You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by jh...@apache.org on 2009/03/02 04:08:16 UTC
svn commit: r749156 [1/2] - in /incubator/jsecurity/import/trunk: ./
samples/quickstart/ samples/spring-hibernate/
samples/spring-hibernate/WEB-INF/
samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/
samples/spring-hibernate/src/org/jsecuri...
Author: jhaile
Date: Mon Mar 2 03:08:14 2009
New Revision: 749156
URL: http://svn.apache.org/viewvc?rev=749156&view=rev
Log:
Updated Spring-Hibernate sample with goal of simplifying code, adding a web interface, and using latest technology, annotations, etc.
Added:
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/BootstrapDataPopulator.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateDao.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateUserDAO.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/UserDAO.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/
- copied from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/party/
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Role.java
- copied, changed from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/Role.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/SampleRealm.java
- copied, changed from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/DefaultRealm.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/DefaultUserService.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/UserService.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/CurrentUserInterceptor.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserCommand.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserValidator.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/HomeController.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginCommand.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginValidator.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/ManageUsersController.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/SecurityController.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/SignupCommand.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/SignupController.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/SignupValidator.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/applicationContext.xml
- copied, changed from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/WEB-INF/applicationContext.xml
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/classes/
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/classes/ehcache.xml
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/classes/hibernate.cfg.xml
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/classes/log4j.properties
- copied unchanged from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/WEB-INF/classes/log4j.properties
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/editUser.jsp
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/home.jsp
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/login.jsp
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/manageUsers.jsp
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/jsp/signup.jsp
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/sprhib-servlet.xml
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/WEB-INF/web.xml
- copied, changed from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/WEB-INF/web.xml
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/index.jsp
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/styles/
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/styles/sample.css
incubator/jsecurity/import/trunk/samples/spring-hibernate/web/unauthorized.jsp
Removed:
incubator/jsecurity/import/trunk/samples/spring-hibernate/WEB-INF/
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/eis/
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/entity/
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Gender.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Person.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/eis/
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/party/
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/DefaultRealm.java
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/Role.java
Modified:
incubator/jsecurity/import/trunk/ivy.xml
incubator/jsecurity/import/trunk/jsecurity.iml
incubator/jsecurity/import/trunk/jsecurity.ipr
incubator/jsecurity/import/trunk/samples/quickstart/quickstart.iml
incubator/jsecurity/import/trunk/samples/spring-hibernate/build.xml
incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/User.java
incubator/jsecurity/import/trunk/samples/standalone/standalone.iml
Modified: incubator/jsecurity/import/trunk/ivy.xml
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/ivy.xml?rev=749156&r1=749155&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/ivy.xml (original)
+++ incubator/jsecurity/import/trunk/ivy.xml Mon Mar 2 03:08:14 2009
@@ -59,8 +59,8 @@
conf="samples"/>
<dependency org="xerces" name="xercesImpl" rev="2.8.1" transitive="false" conf="samples"/>
<dependency org="quartz" name="quartz" rev="1.5.2" transitive="false" conf="compile"/>
- <dependency org="org.springframework" name="spring" rev="2.5.1" transitive="false" conf="compile,samples"/>
- <dependency org="org.springframework" name="spring-webmvc" rev="2.5.1" transitive="false" conf="samples"/>
+ <dependency org="org.springframework" name="spring" rev="2.5.6" transitive="false" conf="compile,samples"/>
+ <dependency org="org.springframework" name="spring-webmvc" rev="2.5.6" transitive="false" conf="samples"/>
<dependency org="javax.servlet" name="servlet-api" rev="2.4" transitive="false" conf="compile,samples"/>
<dependency org="javax.servlet.jsp" name="jsp-api" rev="2.0" transitive="false" conf="compile"/>
@@ -69,6 +69,10 @@
<dependency org="javax.servlet" name="jstl" rev="1.2" transitive="false" conf="samples"/>
<dependency org="taglibs" name="standard" rev="1.1.2" transitive="false" conf="samples"/>
<dependency org="hsqldb" name="hsqldb" rev="1.8.0.7" transitive="false" conf="samples"/>
+ <dependency org="org.hibernate" name="ejb3-persistence" rev="1.0.2.GA" conf="samples"/>
+ <dependency org="org.hibernate" name="hibernate-annotations" rev="3.2.1.ga" conf="samples">
+ <exclude org="javax.transaction"/>
+ </dependency>
<dependency org="org.hibernate" name="hibernate" rev="3.2.6.ga" conf="samples">
<!-- JTA 1.0.1b jar is not allowed in the Maven repo because of Sun's binary license, so we have to
download it explictly from another location (we use Geronimo's version) -->
@@ -85,99 +89,6 @@
<artifact name="docbook-libs" type="zip" ext="zip"/>
</dependency>
- <!-- TODO: move these contents (old library_versions.txt file) into appropriate places in this document. -->
- <!-- This file lists all 3rd party libraries (and their versions!!!) that
- are required to build or run the project.
-
- If you're a developer editing this file, please keep all listings in alphabetical order for
- convenient lookup.
-
- Some notes:
-
- - Each 3rd party library is stored in a directory named after the
- open-source project or company that created it. This makes for
- easy organization of lots of libs.
-
- - Jar files stored _do not_ have version numbers
- actually in their file name. If the jar originally comes as such,
- it is renamed with the version number stripped off. The version
- number is instead maintained in this file. The reason for this is
- so that every time we need to upgrade any 3rd party library,
- we don't have to edit any build.xml or properies files to reflect
- a potential name change due to a version number - you just note
- that change once in this file and overwrite the old jar, checking
- in that overwrite to CVS in the process.
-
- - Each 3rd party lib is listed here along with what it is
- used for and if its needed for build-time, run-time or both.
-
- - Thanks to the gents working on the Spring Framework (http://www.springframework.org)
- that provided the template and the idea for this file.
-
- * atunit/atunut.jar
- - AtUnit 1.0
- - Used in unit tests
-
- * easymock/easymock.jar, easymockclassextension.jar
- - EasyMock 2.2 w/ ClassExtension 2.2 (http://www.easymock.org)
- - Used in test cases for creating dynamic mock objects
-
- * ehcache/ehcache.jar
- - ehcache 1.3.0 (http://ehcache.sourceforge.net/)
- - Required for compiling, using ehcache cache manager, and for runtime session management
-
- * google-collections/google-collect.jar
- - Google Collections Snapshot 20071022
- - Used in test cases for conveniently constructing collections
-
- * hsqldb/hsqldb.jar
- - HSQLDB 1.8.0.7 (http://www.hsqldb.org)
- - Used in the sample application to show an example of a JDBC-based Realm.
