AcegiBase

Acegi Security base configuration
Used versions:
 * Spring Framework 1.2.8
 * Acegi Security 1.0.3

This configuration provides
 * Anonymous authentication
 * Logout
 * Form based login
 * Different authentication backends

 <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">

  <![CDATA[ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor ]]>

     

 foobar

 foobar  anonymousUser,ACEGI_ANONYMOUS



  classpath:/ehcache-failsafe.xml

<bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <property name="cacheManager"> <property name="cacheName"> userCache

<bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">

<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="authenticationManager"> <property name="authenticationFailureUrl"> /login.jsp?error=1 <property name="defaultTargetUrl"> /      <property name="filterProcessesUrl"> /j_acegi_security_check

<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"> <property name="rolePrefix"> ACEGI_

<bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="decisionVoters">

<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> <property name="authenticationEntryPoint"> <property name="accessDeniedHandler"> <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> <property name="errorPage" value="/login.jsp?error=1" />

<bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl"> /login.jsp <property name="forceHttps"> false

<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"> org.acegisecurity.context.SecurityContextImpl

<bean id="filterSecurityInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager"> <property name="accessDecisionManager"> <property name="objectDefinitionSource"> <![CDATA[ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /secret.htm=ACEGI_ADMIN /secure.htm=ACEGI_ADMIN,ACEGI_USER /**/*.htm=ACEGI_ADMIN,ACEGI_USER,ACEGI_ANONYMOUS ]]>

To use it you have to include this to your web.xml <filter-name>Acegi-Security</filter-name> <filter-class> org.acegisecurity.util.FilterToBeanProxy </filter-class> <init-param> <param-name>targetClass</param-name> <param-value> org.acegisecurity.util.FilterChainProxy </param-value> </init-param>

<filter-mapping> <filter-name>Acegi-Security</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>