You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@rave.apache.org by ra...@apache.org on 2012/01/19 23:27:45 UTC
svn commit: r1233607 - in
/incubator/rave/sandbox/rave-extensions/rave-vanilla-extension: pom.xml
src/main/webapp/WEB-INF/applicationContext-security.xml
Author: raminder
Date: Thu Jan 19 22:27:45 2012
New Revision: 1233607
URL: http://svn.apache.org/viewvc?rev=1233607&view=rev
Log:
updated rave version and application context file to use Spring 3.1 and other security changes. RAVE-436
Modified:
incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/pom.xml
incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/src/main/webapp/WEB-INF/applicationContext-security.xml
Modified: incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/pom.xml
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/pom.xml?rev=1233607&r1=1233606&r2=1233607&view=diff
==============================================================================
--- incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/pom.xml (original)
+++ incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/pom.xml Thu Jan 19 22:27:45 2012
@@ -29,9 +29,9 @@
<name>Apache Rave :: rave-vanilla-extension</name>
<description>Apache Rave Project Sandbox</description>
<packaging>war</packaging>
- <version>0.6-SNAPSHOT</version>
+ <version>0.8-SNAPSHOT</version>
<properties>
- <apache.rave.version>0.6-incubating-SNAPSHOT</apache.rave.version>
+ <apache.rave.version>0.8-incubating-SNAPSHOT</apache.rave.version>
<com.h2database.version>1.3.154</com.h2database.version>
<javax.servlet.version>2.5</javax.servlet.version>
<jsp-api.version>2.1</jsp-api.version>
Modified: incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/src/main/webapp/WEB-INF/applicationContext-security.xml
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/src/main/webapp/WEB-INF/applicationContext-security.xml?rev=1233607&r1=1233606&r2=1233607&view=diff
==============================================================================
--- incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/src/main/webapp/WEB-INF/applicationContext-security.xml (original)
+++ incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/src/main/webapp/WEB-INF/applicationContext-security.xml Thu Jan 19 22:27:45 2012
@@ -25,12 +25,12 @@
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
+ http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
- <security:http auto-config="true" use-expressions="true" disable-url-rewriting="true">
+ <security:http pattern="/login.jsp*" security="none"/>
+ <security:http auto-config="true" use-expressions="true" disable-url-rewriting="true">
<security:intercept-url pattern="/newaccount.jsp*" access="permitAll"/>
<security:intercept-url pattern="/app/newaccount*" access="permitAll"/>
- <security:intercept-url pattern="/login.jsp*" filters="none"/>
<security:intercept-url pattern="/css/**" access="permitAll"/>
<security:intercept-url pattern="/images/**" access="permitAll"/>
<security:intercept-url pattern="/script/**" access="permitAll"/>
@@ -58,10 +58,19 @@
<!-- Set the user service ref here to the implementation you want to use. The name is
defined in the @Service annotation of the corresponding service source code.
-->
- <security:authentication-provider user-service-ref="customUserService">
- <security:password-encoder ref="passwordEncoder">
- <security:salt-source ref="saltSource"/>
- </security:password-encoder>
- </security:authentication-provider>
- </security:authentication-manager>
+ <security:authentication-provider
+ user-service-ref="customUserService">
+ <security:password-encoder ref="passwordEncoder" />
+ </security:authentication-provider>
+ </security:authentication-manager>
+
+ <!-- enable the spring security annotations -->
+ <security:global-method-security secured-annotations="enabled" pre-post-annotations="enabled">
+ <security:expression-handler ref="expressionHandler"/>
+ </security:global-method-security>
+ <!-- override the default permissionEvaluator bean used by Spring Security with our custom RavePermissionEvaluator -->
+ <bean id="expressionHandler" class="org.apache.rave.portal.security.impl.RaveMethodSecurityExpressionHandler">
+ <property name="permissionEvaluator" ref="ravePermissionEvaluator" />
+ </bean>
+
</beans>