-
- * j2ee/jsp-api.jar
- - JSP API 2.0 (http://java.sun.com/products/jsp)
- - Required for building the RI tag libraries
-
- * j2ee/servlet-api.jar
- - Servlet API 2.4 (http://java.sun.com/products/servlet)
- - required for building web support classes (Servlet Filters, etc)
-
- * jakarta-commons/commons-beanutils-core.jar
- - Commons BeanUtils 1.7.0 (http://jakarta.apache.org/commons/beanutils/index.html)
- - required for building and running JSecurity
- - used for constructing Permissions in the Reference Implementation's PermissionAnnotationAuthorizationModule
-
- * jboss/jboss-aop.jar
- - JBoss AOP jar from the JBoss 4.0.4.GA Application Server release
- - Required at build time for JBoss integration support classes.
-
- * jug/jug.jar
- - Java Uuid Genrator (JUG) v. 2.0.0 (Apache 2.0 jar) (http://jug.safehaus.org/)
- - used as a fallback UUID generator for memory-based session management if below Java 1.5
-
- * junit/junit.jar
- - JUnit Test Framework 4.1 (http://www.junit.org)
- - Required for building and running test cases
-
- * log4j/log4j.jar
- - Log4J 1.2.9 (http://logging.apache.org/log4j)
- - required by the RI during build and runtime for logging support
-
- * quartz/quartz.jar
- - Quartz 1.5.2 (http://www.opensymphony.com/quartz)
- - required during build and runtime for Quartz-based session validation support
-
- * retroweaver/retroweaver.jar,retroweaver-rt.jar
- - Retroweaver 2.0 (http://retroweaver.sourceforge.net)
- - required for retroweaving to support JDK 1.3 and 1.4
- - rt jar is required at runtime if running in 1.3 or 1.4
-
- * spring/spring.jar
- - Spring Application Framework 2.0.2 (http://springframework.org)
- - required to build Spring integration support and sample apps
- -->
-
-
</dependencies>
</ivy-module>
\ No newline at end of file
Modified: incubator/jsecurity/import/trunk/jsecurity.iml
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/jsecurity.iml?rev=749156&r1=749155&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/jsecurity.iml (original)
+++ incubator/jsecurity/import/trunk/jsecurity.iml Mon Mar 2 03:08:14 2009
@@ -3,17 +3,10 @@
<component name="FacetManager">
<facet type="Spring" name="Spring">
<configuration>
- <fileset id="fileset1" name="Spring Sample" removed="false">
- <file>file://$MODULE_DIR$/samples/spring/webroot/WEB-INF/applicationContext.xml</file>
- <file>file://$MODULE_DIR$/samples/spring/etc/webstart.spring.xml</file>
- <file>file://$MODULE_DIR$/samples/spring/webroot/WEB-INF/sample-servlet.xml</file>
- <file>file://$MODULE_DIR$/samples/spring/webroot/WEB-INF/remoting-servlet.xml</file>
+ <fileset id="fileset2" name="Spring Hibernate Sample" removed="false">
+ <file>file://$MODULE_DIR$/samples/spring-hibernate/web/WEB-INF/applicationContext.xml</file>
+ <file>file://$MODULE_DIR$/samples/spring-hibernate/web/WEB-INF/sprhib-servlet.xml</file>
</fileset>
- <options>
- <option name="enableValidation" value="true" />
- <option name="reportErrorsAsWarnings" value="true" />
- </options>
- <customNs />
</configuration>
</facet>
<facet type="web" name="jsecurity-web">
@@ -23,6 +16,7 @@
</descriptors>
<webroots>
<root url="file://$MODULE_DIR$/samples/web" relative="/" />
+ <root url="file://$MODULE_DIR$/samples/spring-hibernate/web" relative="/" />
</webroots>
<sourceRoots>
<root url="file://$MODULE_DIR$/src" />
@@ -32,11 +26,7 @@
<setting name="EXPLODED_ENABLED" value="true" />
<setting name="JAR_URL" value="file://$MODULE_DIR$/out/Quickstart Webapp.war" />
<setting name="JAR_ENABLED" value="false" />
- <setting name="BUILD_MODULE_ON_FRAME_DEACTIVATION" value="false" />
- <setting name="BUILD_EXTERNAL_DEPENDENCIES" value="false" />
<setting name="EXCLUDE_EXPLODED_DIRECTORY" value="true" />
- <setting name="RUN_JASPER_VALIDATION" value="true" />
- <setting name="BUILD_ONLY_WEB_RESOURCES" value="false" />
</building>
<packaging>
<containerElement type="module" name="jsecurity">
@@ -59,6 +49,14 @@
</packaging>
</configuration>
</facet>
+ <facet type="hibernate" name="Hibernate">
+ <configuration>
+ <datasource-map>
+ <unit-entry name="samples/spring-hibernate/web/WEB-INF/classes/hibernate.cfg.xml" />
+ </datasource-map>
+ <deploymentDescriptor name="hibernate.cfg.xml" url="file://$MODULE_DIR$/samples/spring-hibernate/web/WEB-INF/classes/hibernate.cfg.xml" optional="false" version="3.0" />
+ </configuration>
+ </facet>
</component>
<component name="NewModuleRootManager" inherit-compiler-output="false">
<output url="file://$MODULE_DIR$/build/classes" />
@@ -89,7 +87,6 @@
</library>
</orderEntry>
<orderEntry type="library" name="quickstart-libs" level="project" />
- <orderEntryProperties />
</component>
<component name="copyright">
<Base>
Modified: incubator/jsecurity/import/trunk/jsecurity.ipr
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/jsecurity.ipr?rev=749156&r1=749155&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/jsecurity.ipr (original)
+++ incubator/jsecurity/import/trunk/jsecurity.ipr Mon Mar 2 03:08:14 2009
@@ -7,6 +7,7 @@
<antReference projectDefault="true" />
<customJdkName value="" />
<maximumHeapSize value="128" />
+ <maximumStackSize value="32" />
<properties />
</buildFile>
</component>
@@ -40,6 +41,9 @@
<entry name="?*.tld" />
</wildcardResourcePatterns>
</component>
+ <component name="CopyrightManager" default="">
+ <module2copyright />
+ </component>
<component name="DependenciesAnalyzeManager">
<option name="myForwardDirection" value="false" />
</component>
@@ -60,6 +64,7 @@
<option name="ADDITIONAL_OPTIONS_STRING" value="" />
<option name="MAXIMUM_HEAP_SIZE" value="128" />
</component>
+ <component name="Encoding" useUTFGuessing="true" native2AsciiForPropertiesFiles="false" />
<component name="EntryPointsManager">
<entry_points version="2.0" />
</component>
@@ -275,7 +280,13 @@
</item>
</group>
</component>
+ <component name="ProjectDetails">
+ <option name="projectName" value="jsecurity" />
+ </component>
<component name="ProjectFileVersion" converted="true" />
+ <component name="ProjectKey">
+ <option name="state" value="https://svn.apache.org/repos/asf/incubator/jsecurity/import/trunk/jsecurity.ipr" />
+ </component>
<component name="ProjectModuleManager">
<modules>
<module fileurl="file://$PROJECT_DIR$/jsecurity.iml" filepath="$PROJECT_DIR$/jsecurity.iml" />
@@ -283,7 +294,7 @@
<module fileurl="file://$PROJECT_DIR$/samples/standalone/standalone.iml" filepath="$PROJECT_DIR$/samples/standalone/standalone.iml" />
</modules>
</component>
- <component name="ProjectRootManager" version="2" assert-keyword="true" jdk-15="true" project-jdk-name="1.5" project-jdk-type="JavaSDK">
+ <component name="ProjectRootManager" version="2" languageLevel="JDK_1_5" assert-keyword="true" jdk-15="true" project-jdk-name="1.5" project-jdk-type="JavaSDK">
<output url="file://$PROJECT_DIR$/build/idea" />
</component>
<component name="ResourceManagerContainer">
@@ -318,7 +329,8 @@
</entry>
</map>
</option>
- <option name="myVersion" value="123" />
+ <option name="myVersion" value="124" />
+ <option name="mySupportsUserInfoFilter" value="true" />
</component>
<component name="VcsDirectoryMappings">
