001: /**
002: *
003: */package org.acegisecurity.config;
004:
005: import java.util.ArrayList;
006: import java.util.HashMap;
007: import java.util.List;
008: import java.util.Map;
009:
010: import org.acegisecurity.annotation.SecurityAnnotationAttributes;
011: import org.acegisecurity.intercept.method.MethodDefinitionAttributes;
012: import org.acegisecurity.intercept.method.aopalliance.MethodDefinitionSourceAdvisor;
013: import org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor;
014: import org.acegisecurity.intercept.web.FilterInvocationDefinitionDecorator;
015: import org.acegisecurity.intercept.web.FilterInvocationDefinitionSourceMapping;
016: import org.acegisecurity.intercept.web.FilterSecurityInterceptor;
017: import org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap;
018: import org.acegisecurity.runas.RunAsManagerImpl;
019: import org.acegisecurity.userdetails.memory.InMemoryDaoImpl;
020: import org.acegisecurity.util.BeanDefinitionParserUtils;
021: import org.acegisecurity.vote.AffirmativeBased;
022: import org.acegisecurity.vote.AuthenticatedVoter;
023: import org.acegisecurity.vote.RoleVoter;
024: import org.acegisecurity.vote.UnanimousBased;
025: import org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter;
026: import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
027: import org.springframework.beans.factory.config.BeanDefinition;
028: import org.springframework.beans.factory.support.ManagedList;
029: import org.springframework.beans.factory.support.RootBeanDefinition;
030: import org.springframework.beans.factory.xml.BeanDefinitionParser;
031: import org.springframework.beans.factory.xml.ParserContext;
032: import org.springframework.util.xml.DomUtils;
033: import org.w3c.dom.Element;
034:
035: /**
036: * Parses 'autoconfig' tag and creates all the required
037: * <code>BeanDefinition</code>s with their default configurations. It also
038: * resolves their dependencies and wire them together.
039: *
040: * @author Vishal Puri
041: *
042: */
043: public class AutoConfigBeanDefinitionParser implements
044: BeanDefinitionParser {
045:
046: // ~ instance fields
047: // ================================================================================================
048:
049: private RootBeanDefinition authenticationManager;
050:
051: private RootBeanDefinition rememberMeServices;
052:
053: private ManagedList decisionVoters = new ManagedList();
054:
055: // ~ Method
056: // ================================================================================================
057:
058: public BeanDefinition parse(Element element,
059: ParserContext parserContext) {
060: // authentication manager
061: this .authenticationManager = AuthenticationMechanismBeanDefinitionParser
062: .createAndRegisterBeanDefinitionWithDefaults(parserContext);
063: // remembermeServices
064: this .rememberMeServices = RememberMeServicesBeanDefinitionParser
065: .createAndRegisterBeanDefintionWithDefaults(parserContext);
066: // flters
067: createAndRegisterBeanDefinitionForHttpSessionContextIntegrationFilter(parserContext);
068: createAndRegisterBeanDefinitionForLogoutFilter(parserContext,
069: rememberMeServices);
070: createAndRegisterBeanDefinitionForAuthenticationProcessingFilter(
071: parserContext, authenticationManager,
072: rememberMeServices);
073: createAndRegisterBeanDefinitionForRememberMeProcessingFilter(
074: parserContext, authenticationManager);
075: createAndRegisterBeanDefinitionForExceptionTranslationFilter(parserContext);
076: createAndRegisterBeanDefintionForSecurityContextHolderAwareRequestFilter(parserContext);
077:
078: // method interceptor
079: createAndRegisterBeanDefinitinoForMethodDefinitionSourceAdvisor(
080: parserContext, authenticationManager);
081: createAndRegisterDefaultAdvisorAutoProxyCreator(parserContext);
082:
083: // filter security interceptor
084: createAndRegisterBeanDefinitionForFilterSecurityInterceptor(
085: parserContext, authenticationManager);
086:
087: // create userDetailsService
088: return null;
089: }
090:
091: private void createAndRegisterBeanDefintionForSecurityContextHolderAwareRequestFilter(
092: ParserContext parserContext) {
093: RootBeanDefinition beanDefinition = new RootBeanDefinition(
