You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@rave.apache.org by ra...@apache.org on 2012/01/19 23:27:45 UTC

svn commit: r1233607 - in /incubator/rave/sandbox/rave-extensions/rave-vanilla-extension: pom.xml src/main/webapp/WEB-INF/applicationContext-security.xml

Author: raminder
Date: Thu Jan 19 22:27:45 2012
New Revision: 1233607

URL: http://svn.apache.org/viewvc?rev=1233607&view=rev
Log:
updated rave version and application context file to use Spring 3.1 and other security changes. RAVE-436

Modified:
    incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/pom.xml
    incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/src/main/webapp/WEB-INF/applicationContext-security.xml

Modified: incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/pom.xml
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/pom.xml?rev=1233607&r1=1233606&r2=1233607&view=diff
==============================================================================
--- incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/pom.xml (original)
+++ incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/pom.xml Thu Jan 19 22:27:45 2012
@@ -29,9 +29,9 @@
   <name>Apache Rave :: rave-vanilla-extension</name>
   <description>Apache Rave Project Sandbox</description>
   <packaging>war</packaging>
-  <version>0.6-SNAPSHOT</version>
+  <version>0.8-SNAPSHOT</version>
   <properties>
-    <apache.rave.version>0.6-incubating-SNAPSHOT</apache.rave.version>
+    <apache.rave.version>0.8-incubating-SNAPSHOT</apache.rave.version>
     <com.h2database.version>1.3.154</com.h2database.version>
     <javax.servlet.version>2.5</javax.servlet.version>
     <jsp-api.version>2.1</jsp-api.version>

Modified: incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/src/main/webapp/WEB-INF/applicationContext-security.xml
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/src/main/webapp/WEB-INF/applicationContext-security.xml?rev=1233607&r1=1233606&r2=1233607&view=diff
==============================================================================
--- incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/src/main/webapp/WEB-INF/applicationContext-security.xml (original)
+++ incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/src/main/webapp/WEB-INF/applicationContext-security.xml Thu Jan 19 22:27:45 2012
@@ -25,12 +25,12 @@
        xmlns:security="http://www.springframework.org/schema/security"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-          http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
+          http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
 
-  <security:http auto-config="true" use-expressions="true" disable-url-rewriting="true">
+   <security:http pattern="/login.jsp*" security="none"/>
+   <security:http auto-config="true" use-expressions="true" disable-url-rewriting="true">
     <security:intercept-url pattern="/newaccount.jsp*" access="permitAll"/>
     <security:intercept-url pattern="/app/newaccount*" access="permitAll"/>
-    <security:intercept-url pattern="/login.jsp*" filters="none"/>
     <security:intercept-url pattern="/css/**" access="permitAll"/>
     <security:intercept-url pattern="/images/**" access="permitAll"/>
     <security:intercept-url pattern="/script/**" access="permitAll"/>
@@ -58,10 +58,19 @@
     <!-- Set the user service ref here to the implementation you want to use.  The name is
        defined in the @Service annotation of the corresponding service source code.
     -->
-    <security:authentication-provider user-service-ref="customUserService">
-      <security:password-encoder ref="passwordEncoder">
-        <security:salt-source ref="saltSource"/>
-      </security:password-encoder>
-    </security:authentication-provider>
-  </security:authentication-manager>
+        <security:authentication-provider
+                user-service-ref="customUserService">
+            <security:password-encoder ref="passwordEncoder" />
+        </security:authentication-provider>
+    </security:authentication-manager>
+
+    <!-- enable the spring security annotations -->
+    <security:global-method-security secured-annotations="enabled" pre-post-annotations="enabled">
+        <security:expression-handler ref="expressionHandler"/>
+    </security:global-method-security>
+     <!-- override the default permissionEvaluator bean used by Spring Security with our custom RavePermissionEvaluator -->
+    <bean id="expressionHandler" class="org.apache.rave.portal.security.impl.RaveMethodSecurityExpressionHandler">
+        <property name="permissionEvaluator" ref="ravePermissionEvaluator" />
+    </bean>
+
 </beans>