<mapping directory="" vcs="svn" />
@@ -486,39 +498,11 @@
<component name="libraryTable">
<library name="all-libs">
<CLASSES>
- <root url="jar://$PROJECT_DIR$/lib/test/dom4j.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/servlet-api.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/junit.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/spring.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/backport-util-concurrent.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/ehcache.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/jsp-api.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/asm.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/jstl.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/geronimo-jta_1.0.1B_spec.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/commons-beanutils.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/retroweaver-rt.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/log4j.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/quartz.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/hsqldb.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/hibernate.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/docbook-libs.zip!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/spring-webmvc.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/commons-logging.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/asm-util.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/commons-collections.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/asm-commons.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/antlr.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/standard.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/cglib.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/easymockclassextension.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/retroweaver.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/asm-attrs.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/asm-tree.jar!/" />
- <root url="jar://$PROJECT_DIR$/lib/test/easymock.jar!/" />
+ <root url="file://$PROJECT_DIR$/lib/test" />
</CLASSES>
<JAVADOC />
<SOURCES />
+ <jarDirectory url="file://$PROJECT_DIR$/lib/test" recursive="false" />
</library>
<library name="quickstart-libs">
<CLASSES>
Modified: incubator/jsecurity/import/trunk/samples/quickstart/quickstart.iml
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/quickstart/quickstart.iml?rev=749156&r1=749155&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/samples/quickstart/quickstart.iml (original)
+++ incubator/jsecurity/import/trunk/samples/quickstart/quickstart.iml Mon Mar 2 03:08:14 2009
@@ -9,7 +9,6 @@
<orderEntry type="sourceFolder" forTests="false" />
<orderEntry type="module" module-name="jsecurity" />
<orderEntry type="library" name="quickstart-libs" level="project" />
- <orderEntryProperties />
</component>
<component name="copyright">
<Base>
Modified: incubator/jsecurity/import/trunk/samples/spring-hibernate/build.xml
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/build.xml?rev=749156&r1=749155&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/build.xml (original)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/build.xml Mon Mar 2 03:08:14 2009
@@ -98,7 +98,7 @@
- dist - create distribution war (which will be used for deployment)
- =================================================================== -->
<target name="dist" depends="compile,jar" description="Creates the quickstart .war">
- <war warfile="${dist.war}" webxml="WEB-INF/web.xml">
+ <war warfile="${dist.war}" webxml="web/WEB-INF/web.xml">
<lib dir="${dist.dir}" includes="*.jar"/>
<lib dir="${root.dist.dir}" includes="jsecurity.jar"/>
<lib dir="${lib.dir}/samples">
@@ -110,10 +110,12 @@
<include name="backport-util-concurrent.jar"/>
<include name="hsqldb.jar"/>
<include name="spring.jar"/>
+ <include name="spring-webmvc.jar"/>
</lib>
<!-- Hibernate libs: -->
<lib dir="${lib.dir}/samples">
- <include name="hibernate.jar"/>
+ <include name="persistence-api.jar"/>
+ <include name="hibernate*.jar"/>
<include name="antlr.jar"/>
<include name="asm-attrs.jar"/>
<include name="asm.jar"/>
@@ -122,8 +124,7 @@
<include name="dom4j.jar"/>
<include name="commons-collections.jar"/>
</lib>
- <fileset dir="${module.base.dir}" includes="**" excludes="**/web.xml, **/build.xml"/>
- <!-- <lib dir="${dist.dir}" includes="*.jar"/> -->
+ <fileset dir="${module.base.dir}/web" includes="**" excludes="**/web.xml, **/build.xml"/>
</war>
</target>
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/BootstrapDataPopulator.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/BootstrapDataPopulator.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/BootstrapDataPopulator.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/BootstrapDataPopulator.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,63 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.dao;
+
+import org.hibernate.SessionFactory;
+import org.jsecurity.crypto.hash.Sha256Hash;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.stereotype.Component;
+
+import javax.sql.DataSource;
+
+/**
+ * Loads sample data for the sample app since it's an in-memory database.
+ */
+@Component
+public class BootstrapDataPopulator implements InitializingBean {
+
+ private DataSource dataSource;
+ private SessionFactory sessionFactory;
+
+ @Autowired
+ public void setDataSource(DataSource dataSource) {
+ this.dataSource = dataSource;
+ }
+
+ // Session factory is only injected to ensure it is initialized before this runs
+ @Autowired
+ public void setSessionFactory(SessionFactory sessionFactory) {
+ this.sessionFactory = sessionFactory;
+ }
+
+ public void afterPropertiesSet() throws Exception {
+ //because we're using an in-memory hsqldb for the sample app, a new one will be created each time the
+ //app starts, so insert the sample admin user at startup:
+ JdbcTemplate jdbcTemplate = new JdbcTemplate(this.dataSource);
+
+ jdbcTemplate.execute( "insert into roles values (1, 'user', 'The default role given to all users.')" );
+ jdbcTemplate.execute( "insert into roles values (2, 'admin', 'The administrator role only given to site admins')" );
+ jdbcTemplate.execute( "insert into roles_permissions values (2, 'user:*')" );
+ jdbcTemplate.execute( "insert into users(id,username,email,password) values (1, 'admin', 'sample@jsecurity.org', '" + new Sha256Hash("admin").toHex() + "')" );
+ jdbcTemplate.execute( "insert into users_roles values (1, 2)" );
+
+
+ }
+}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateDao.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateDao.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateDao.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateDao.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.dao;
+
+import org.hibernate.Session;
+import org.hibernate.SessionFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.orm.hibernate3.SessionFactoryUtils;
+
+/**
+ * Convenience superclass for DAOs that contains annotations for injecting the session factory
+ * and accessing the session.