094: SecurityContextHolderAwareRequestFilter.class);
095: BeanDefinitionParserUtils.registerBeanDefinition(parserContext,
096: beanDefinition);
097: }
098:
099: /**
100: * Creates <code>FilterSecurityInterceptor</code> bean definition and
101: * register it with the <code>ParserContext</code>
102: *
103: * @param parserContext To register the bean definition with
104: * @param authenticationManager The <code>AuthenticationManager</code> to
105: * set as a property in the bean definition
106: */
107: private void createAndRegisterBeanDefinitionForFilterSecurityInterceptor(
108: ParserContext parserContext,
109: RootBeanDefinition authenticationManager) {
110: RootBeanDefinition filterInvocationInterceptor = new RootBeanDefinition(
111: FilterSecurityInterceptor.class);
112: filterInvocationInterceptor.getPropertyValues()
113: .addPropertyValue("authenticationManager",
114: authenticationManager);
115: RootBeanDefinition accessDecisionManager = createAccessDecisionManagerAffirmativeBased();
116: filterInvocationInterceptor.getPropertyValues()
117: .addPropertyValue("accessDecisionManager",
118: accessDecisionManager);
119:
120: FilterInvocationDefinitionDecorator source = new FilterInvocationDefinitionDecorator();
121: source
122: .setDecorated(new PathBasedFilterInvocationDefinitionMap());
123:
124: FilterInvocationDefinitionSourceMapping mapping = new FilterInvocationDefinitionSourceMapping();
125:
126: String url1 = "/acegilogin.jsp";
127: String value1 = "IS_AUTHENTICATED_ANONYMOUSLY";
128:
129: String url2 = "/**";
130: String value2 = "IS_AUTHENTICATED_REMEMBERED";
131:
132: mapping.setUrl(url1);
133: mapping.addConfigAttribute(value1);
134:
135: mapping.setUrl(url2);
136: mapping.addConfigAttribute(value2);
137:
138: List mappings = new ArrayList();
139: mappings.add(mapping);
140: source.setMappings(mappings);
141: filterInvocationInterceptor.getPropertyValues()
142: .addPropertyValue("objectDefinitionSource",
143: source.getDecorated());
144: BeanDefinitionParserUtils.registerBeanDefinition(parserContext,
145: filterInvocationInterceptor);
146: }
147:
148: private RootBeanDefinition createAccessDecisionManagerAffirmativeBased() {
149: RootBeanDefinition accessDecisionManager = new RootBeanDefinition(
150: AffirmativeBased.class);
151: accessDecisionManager.getPropertyValues().addPropertyValue(
152: "allowIfAllAbstainDecisions", Boolean.FALSE);
153: RootBeanDefinition authenticatedVoter = new RootBeanDefinition(
154: AuthenticatedVoter.class);
155: this .decisionVoters.add(authenticatedVoter);
156: accessDecisionManager.getPropertyValues().addPropertyValue(
157: "decisionVoters", decisionVoters);
158: return accessDecisionManager;
159: }
160:
161: private void createAndRegisterDefaultAdvisorAutoProxyCreator(
162: ParserContext parserContext) {
163: BeanDefinitionParserUtils.registerBeanDefinition(parserContext,
164: new RootBeanDefinition(
165: DefaultAdvisorAutoProxyCreator.class));
166: }
167:
168: private void createAndRegisterBeanDefinitinoForMethodDefinitionSourceAdvisor(
169: ParserContext parserContext,
170: RootBeanDefinition authenticationManager) {
171: RootBeanDefinition methodSecurityAdvisor = new RootBeanDefinition(
172: MethodDefinitionSourceAdvisor.class);
173:
174: RootBeanDefinition securityInterceptor = createMethodSecurityInterceptor(authenticationManager);
175: methodSecurityAdvisor.getConstructorArgumentValues()
176: .addIndexedArgumentValue(0, securityInterceptor);
177: BeanDefinitionParserUtils.registerBeanDefinition(parserContext,
178: methodSecurityAdvisor);
179:
180: }
181:
182: private RootBeanDefinition createAccessDecisionManagerUnanimousBased() {
183: RootBeanDefinition accessDecisionManager = new RootBeanDefinition(
184: UnanimousBased.class);
185: accessDecisionManager.getPropertyValues().addPropertyValue(
186: "allowIfAllAbstainDecisions", Boolean.FALSE);
187: decisionVoters.add(new RootBeanDefinition(RoleVoter.class));
188: accessDecisionManager.getPropertyValues().addPropertyValue(
189: "decisionVoters", decisionVoters);
190: return accessDecisionManager;
191: }
192:
193: private RootBeanDefinition createMethodSecurityInterceptor(
194: RootBeanDefinition authenticationManager) {
195: RootBeanDefinition securityInterceptor = new RootBeanDefinition(
