Comments (21)
Andreas Senft said:
This is an implementation of the proposed features, including some tests , build scripts and a simple demo application. The code is packed as eclipse project (3.1M7). The application is configured for JBoss (4.0.1SP1). The JBoss jars for the client are excluded.
from spring-security.
Ben Alex said:
Luke, would you please take a look at this…?
from spring-security.
Andreas Senft said:
As I recently needed this functionality again, I reworked it and adapted it to 1.0.0RC2.
Regards,
Andreas
from spring-security.
Ben Alex said:
Luke, do you think you’ll get time to look at this? If not, please assign it back to me and I’ll review and apply Andreas’ patch.
from spring-security.
Andreas Senft said:
If you need additional information about the classes, please let me know.
Also, if you want me to do some refactoring/repackaging, just send me a note.
Regards,
Andreas
from spring-security.
Luke Taylor said:
I’ll try and take a look at it this weekend.
from spring-security.
Luke Taylor said:
There’s quite a lot of code here and I don’t want to commit it to the core so soon before the 1.0 release. It might be worth having a separate module for it too, rather than adding it to the core, as I’m not sure how much demand there will be for EJB support in Acegi.
from spring-security.
Andreas Senft said:
Hello Luke,
I agree with your suggestion to put this into an external module. I, too, think that this is no core functionality, rather some kind of add-on. This is also true, because using this approach is not only about configuration but also influences the coding (of the EJB layer).
As of demand of EJB support: I guess, of those who can decide, the most will choose more lightweight approaches, so they won’t need this.
However, there are also those that have to use EJB (even when it does not make sense), because it is demanded. For those it might be a way to use Acegi without taking care of context propagation inside their code.
Regards,
Andreas
from spring-security.
Ben Alex said:
Andreas, does this code work with Acegi Security 1.0.3, and are there tests and documentation for it?
from spring-security.
Andreas Senft said:
Hi Ben,
the sources should work with version 1.0.3. I just had to do a small change to adapt to Spring 2.0.5.
I will attach an updated version.
There are two unit test classes for the argument extraction/ insertion. Further there is a demo package with a simple application to be deployed on JBoss (JBoss jars not included) which should highlight the usage.
Written documentation is not available as yet, but I could write something down if you like.
Regards,
Andreas
from spring-security.
Andreas Senft said:
Attached Acegi-ejb_103.zip.
Updated version for Spring 2.0.5 and Acegi 1.0.3
from spring-security.
Andreas Senft said:
Hello Ben,
the attached sources yet have some homegrown packaging. If you could suggest a package name/structure, I would refactor the code accordingly.
I already tried to contact you via e-mail, but perhaps the message got lost (not sure if I correctly memorized the address).
Regards,
Andreas
from spring-security.
Andreas Senft said:
Attached a new version with major reworkings (spring_security_ejb_V1.zip).
- Repackaged to org.springframework.security
- Added FactoryBeans for much easier usage
- Added further unit tests
The code has been tested with Spring 2.0.4, Acegi 1.0.4 and JBoss 4.0.5
Required jars are missing from the archive to keep it small. Though, the required jars are named in CONTENTS.TXT files in the lib folders.
Build-scripts are provided to create a demo EAR and client jar. The EAR can be deployed to JBoss and the client jar can be started with the “java -jar” command from a console.
from spring-security.
Andreas Senft said:
Attached documentation in DocBook format. I hope it can be used that way.
from spring-security.
Luke Taylor said:
I haven’t been able to integrate this with the main project maven 2 build yet.
from spring-security.
Luke Taylor said:
I’m afraid I have to postpone this again as I don’t see how it can be integrated with the build.
from spring-security.
Andreas Senft said:
Do you want me to repackage things? In effect, only the src and test folders need to be processed. The rest is part of the samples.
from spring-security.
Andreas Senft said:
Attached archive “spring_security_ejb_V1.1.zip”. This contains only the sources and unit tests. Perhaps that might be integrated more easily. There should be no external dependencies to resolve beside those SpringSecurity needs itself.
Regards,
Andreas
from spring-security.
Wei Ming You said:
If you don’t do this, somebody else will do it. The monody and arbitrary are against the spirit of Open Source. This problem " Propogate Security Identity from Servlet Layer to EJB Layer" has been came up for years, Eg. http://forum.springframework.org/showthread.php?t=26514.
Re:
Luke Taylor – 28/Jan/08 11:41 AM
I’m afraid I have to postpone this again as I don’t see how it can be integrated with the build.
from spring-security.
Luke Taylor said:
I’d like to thank Andreas for his work in putting this together, but I’m afraid we are not realistically going to include it in the codebase. EJB 2.0 support isn’t part of the roadmap for Spring Security. EJB are increasingly uncommon in this era of Spring and EJB 3.0. The code will still be available here for anyone who wants to use it in legacy applications.
from spring-security.
ajay hada said:
Andreas you did a great job.. I feel that suggested feature is realistic. and I think lots of people want this feature.
Luke why don't you reopen this issues and think again to integrate.
from spring-security.
Related Issues (20)
- Mention all required dependencies in LDAP documentation
- Mention all required dependencies in LDAP documentation
- Mention all required dependencies in LDAP documentation
- Endpoint returns a 500, instead of 403 status code when the user does not have required permission HOT 5
- fallback for method based authorization HOT 2
- The docs reference #7537 which is closed
- Find Roles for Authority using the RoleHierarchy? HOT 2
- Investigate why `checkSamples` is running slow
- Upgrade to Spring Framework 6.2.0-M4
- OpenID Connect Oauth2 Logout Token not using custom jwt alg
- Remove Deprecated Usages for Spring LDAP HOT 1
- Adapt to form data not adding charset if it is UTF-8 HOT 2
- Support multiple OpaqueTokenIntrospector HOT 6
- Improve @AuthenticationPrincipal meta-annotations
- Split of Method Security Documentation
- A broken link in Spring Security reference HOT 2
- Highly concurrent requests with `client_credentials` cause duplicate access token requests HOT 6
- A broken link in Spring Security reference
- Consider adding `RestClient` implementations of `OAuth2AccessTokenResponseClient`
- Servlet and Reactive OAuth2 Client consistency
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spring-security.