+ */
+public abstract class HibernateDao {
+
+ private SessionFactory sessionFactory;
+
+ @Autowired
+ public void setSessionFactory(SessionFactory sessionFactory) {
+ this.sessionFactory = sessionFactory;
+ }
+
+ public Session getSession() {
+ return SessionFactoryUtils.getSession(this.sessionFactory, true);
+ }
+
+}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateUserDAO.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateUserDAO.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateUserDAO.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/HibernateUserDAO.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.dao;
+
+import org.jsecurity.samples.sprhib.model.User;
+import org.springframework.stereotype.Repository;
+import org.springframework.util.Assert;
+
+import java.util.List;
+
+@Repository("userDAO")
+@SuppressWarnings("unchecked")
+public class HibernateUserDAO extends HibernateDao implements UserDAO {
+
+ public User getUser(Long userId) {
+ return (User) getSession().get(User.class, userId);
+ }
+
+ public User findUser(String username) {
+ Assert.hasText(username);
+ String query = "from User u where u.username = :username";
+ return (User) getSession().createQuery(query).setString("username", username).uniqueResult();
+ }
+
+ public void createUser(User user) {
+ getSession().save( user );
+ }
+
+ public List<User> getAllUsers() {
+ return getSession().createQuery("from User order by username").list();
+ }
+
+ public void deleteUser(Long userId) {
+ User user = getUser(userId);
+ if( user != null ) {
+ getSession().delete(user);
+ }
+ }
+
+ public void updateUser(User user) {
+ getSession().update(user);
+ }
+
+}
+
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/UserDAO.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/UserDAO.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/UserDAO.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/dao/UserDAO.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.dao;
+
+import org.jsecurity.samples.sprhib.model.User;
+
+import java.util.List;
+
+/**
+ * Data Access Object for User related operations.
+ */
+public interface UserDAO {
+
+ User getUser(Long userId);
+
+ User findUser(String username);
+
+ void createUser(User user);
+
+ List<User> getAllUsers();
+
+ void deleteUser(Long userId);
+
+ void updateUser(User user);
+}
Copied: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Role.java (from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/Role.java)
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Role.java?p2=incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Role.java&p1=incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/Role.java&r1=749109&r2=749156&rev=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/Role.java (original)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/Role.java Mon Mar 2 03:08:14 2009
@@ -16,51 +16,53 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.jsecurity.samples.sprhib.security;
+package org.jsecurity.samples.sprhib.model;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.jsecurity.authz.Permission;
-import org.jsecurity.samples.sprhib.entity.Entity;
-import org.jsecurity.samples.sprhib.party.User;
+import org.hibernate.annotations.Cache;
+import org.hibernate.annotations.CacheConcurrencyStrategy;
+import org.hibernate.annotations.CollectionOfElements;
+import org.hibernate.annotations.Index;
-import java.util.HashSet;
+import javax.persistence.*;
import java.util.Set;
/**
- * Created on: Sep 16, 2005 4:00:20 PM
- *
- * @author Les Hazlewood
+ * Model object that represents a security role.
*/
-public class Role extends Entity {
+@Entity
+@Table(name="roles")
+@Cache(usage= CacheConcurrencyStrategy.READ_WRITE)
+public class Role {
- private static final Log log = LogFactory.getLog(Role.class);
-
- public static final String ROOT_ROLE_NAME = "root";
- public static final String PRIVATE_ROLE_NAME = "private";
+ private Long id;
private String name;
private String description;
- private User owner;
-
- private boolean isPrivate = false;
-
- private Set<Permission> permissions;
+ private Set<String> permissions;
- public Role() {
+ protected Role() {
}
public Role(String name) {
this.name = name;
}
- public Role(String name, User owner) {
- this.name = name;
- this.owner = owner;
+
+ @Id
+ @GeneratedValue
+ public Long getId() {
+ return id;
}
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ @Basic(optional=false)
+ @Column(length=100)
+ @Index(name="idx_roles_name")
public String getName() {
return name;
}
@@ -69,6 +71,8 @@
this.name = name;
}
+ @Basic(optional=false)
+ @Column(length=255)
public String getDescription() {
return description;
}
@@ -77,135 +81,17 @@
this.description = description;
}
- public boolean isPrivate() {
- return isPrivate;
- }
-
- public void setPrivate(boolean isPrivate) {
- this.isPrivate = isPrivate;
- }
-
- public User getOwner() {
- return owner;
- }
-
- public void setOwner(User owner) {
- this.owner = owner;
- }
-
- public Set<Permission> getPermissions() {
+ @CollectionOfElements
+ @JoinTable(name="roles_permissions")
+ @Cache(usage=CacheConcurrencyStrategy.READ_WRITE)
+ public Set<String> getPermissions() {
return permissions;
}
- public void setPermissions(Set<Permission> permissions) {
+ public void setPermissions(Set<String> permissions) {
this.permissions = permissions;
}
- /**
- * Adds a Permission to this party's collection of
- * {@link #getPermissions() permissions}.
- *
- * <p>If the existing permissions collection is <tt>null</tt>,
- * a new collection will be created and assigned to this role and then the permission will
- * be added.
- *
- * <p>If the specified permission already exists in this role's collection, it will not
- * be added again.
- *
- * @param p the Permission to add/associate with this Role
- */
- public void add(Permission p) {
- Set<Permission> perms = getPermissions();
- if (perms == null) {
- perms = new HashSet<Permission>();
- setPermissions(perms);
- }
- perms.add(p);
- }
-
- public boolean remove(Permission p) {
- Set<Permission> perms = getPermissions();
- return perms != null && perms.remove(p);
- }
-
- public boolean isPermitted(Permission p) {
- Set<Permission> perms = getPermissions();
- if (perms != null && !perms.isEmpty()) {
- for (Permission perm : perms) {
- if (perm.implies(p)) {
- if (log.isTraceEnabled()) {
- String msg = "saved permission implies permission argument. Role [" +
- getName() + "] has permission";
- log.trace(msg);
- }
- return true;
- }
- }
- }
-
- if (log.isTraceEnabled()) {
- log.trace("No saved permissions implies the permission argument. Role [" +
- getName() + "] doesn't have the specified permission");
- }
-
- return false;
- }
-
- public boolean onEquals(Entity e) {
- if (e instanceof Role) {
- Role r = (Role) e;
- return getName().equals(r.getName()) &&
- (owner != null ? owner.equals(r.getOwner()) : r.getOwner() == null);
- }
-
- return false;
- }
-
- public int hashCode() {
- int result = name.hashCode();
- result = 29 * result + (owner != null ? owner.hashCode() : 0);
- return result;
- }
-
- public StringBuffer toStringBuffer() {
- StringBuffer sb = super.toStringBuffer();
- sb.append(",name=").append(getName());
- sb.append(",description=[").append(getDescription()).append("]");
- sb.append(",permissions={").append("<lazy property omitted>").append("}");
- return sb;
- }
-
- /**
- * Returns a shallow copy (i.e. the owner and Permission instances in the permissions
- * collection copied into a new list instead of being cloned themselves). This should be fine since permission
- * objects are immutable.
