
LocalContainerEntityManagerFactoryBean) will receive a reference to
the autodetected load-time weaver. <bean
class="org.springframework.instrument.classloading.InstrumentationLoadTimeWeaver"/>
<context:load-time-weaver/
-->
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver" />
<property name="url" value="jdbc:mysql://localhost:3306/talentohumano" />
<property name="username" value="root" />
<property name="password" value="root" />
</bean>
<!-- JPA EntityManagerFactory -->
<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="dataSource" ref="dataSource" />
</bean>
</beans>
Listo esta es toda la informacion que tengo ahora quisiera saber como puedo colocarla a funcionar......espero su ayuda....
Desde colombia....Jaider
OK,
Terrytornardo, I continued reading and understanding your application ZKexample2 so far I've come to understand some things and I think that may be useful or otherwise configured for general use such as:
1. jdbc.properties: up to now very clear.
2.applicationContext-db.xml: Well this class I entindido half, because in my project for spring aop NIO implement, but I imagine there are parts I can remove and works well, com is the part of the services.
3.applicationContext-zkoss.xml: This file if it is to serve, I would appreciate you to tell me.
4. applicationContext.xml: No problems.
5.Customize-applicationContext.xml: This part is not due to re-set the context and the "Datasource" not because the connection is called with value = "$ {I do jdbc.driverClassName }"... traditionally ..... or this is the jdbc.properties?.
And <util:properties id="hibernateProperties"> is required or is set to mysql.
6. springSecurityContext.xml: In this file from where the options
alias="authenticationManager"> <authentication-manager
user-service-ref="myUserDetailsService"> <authentication-provider
these are in the project?.
Your apology for asking so many questions, but hopefully you understand my desperation and with this issue.
Garcias
i will have a look on your questions tomorrow.
Ok, Terry, sorry for the English as incomprehensible, is the translator, is original in Spanish, Terry truth I need is just a mini application that the user's control of spring through security, not if you have an example of your beginning with spring security, which is small and validates users with a database, what happens is that your application is quite complex, and encompasses more than what I'm looking .... really appreciate you.
I know you're the man of the solutions, at least in this case.
"the man of the solutions" sounds great...
1. jdbc.properties: up to now very clear.
This file holds the parameters for the database access.
As default the params for the embedded H2 database are active.
2.applicationContext-db.xml: Well this class I entindido half, because in my project for spring aop NIO implement, but I imagine there are parts I can remove and works well, com is the part of the services.
This file configures the transaction management by using one of the offered and ready to use classes from spring, here we take the org.springframework.orm.hibernate3.HibernateTransactionManager. (the commit/rollback stuff | so we do not need to code the all times equals commit/rollback structures ).
And as a step further this is configured as a so called aspect (aspect oriented programming) . These aspect lies over a package name like <aop:pointcut id="daoMethods"
expression="execution(* de.forsthaus.backend.dao.*.*(..))" /> Means that a magic listener looks over these path and if a called method is in one of these packages than the spring/hibernate transaction mechanism works in the background for us.
3.applicationContext-zkoss.xml: This file if it is to serve, I would appreciate you to tell me.
This file configures the gui controllers based on zk so we name it xxx.zkoss.xml. That's all.
Spring will at deployment (tomcat start) pre-instantiate these classes as so called 'beans' .
We call such a controller in a zul-file with the tag apply="mypPackageName.myBeanId"
4. applicationContext.xml: No problems.
:-) No it's not empty. It holds hidden code with the postal address for sending the beer.
5.Customize-applicationContext.xml: This part is not due to re-set the context and the "Datasource" not because the connection is called with value = "$ {I do jdbc.driverClassName }"... traditionally ..... or this is the jdbc.properties?.
This is an important helper configuration file for us to deploy with minimal changes aginst the embedded H2 or an other Database . In it we/you can deactivate the embedded H2 database server for creating and working with the demo data out of the box.
This file is 'replaced' in the build process of the online Zksample2 app on our web server. So it's replaced with a similar file which let the app access to our PostgreSQL database on the web server.
And <util:properties id="hibernateProperties"> is required or is set to mysql.
Exactly. Hibernate needs information about the database type.
6. springSecurityContext.xml: In this file from where the options
alias="authenticationManager"> <authentication-manager
user-service-ref="myUserDetailsService"> <authentication-provider
these are in the project?.
...-ref="myUserDetailsService" . In spring language this means you must have a look to the bean with the name 'myUserDetailsService' to find the classes. And you will find it a few lines beneath that declaration.
<!-- ====================================================== -->
<!-- The Implementation of the Interface -->
<!-- UserDetailService for the logged in -->
<!-- user and his rights -->
<!-- ====================================================== -->
<beans:bean id="myUserDetailsService" class="de.forsthaus.policy.model.PolicyManager">
<beans:property name="userService" ref="userService" />
</beans:bean>
You will find the codes in the de.forsthaus.policy.model.PolicyManager.java and the de.forsthaus.policy.model.*
You can let away the PasswordEncoder stuff. Bjoern have implemented this only for demonstrating the working of a one-time-password token. Great.
I have cleaned up a little the codes so you can reload them.
In short:
Spring-security works step by step their so called security chain.
By going the way to authenticate against a database you must imlement a so called DAO authentication provider.
Therefore an implementation of the spring's UserDetailService needs only ONE methode
@Override
public UserDetails loadUserByUsername(String userId) {
and here YOU must code the access against the database and get the rights for the user and put them all in the needed UserDetails object.
And here is place for customizing as we do it.
best
Stephan
Thanks Terry, I'll be reporting on my progress ...
Gracias compadre.
Asked: 2011-04-06 17:31:29 +0800
Seen: 436 times
Last updated: Apr 08 '11