196: MethodSecurityInterceptor.class);
197: securityInterceptor.getPropertyValues().addPropertyValue(
198: "authenticationManager", authenticationManager);
199: RootBeanDefinition accessDecisionManager = createAccessDecisionManagerUnanimousBased();
200: securityInterceptor.getPropertyValues().addPropertyValue(
201: "accessDecisionManager", accessDecisionManager);
202: securityInterceptor.getPropertyValues().addPropertyValue(
203: "validateConfigAttributes", Boolean.FALSE);
204: RootBeanDefinition runAsManager = createRunAsManager();
205: securityInterceptor.getPropertyValues().addPropertyValue(
206: "runAsManager", runAsManager);
207: RootBeanDefinition objectDefinitionSource = createMethodDefinitionAttributes();
208: securityInterceptor.getPropertyValues().addPropertyValue(
209: "objectDefinitionSource", objectDefinitionSource);
210: return securityInterceptor;
211: }
212:
213: private RootBeanDefinition createMethodDefinitionAttributes() {
214: RootBeanDefinition objectDefinitionSource = new RootBeanDefinition(
215: MethodDefinitionAttributes.class);
216: RootBeanDefinition attributes = createSecurityAnnotationAttributes();
217: objectDefinitionSource.getPropertyValues().addPropertyValue(
218: "attributes", attributes);
219: return objectDefinitionSource;
220: }
221:
222: private RootBeanDefinition createSecurityAnnotationAttributes() {
223: return new RootBeanDefinition(
224: SecurityAnnotationAttributes.class);
225: }
226:
227: private RootBeanDefinition createRunAsManager() {
228: RootBeanDefinition runAsManager = new RootBeanDefinition(
229: RunAsManagerImpl.class);
230: runAsManager.getPropertyValues().addPropertyValue("key",
231: "my_run_as_password");
232: return runAsManager;
233: }
234:
235: private void createAndRegisterBeanDefinitionForExceptionTranslationFilter(
236: ParserContext parserContext) {
237: BeanDefinitionParserUtils.registerBeanDefinition(parserContext,
238: ExceptionTranslationFilterBeanDefinitionParser
239: .createBeanDefinitionWithDefaults());
240: }
241:
242: private void createAndRegisterBeanDefinitionForRememberMeProcessingFilter(
243: ParserContext parserContext,
244: RootBeanDefinition authenticationManager) {
245: BeanDefinitionParserUtils.registerBeanDefinition(parserContext,
246: RememberMeFilterBeanDefinitionParser
247: .createBeanDefinitionWithDefaults(
248: parserContext, authenticationManager));
249: }
250:
251: private void createAndRegisterBeanDefinitionForAuthenticationProcessingFilter(
252: ParserContext parserContext,
253: RootBeanDefinition authenticationManager,
254: RootBeanDefinition rememberMeServices) {
255: RootBeanDefinition defintion = AuthenticationProcessingFilterBeanDefinitionParser
256: .createBeandefinitionWithDefaults(parserContext,
257: authenticationManager, rememberMeServices);
258: BeanDefinitionParserUtils.registerBeanDefinition(parserContext,
259: defintion);
260: }
261:
262: private void createAndRegisterBeanDefinitionForLogoutFilter(
263: ParserContext parserContext,
264: RootBeanDefinition rememberMeServices) {
265: RootBeanDefinition defintion = LogoutFilterBeanDefinitionParser
266: .createBeanDefinitionWithDefaults(rememberMeServices);
267: BeanDefinitionParserUtils.registerBeanDefinition(parserContext,
268: defintion);
269: }
270:
271: private void createAndRegisterBeanDefinitionForHttpSessionContextIntegrationFilter(
272: ParserContext parserContext) {
273: RootBeanDefinition defintion = ContextIntegrationBeanDefinitionParser
274: .createBeanDefinitionWithDefaults();
275: BeanDefinitionParserUtils.registerBeanDefinition(parserContext,
276: defintion);
277: // retrieveBeanDefinition(parserContext, o)
278: }
279:
280: /**
281: * Returns a <code>BeanDefinition</code> of the specified type.
282: *
283: * @param parserContext
284: * @param type
285: * @return
286: */
287: private RootBeanDefinition retrieveBeanDefinition(
288: ParserContext parserContext, Class type) {
289: String[] names = parserContext.getRegistry()
290: .getBeanDefinitionNames();
291: for (String name : names) {
292: BeanDefinition beanDefinition = parserContext.getRegistry()
293: .getBeanDefinition(name);
294: if (type.isInstance(beanDefinition)) {
295: return (RootBeanDefinition) beanDefinition;
296: }
297: }
298: return null;
299: }
300:
301: }
|