- */
- @Override
- @SuppressWarnings({"CloneDoesntDeclareCloneNotSupportedException"})
- public Object clone() {
- Role clone = (Role) super.clone();
- clone.setName(getName());
- clone.setDescription(getDescription());
- clone.setOwner(getOwner());
- Set<Permission> perms = getPermissions();
- if (perms != null && !perms.isEmpty()) {
- Set<Permission> permClones = new HashSet<Permission>(perms.size());
- for (Permission p : perms) {
- permClones.add(p);
- }
- clone.setPermissions(permClones);
- }
-
- return clone;
- }
-
- public void clearPermissions() {
- Set<Permission> perms = getPermissions();
- if (perms != null && !perms.isEmpty()) {
- permissions.clear();
- }
- }
-
}
Modified: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/User.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/User.java?rev=749156&r1=749109&r2=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/User.java (original)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/model/User.java Mon Mar 2 03:08:14 2009
@@ -16,68 +16,54 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.jsecurity.samples.sprhib.party;
+package org.jsecurity.samples.sprhib.model;
-import org.jsecurity.authc.Account;
-import org.jsecurity.authz.Permission;
-import org.jsecurity.samples.sprhib.security.Role;
-import org.jsecurity.subject.PrincipalCollection;
-import org.jsecurity.subject.SimplePrincipalCollection;
-
-import java.text.DateFormat;
-import java.util.*;
-import java.util.regex.Pattern;
+import org.hibernate.annotations.Cache;
+import org.hibernate.annotations.CacheConcurrencyStrategy;
+import org.hibernate.annotations.Index;
+
+import javax.persistence.*;
+import java.util.HashSet;
+import java.util.Set;
/**
- * Simple class that represents any User domain entity in any application. It extends the {@link Person Person} class
- * to show a non-trivial class hierarchy, since such hierarchies exist in most Hibernate applications in one form
- * or another. Naturally you could ignore the parent class in your application, but it does represent a clean
- * OO way of modeling things.
- *
- * <p>This class implements the {@link org.jsecurity.authc.Account} interface for dead-simple integration
- * with JSecurity - this allows you to use your User objects directly inside of
- * {@link org.jsecurity.realm.Realm Realm} implementations, significantly reducing the implementation effort.</p>
+ * Simple class that represents any User domain entity in any application.
*
* <p>Because this class performs its own Realm and Permission checks, and these can happen frequently enough in a
- * production application, it is highly recommended that the internal User {@link #getUserRoles} collection be cached
+ * production application, it is highly recommended that the internal User {@link #getRoles} collection be cached
* in a 2nd-level cache when using JPA and/or Hibernate. The hibernate xml configuration for this sample application
* does in fact do this for your reference (see User.hbm.xml - the 'roles' declaration).</p>
- *
- * <p>If you ever decide not to use JSecurity, the only domain change would be to simply remove the
- * <code>Account</code> interface declaration</p>
- *
- * @author Les Hazlewood
*/
-public class User extends Person implements Account {
-
- /**
- * Requires 6 or more alphanumeric and/or punctuation characters.
- */
- public static final Pattern VALID_PASSWORD_PATTERN = Pattern.compile("[\\p{Alnum}\\p{Punct}]{6,255}");
-
- public static final Pattern VALID_USERNAME_PATTERN = Pattern.compile("[\\p{Alnum}_-]{1,255}");
-
- public static final String ROOT_USER_USERNAME = "root";
+@Entity
+@Table(name="users")
+@Cache(usage= CacheConcurrencyStrategy.READ_WRITE)
+public class User {
+ private Long id;
private String username;
+ private String email;
private String password;
- private String passwordResetKey; //UUID generated when they ask to reset the password
- private Date passwordResetKeyTimestamp; //when they asked to reset the password
- private Date lastLoginTimestamp; //can be null if never logged in
- private Date lockTimestamp; //date the account was locked, null means unlocked (default behavior)
- private boolean sessionTimeoutEnabled = true; //per-user session configuration
+ private Set<Role> roles = new HashSet<Role>();
- private Set<Role> roles;
- public User() {
+ @Id
+ @GeneratedValue
+ public Long getId() {
+ return id;
}
+ public void setId(Long id) {
+ this.id = id;
+ }
/**
* Returns the username associated with this user account;
*
* @return the username associated with this user account;
*/
+ @Basic(optional=false)
+ @Column(length=100)
+ @Index(name="idx_users_username")
public String getUsername() {
return username;
}
@@ -86,11 +72,23 @@
this.username = username;
}
+ @Basic(optional=false)
+ @Index(name="idx_users_email")
+ public String getEmail() {
+ return email;
+ }
+
+ public void setEmail(String email) {
+ this.email = email;
+ }
+
/**
* Returns the password for this user.
*
* @return this user's password
*/
+ @Basic(optional=false)
+ @Column(length=255)
public String getPassword() {
return password;
}
@@ -99,302 +97,18 @@
this.password = password;
}
- /**
- * If the user forgets their password, this key is set first. If they then request to reset their password, they
- * must submit this key for the reset request to be valid. Otherwise, the password reset is timed out after a
- * certain amount of time after {@link #getPasswordResetKeyTimestamp() passwordResetKeyTimestamp}
- *
- * @return
- */
- public String getPasswordResetKey() {
- return passwordResetKey;
- }
-
- public void setPasswordResetKey(String passwordResetKey) {
- this.passwordResetKey = passwordResetKey;
- }
-
- public Date getPasswordResetKeyTimestamp() {
- return passwordResetKeyTimestamp;
- }
-
- public void setPasswordResetKeyTimestamp(Date passwordResetKeyTimestamp) {
- this.passwordResetKeyTimestamp = passwordResetKeyTimestamp;
- }
-
- /**
- * Returns the timestamp this User last logged in successfully to the application, or
- * <tt>null</tt> if the user has never logged in.
- *
- * @return the timestamp this User last logged in successfully to the application, or
- * <tt>null</tt> if the user has never logged in.
- */
- public Date getLastLoginTimestamp() {
- return lastLoginTimestamp;
- }
-
- /**
- * Sets the timestamp this User last logged in successfully to the application.
- *
- * @param lastLoginTimestamp the timestamp this User last logged in successfully to the
- * application.
- */
- public void setLastLoginTimestamp(Date lastLoginTimestamp) {
- this.lastLoginTimestamp = lastLoginTimestamp;
- }
-
- /**
- * Returns the time when this account was locked, either due to too many login attempts, an
- * explicit lock-out by an administrator, or because of some other security reason. <p>This
- * method returns <tt>null</tt> if the account is not locked and is considered to be in good
- * standing</p>
- *
- * @return the time when this account was locked, or <tt>null</tt> if this account is not locked
- * and is considered to be in good standing.
