From: Sanjay Dalal <sanjay.dalal@berkeley.edu>
Date: Wed, 28 Apr 2010 17:46:14 +0000 (+0000)
Subject: CSPACE-1489 inserted basic auth entry point into exceptiontranslation filter to promp... 
X-Git-Url: https://git.aero2k.de/?a=commitdiff_plain;h=0222c981c41fe7a1faabbdf27eb93a1d808c1755;p=tmp%2Fjakarta-migration.git

CSPACE-1489 inserted basic auth entry point into exceptiontranslation filter to prompt the user to login. earlier it used to send 403 back to the user
test: accessed accounts after loging in through browser, ran all service tests

M    services/JaxRsServiceProvider/src/main/webapp/WEB-INF/applicationContext-security.xml
---

diff --git a/services/JaxRsServiceProvider/src/main/webapp/WEB-INF/applicationContext-security.xml b/services/JaxRsServiceProvider/src/main/webapp/WEB-INF/applicationContext-security.xml
index 4fa95d249..da685eea2 100644
--- a/services/JaxRsServiceProvider/src/main/webapp/WEB-INF/applicationContext-security.xml
+++ b/services/JaxRsServiceProvider/src/main/webapp/WEB-INF/applicationContext-security.xml
@@ -5,6 +5,8 @@
     Copyright 2010 University of California at Berkeley
     Description:
         spring security namespace for CS service layer
+        ref: http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/
+
 -->
 <beans xmlns="http://www.springframework.org/schema/beans"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@@ -14,27 +16,30 @@
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
 
-    <!--sec:http use-expressions="true" realm="org.collectionspace.services">
-        <sec:http-basic />
-        <sec:logout />
-        <sec:anonymous enabled="false"/>
-    </sec:http-->
-
-    <sec:global-method-security >
-        <sec:expression-handler ref="expressionHandler"/>
-    </sec:global-method-security>
-
+    <!--
+        debugging tips : enable following categories in
+        $JBOSS_HOME/server/cspace/conf/jboss-log4j.xml to priority DEBUG
+        org.apache.catalina.core
+        org.springframework.security
+    -->
 
     <bean id="springSecurityFilterChain"
           class="org.springframework.security.web.FilterChainProxy">
         <sec:filter-chain-map path-type="ant">
             <sec:filter-chain pattern="/**"
-                              filters="securityPersistenceFilter,basicAuthenticationFilter,logoutFilter,exTranslationFilter,filterInvocationInterceptor"/>
+                              filters="securityContextPersistenceFilter,basicAuthenticationFilter,logoutFilter,exTranslationFilter,filterInvocationInterceptor"/>
         </sec:filter-chain-map>
     </bean>
 
-    <bean id="securityPersistenceFilter"
-          class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
+    <bean id="securityContextPersistenceFilter"
+          class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
+        <property name='securityContextRepository'>
+            <bean class='org.springframework.security.web.context.HttpSessionSecurityContextRepository'>
+                <property name='allowSessionCreation' value='true' />
+            </bean>
+        </property>
+    </bean>
+
 
     <bean id="basicAuthenticationFilter"
           class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
@@ -59,13 +64,9 @@
 
     <bean id="exTranslationFilter"
           class="org.springframework.security.web.access.ExceptionTranslationFilter">
-        <property name="authenticationEntryPoint" ref="preAuthenticatedProcessingFilterEntryPoint"/>
+        <property name="authenticationEntryPoint" ref="basicAuthenticationEntryPoint"/>
     </bean>
 
-    <bean id="preAuthenticatedProcessingFilterEntryPoint"
-          class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"/>
-
-
     <sec:authentication-manager alias="authenticationManager">
         <sec:authentication-provider ref="jaasAuthenticationProvider" user-service-ref="userDetailsService"/>
     </sec:authentication-manager>