- */
- public Date getLockTimestamp() {
- return lockTimestamp;
- }
-
- public void setLockTimestamp(Date lockTimestamp) {
- this.lockTimestamp = lockTimestamp;
- }
-
- /**
- * Returns whether or not this particular user account can expire due to inactivity. <p>Defaults
- * to <tt>true</tt> as almost all user accounts should expire due to inactivity.
- *
- * @return <tt>true</tt> if this user's sessions can timeout due to inactivity, <tt>false</tt>
- * otherwise.
- */
- public boolean isSessionTimeoutEnabled() {
- return sessionTimeoutEnabled;
- }
-
- public void setSessionTimeoutEnabled(boolean sessionTimeoutEnabled) {
- this.sessionTimeoutEnabled = sessionTimeoutEnabled;
- }
-
- /**
- * Returns whether or not this user account is locked, thereby preventing further log-ins.
- *
- * @return <tt>true</tt> if this user account is locked and will not be allowed to log-in,
- * <tt>false</tt>
- */
- public boolean isLocked() {
- return getLockTimestamp() != null;
- }
- /**
- * Convenience method for updating the state to locked.
- *
- * @param locked whether or not this user account will be locked.
- * @see #getLockTimestamp()
- */
- public void setLocked(boolean locked) {
- if (locked) {
- if (getLockTimestamp() == null) {
- setLockTimestamp(new Date());
- }
- } else {
- setLockTimestamp(null);
- }
- }
-
- public Set<Role> getUserRoles() {
+ @ManyToMany
+ @JoinTable(name="users_roles")
+ @Cache(usage=CacheConcurrencyStrategy.READ_WRITE)
+ public Set<Role> getRoles() {
return roles;
}
- public void setUserRoles(Set<Role> roles) {
+ public void setRoles(Set<Role> roles) {
this.roles = roles;
}
- public Role getRole(String name) {
- Collection<Role> roles = getUserRoles();
- if (roles != null && !roles.isEmpty()) {
- for (Role role : roles) {
- if (role.getName().equals(name)) {
- return role;
- }
- }
- }
- return null;
- }
-
- /**
- * Adds a Role to this user's collection of {@link #getRoles() roles}.
- *
- * <p>If the existing roles collection is <tt>null</tt>, a new collection will be created and
- * assigned to this User and then the Role will be added.
- *
- * @param r the Role to add/associate with this User
- */
- public void add(Role r) {
- Set<Role> roles = getUserRoles();
- if (roles == null) {
- roles = new LinkedHashSet<Role>();
- setUserRoles(roles);
- }
- roles.add(r);
- }
-
- public boolean removeRole(Role r) {
- Set<Role> roles = getUserRoles();
- return roles != null && roles.remove(r);
- }
-
- protected String getPrivateRoleName(PrincipalCollection principals) {
- return getClass().getName() + "_PRIVATE_ROLE_" + PrincipalCollection.class.getName();
- }
-
- protected Role createPrivateRole(PrincipalCollection principals) {
- String privateRoleName = getPrivateRoleName(principals);
- return new Role(privateRoleName, this);
- }
-
- public Set<Permission> getPermissions() {
- Set<Permission> permissions = new HashSet<Permission>();
- for (Role role : roles) {
- permissions.addAll(role.getPermissions());
- }
- return permissions;
- }
-
- public Set<String> getRolenames() {
- Set<String> rolenames = new HashSet<String>();
- for (Role role : roles) {
- rolenames.add(role.getName());
- }
- return rolenames;
- }
-
- public void addRole(String roleName) {
- Role existing = getRole(roleName);
- if (existing == null) {
- Role role = new Role(roleName);
- add(role);
- }
- }
-
- public void addRoles(Set<String> roleNames) {
- if (roleNames != null && !roleNames.isEmpty()) {
- for (String name : roleNames) {
- addRole(name);
- }
- }
- }
-
- public void addAll(Collection<Role> roles) {
- if (roles != null && !roles.isEmpty()) {
- Set<Role> existingRoles = getUserRoles();
- if (existingRoles == null) {
- existingRoles = new LinkedHashSet<Role>(roles.size());
- setUserRoles(existingRoles);
- }
- existingRoles.addAll(roles);
- }
- }
-
-
- public static boolean isValidPassword(String password) {
- return password != null && VALID_PASSWORD_PATTERN.matcher(password).matches();
- }
-
- public static boolean isValidUsername(String username) {
- return username != null && VALID_USERNAME_PATTERN.matcher(username).matches();
- }
-
-
- public StringBuffer toStringBuffer() {
- StringBuffer sb = super.toStringBuffer();
- sb.append(",username=").append(getUsername());
- sb.append(",password=<protected>");
- DateFormat df = DateFormat.getInstance();
- Date ts = getLastLoginTimestamp();
- if (ts != null) {
- sb.append(",lastLoginTimestamp=").append(df.format(ts));
- }
- ts = getLockTimestamp();
- if (ts != null) {
- sb.append(",lockTimestamp=").append(df.format(ts));
- }
- sb.append(",sessionTimeoutEnabled=").append(isSessionTimeoutEnabled());
-
- return sb;
- }
-
- public boolean onEquals(Object o) {
- if (o instanceof User) {
- User u = (User) o;
- return getUsername().equals(u.getUsername());
- }
-
- return false;
- }
-
- public int hashCode() {
- return getUsername().hashCode();
- }
-
- @Override
- @SuppressWarnings({"CloneDoesntDeclareCloneNotSupportedException"})
- public Object clone() {
- User clone = (User) super.clone();
- clone.setUsername(getUsername());
- clone.setPassword(getPassword());
- clone.setPasswordResetKey(getPasswordResetKey());
- clone.setPasswordResetKeyTimestamp(getPasswordResetKeyTimestamp());
- clone.setLastLoginTimestamp(getLastLoginTimestamp());
- clone.setLockTimestamp(getLockTimestamp());
- clone.setSessionTimeoutEnabled(isSessionTimeoutEnabled());
- return clone;
- }
-
- public static void main(String[] args) {
- String username = "s-ls";
- if (!isValidUsername(username)) {
- System.out.println("Not a valid username!");
- } else {
- System.out.println("Valid username.");
- }
- }
-
- /* ===========
- JSecurity Account implementations below here.
- =========== */
- public PrincipalCollection getPrincipals() {
- //The realm name must match the name of the configured realm.
- return new SimplePrincipalCollection(getId(), "DefaultRealm");
- }
-
- public Object getCredentials() {
- return getPassword();
- }
-
- public boolean isCredentialsExpired() {
- //if applications wanted to expire passwords after a certain amount of time, this method would calculate
- //true or false based on the current time and a passwordLastUpdateTimestamp;
-
- //this sample app doesn't use this feature, so just return false always:
- return false;
- }
-
- public Collection<String> getRoles() {
- return getRolenames();
- }
-
- public Collection<String> getStringPermissions() {
- // This model uses object permissions, so this method isn't implemented
- return null;
- }
-
- public Collection<Permission> getObjectPermissions() {
- Set<Permission> permissions = new HashSet<Permission>();
- for (Role role : getUserRoles()) {
- permissions.addAll(role.getPermissions());
- }
- return permissions;
- }
}
Copied: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/SampleRealm.java (from r749109, incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/DefaultRealm.java)
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/SampleRealm.java?p2=incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/SampleRealm.java&p1=incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/DefaultRealm.java&r1=749109&r2=749156&rev=749156&view=diff
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/DefaultRealm.java (original)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/security/SampleRealm.java Mon Mar 2 03:08:14 2009
@@ -18,15 +18,17 @@
*/
package org.jsecurity.samples.sprhib.security;
-import org.jsecurity.authc.AuthenticationException;
-import org.jsecurity.authc.AuthenticationInfo;
-import org.jsecurity.authc.AuthenticationToken;
-import org.jsecurity.authc.UsernamePasswordToken;
+import org.jsecurity.authc.*;
+import org.jsecurity.authc.credential.Sha256CredentialsMatcher;
import org.jsecurity.authz.AuthorizationInfo;
+import org.jsecurity.authz.SimpleAuthorizationInfo;
import org.jsecurity.realm.AuthorizingRealm;
-import org.jsecurity.samples.sprhib.party.eis.UserDAO;
+import org.jsecurity.samples.sprhib.dao.UserDAO;
+import org.jsecurity.samples.sprhib.model.Role;
+import org.jsecurity.samples.sprhib.model.User;
import org.jsecurity.subject.PrincipalCollection;
-import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
/**
* The Spring/Hibernate sample application's one and only configured JSecurity Realm.
@@ -35,39 +37,47 @@
* in the implementation and named it a 'HibernateRealm' or something similar.</p>
*
* <p>But we've decided to make the calls to the database using a UserDAO, since a DAO would be used in other areas
- * of a 'real' application in addition to here. We felt it better to use that same DAO to show code re-use.
- * That is, in a real app, there is no need to duplicate Hibernate calls in the Realm implementation if you've already
- * got a User DAO (as most apps would). So, we just use that UserDAO here.</p>
- *
- * @author Les Hazlewood
+ * of a 'real' application in addition to here. We felt it better to use that same DAO to show code re-use.</p>
*/
-public class DefaultRealm extends AuthorizingRealm implements InitializingBean {
+@Component
+public class SampleRealm extends AuthorizingRealm {
protected UserDAO userDAO = null;
- public DefaultRealm() {
+ public SampleRealm() {
setName("DefaultRealm"); //This name must match the name in the User class's getPrincipals() method
+ setCredentialsMatcher(new Sha256CredentialsMatcher());
}
+ @Autowired
public void setUserDAO(UserDAO userDAO) {
this.userDAO = userDAO;
}
- public void afterPropertiesSet() throws Exception {
- if (this.userDAO == null) {
- throw new IllegalStateException("UserDAO property was not injected. Please check your Spring config.");
- }
- }
-
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
- return userDAO.findUser(token.getUsername());
+ User user = userDAO.findUser(token.getUsername());
+ if( user != null ) {
+ return new SimpleAuthenticationInfo(user.getId(), user.getPassword(), getName());
+ } else {
+ return null;
+ }
}
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
Long userId = (Long) principals.fromRealm(getName()).iterator().next();
- return userDAO.getUser(userId);
+ User user = userDAO.getUser(userId);
+ if( user != null ) {
+ SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
+ for( Role role : user.getRoles() ) {
+ info.addRole(role.getName());
+ info.addStringPermissions( role.getPermissions() );
+ }
+ return info;
+ } else {
+ return null;
+ }
}
}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/DefaultUserService.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/DefaultUserService.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/DefaultUserService.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/DefaultUserService.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,79 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.service;
+
+import org.jsecurity.SecurityUtils;
+import org.jsecurity.crypto.hash.Sha256Hash;
+import org.jsecurity.samples.sprhib.dao.UserDAO;
+import org.jsecurity.samples.sprhib.model.User;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.List;
+
+/**
+ * Default implementation of the {@link UserService} interface. This service implements
+ * operations related to User data.
+ */
+@Transactional
+@Service("userService")
+public class DefaultUserService implements UserService {
+
+ private UserDAO userDAO;
+
+ @Autowired
+ public void setUserDAO(UserDAO userDAO) {
+ this.userDAO = userDAO;
+ }
+
+ public User getCurrentUser() {
+ final Long currentUserId = (Long) SecurityUtils.getSubject().getPrincipal();
+ if( currentUserId != null ) {
+ return getUser(currentUserId);
+ } else {
+ return null;
+ }
+ }
+
+ public void createUser(String username, String email, String password) {
+ User user = new User();
+ user.setUsername(username);
+ user.setEmail(email);
+ user.setPassword( new Sha256Hash(password).toHex() );
+ userDAO.createUser( user );
+ }
+
+ public List<User> getAllUsers() {
+ return userDAO.getAllUsers();
+ }
+
+ public User getUser(Long userId) {
+ return userDAO.getUser(userId);
+ }
+
+ public void deleteUser(Long userId) {
+ userDAO.deleteUser( userId );
+ }
+
+ public void updateUser(User user) {
+ userDAO.updateUser( user );
+ }
+
+}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/UserService.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/UserService.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/UserService.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/service/UserService.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.service;
+
+import org.jsecurity.samples.sprhib.model.User;
+
+import java.util.List;
+
+/**
+ * A service interface for accessing and modifying user data in the system.
+ */
+public interface UserService {
+
+ User getCurrentUser();
+
+ void createUser(String username, String email, String password);
+
+ List<User> getAllUsers();
+
+ User getUser(Long userId);
+
+ void deleteUser(Long userId);
+
+ void updateUser(User user);
+}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/CurrentUserInterceptor.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/CurrentUserInterceptor.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/CurrentUserInterceptor.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/CurrentUserInterceptor.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.jsecurity.samples.sprhib.model.User;
+import org.jsecurity.samples.sprhib.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * A Spring MVC interceptor that adds the currentUser into the request as a request attribute
+ * before the JSP is rendered. This operation is assumed to be fast because the User should be
+ * cached in the Hibernate second-level cache.
+ */
+@Component
+public class CurrentUserInterceptor extends HandlerInterceptorAdapter {
+
+ private UserService userService;
+
+ @Autowired
+ public void setUserService(UserService userService) {
+ this.userService = userService;
+ }
+
+ @Override
+ public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
+ // Add the current user into the request
+ User currentUser = userService.getCurrentUser();
+ if( currentUser != null ) {
+ httpServletRequest.setAttribute( "currentUser", currentUser );
+ }
+ }
+}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserCommand.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserCommand.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserCommand.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserCommand.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,76 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.jsecurity.crypto.hash.Sha256Hash;
+import org.jsecurity.samples.sprhib.model.User;
+import org.springframework.util.Assert;
+import org.springframework.util.StringUtils;
+
+/**
+ * Command binding object for editing a user.
+ */
+public class EditUserCommand {
+
+ private Long userId;
+ private String username;
+ private String email;
+ private String password;
+
+ public Long getUserId() {
+ return userId;
+ }
+
+ public void setUserId(Long userId) {
+ this.userId = userId;
+ }
+
+ public String getUsername() {
+ return username;
+ }
+
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+ public String getEmail() {
+ return email;
+ }
+
+ public void setEmail(String email) {
+ this.email = email;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ public void updateUser(User user) {
+ Assert.isTrue( userId.equals( user.getId() ), "User ID of command must match the user being updated." );
+ user.setUsername( getUsername() );
+ user.setEmail( getEmail() );
+ if( StringUtils.hasText(getPassword()) ) {
+ user.setPassword( new Sha256Hash(getPassword()).toHex() );
+ }
+ }
+}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserValidator.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserValidator.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserValidator.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/EditUserValidator.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.jsecurity.util.StringUtils;
+import org.springframework.validation.Errors;
+import org.springframework.validation.ValidationUtils;
+import org.springframework.validation.Validator;
+
+import java.util.regex.Pattern;
+
+/**
+ * Validator when editing a user.
+ */
+public class EditUserValidator implements Validator {
+
+ private static final String SIMPLE_EMAIL_REGEX = "[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,4}";
+
+ public boolean supports(Class aClass) {
+ return EditUserCommand.class.isAssignableFrom(aClass);
+ }
+
+ public void validate(Object o, Errors errors) {
+ EditUserCommand command = (EditUserCommand)o;
+ ValidationUtils.rejectIfEmptyOrWhitespace(errors, "username", "error.username.empty", "Please specify a username.");
+ ValidationUtils.rejectIfEmptyOrWhitespace(errors, "email", "error.email.empty", "Please specify an email address.");
+ if( StringUtils.hasText( command.getEmail() ) && !Pattern.matches( SIMPLE_EMAIL_REGEX, command.getEmail().toUpperCase() ) ) {
+ errors.rejectValue( "email", "error.email.invalid", "Please enter a valid email address." );
+ }
+ }
+
+}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/HomeController.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/HomeController.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/HomeController.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/HomeController.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.jsecurity.samples.sprhib.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+/**
+ * Web controller used when loading the home page.
+ */
+@Controller
+public class HomeController {
+
+ private UserService userService;
+
+ @Autowired
+ public void setUserService(UserService userService) {
+ this.userService = userService;
+ }
+
+ @RequestMapping("/home")
+ public void viewHome(Model model) {
+ model.addAttribute( "users", userService.getAllUsers() );
+ }
+
+}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginCommand.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginCommand.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginCommand.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginCommand.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,55 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+/**
+ * Command binding object for logging in.
+ */
+public class LoginCommand {
+
+ private String username;
+
+ private String password;
+
+ private boolean rememberMe;
+
+ public String getUsername() {
+ return username;
+ }
+
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ public boolean isRememberMe() {
+ return rememberMe;
+ }
+
+ public void setRememberMe(boolean rememberMe) {
+ this.rememberMe = rememberMe;
+ }
+}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginValidator.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginValidator.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginValidator.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/LoginValidator.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.springframework.validation.Errors;
+import org.springframework.validation.ValidationUtils;
+import org.springframework.validation.Validator;
+
+/**
+ * Validator for login.
+ */
+public class LoginValidator implements Validator {
+ public boolean supports(Class aClass) {
+ return LoginCommand.class.isAssignableFrom(aClass);
+ }
+
+ public void validate(Object o, Errors errors) {
+ ValidationUtils.rejectIfEmptyOrWhitespace(errors, "username", "error.username.empty", "Please specify a username.");
+ ValidationUtils.rejectIfEmptyOrWhitespace(errors, "password", "error.password.empty", "Please specify a password.");
+ }
+}
Added: incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/ManageUsersController.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/ManageUsersController.java?rev=749156&view=auto
==============================================================================
--- incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/ManageUsersController.java (added)
+++ incubator/jsecurity/import/trunk/samples/spring-hibernate/src/org/jsecurity/samples/sprhib/web/ManageUsersController.java Mon Mar 2 03:08:14 2009
@@ -0,0 +1,91 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jsecurity.samples.sprhib.web;
+
+import org.jsecurity.authz.annotation.RequiresPermissions;
+import org.jsecurity.samples.sprhib.model.User;
+import org.jsecurity.samples.sprhib.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.Assert;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+
+/**
+ * Web MVC controller that handles operations related to managing users, such as editing them and deleting them.
+ */
+@Controller
+public class ManageUsersController {
+
+ private EditUserValidator editUserValidator = new EditUserValidator();
+
+ private UserService userService;
+
+ @Autowired
+ public void setUserService(UserService userService) {
+ this.userService = userService;
+ }
+
+ @RequestMapping("/manageUsers")
+ @RequiresPermissions("user:manage")
+ public void manageUsers(Model model) {
+ model.addAttribute("users", userService.getAllUsers());
+ }
+
+ @RequestMapping(value="/editUser",method= RequestMethod.GET)
+ @RequiresPermissions("user:edit")
+ public String showEditUserForm(Model model, @RequestParam Long userId, @ModelAttribute EditUserCommand command) {
+
+ User user = userService.getUser( userId );
+ command.setUserId(userId);
+ command.setUsername(user.getUsername());
+ command.setEmail(user.getEmail());
+ return "editUser";
+ }
+
+ @RequestMapping(value="/editUser",method= RequestMethod.POST)
+ @RequiresPermissions("user:edit")
+ public String editUser(Model model, @RequestParam Long userId, @ModelAttribute EditUserCommand command, BindingResult errors) {
+ editUserValidator.validate( command, errors );
+
+ if( errors.hasErrors() ) {
+ return "editUser";
+ }
+
+ User user = userService.getUser( userId );
+ command.updateUser( user );
+
+ userService.updateUser( user );
+
+ return "redirect:/s/manageUsers";
+ }
+
+ @RequestMapping("/deleteUser")
+ @RequiresPermissions("user:delete")
+ public String deleteUser(@RequestParam Long userId) {
+ Assert.isTrue( userId != 1, "Cannot delete admin user" );
+ userService.deleteUser( userId );
+ return "redirect:/s/manageUsers";
+ }
+
+}