Discussoes de Programacao e Tecnologia

Acegi - Como bloqeuar recursos estáticos?

0 respostas
B
bytecodesbr

Acegi - Como bloqeuar recursos estáticos?

Como faço no framework acegi para bloquear recursos estáticos por exemplo:

/resource/images/error.gif=ROLE_SUPERVISOR

Não estou conseguindo fazer isso… segue em anexo a configuração do ACEGI:

<!-- ********************** -->
<!-- Segurança - Início     -->
<!-- ********************** -->

<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.SiteminderAuthenticationProcessingFilter">
	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
	<property name="authenticationFailureUrl"><value>/login.xhtml?login_error=1</value></property>
	<property name="defaultTargetUrl"><value>/security.do?method=getMainMenu</value></property>
	<property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
	<property name="siteminderUsernameHeaderKey"><value>SM_USER</value></property>
	<property name="formUsernameParameterKey"><value>j_username</value></property>
</bean>

<bean id="filterChainProxy"
	class="org.acegisecurity.util.FilterChainProxy">
	<property name="filterInvocationDefinitionSource">
		<value>
			CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
			PATTERN_TYPE_APACHE_ANT
			/**=httpSessionContextIntegrationFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
		</value>
	</property>
</bean>

<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" />

<bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" />

<bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
	<property name="authenticationManager" ref="authenticationManager" />
	<property name="rememberMeServices" ref="rememberMeServices" />
</bean>

<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
	<property name="key" value="changeThis" />
	<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS" />
</bean>

<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
	<property name="authenticationEntryPoint">
		<bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
			<property name="loginFormUrl" value="/login.xhtml" />
			<property name="forceHttps" value="false" />
		</bean>
	</property>
	<property name="accessDeniedHandler">
		<bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
			<property name="errorPage" value="/view/seguranca/acessonegado.html"/>
		</bean>
	</property>
</bean>

<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
	<property name="authenticationManager">
		<ref bean="authenticationManager" />
	</property>
	<property name="accessDecisionManager">
		<bean class="org.acegisecurity.vote.AffirmativeBased">
			<property name="allowIfAllAbstainDecisions" value="false" />
			<property name="decisionVoters">
				<list>
					<bean class="org.acegisecurity.vote.RoleVoter" />
					<bean class="org.acegisecurity.vote.AuthenticatedVoter" />
				</list>
			</property>
		</bean>
	</property>
	<!-- TODO: Remover os mapeamentos que não estão sendo usados -->
	<property name="objectDefinitionSource">
		<value>
			CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
			PATTERN_TYPE_APACHE_ANT
			/secure/extreme/**=ROLE_SUPERVISOR
			/cadastro/pessoafisica/**=ROLE_SUPERVISOR
			/view/seguranca/**=IS_AUTHENTICATED_REMEMBERED
			/view/seguranca/acessonegado.html=ROLE_SUPERVISOR
			/secure/**=IS_AUTHENTICATED_REMEMBERED
			/**=IS_AUTHENTICATED_ANONYMOUSLY
			/resource/framework/resignation/images/error.gif=ROLE_SUPERVISOR    			
		</value>
	</property>
</bean>

<bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
	<property name="userDetailsService" ref="userDetailsService" />
	<property name="key" value="changeThis" />
</bean>

<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
	<property name="providers">
		<list>
			<ref local="daoAuthenticationProvider" />
			<bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
				<property name="key" value="changeThis" />
			</bean>
			<bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
				<property name="key" value="changeThis" />
			</bean>
		</list>
	</property>
</bean>

<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
	<property name="userDetailsService" ref="jdbcDaoImpl" />
	<property name="passwordEncoder"><ref bean="passwordEncoder"/></property>
	<property name="userCache">
		<bean class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
			<property name="cache">
				<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
					<property name="cacheManager">
						<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
					</property>
					<property name="cacheName" value="userCache" />
				</bean>
			</property>
		</bean>
	</property>
</bean>

<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
<!-- TODO: Remover bean pois não está sendo utilizado pela aplicação
		   Esse bean esta utilizado em rememberMeServices, refirar usa utilidade. -->
<bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
	<property name="userProperties">
		<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
			<property name="location" value="/WEB-INF/user.properties" />
		</bean>
	</property>
</bean>

<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
	<property name="driverClassName"><value>com.mysql.jdbc.Driver</value></property>
	<property name="url"><value>jdbc:mysql://localhost:3306/servir</value></property>
	<property name="username"><value>root</value></property>
	<property name="password"><value>123456</value></property>
</bean>

<bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
	<property name="dataSource"><ref bean="dataSource"/></property>
</bean>

<bean id="passwordEncoder" class="br.org.venhaservir.modulo.seguranca.ServirAcegiShaPasswordEncoder">
	<constructor-arg value="512"/>
</bean>

<bean id="authenticationController" class="br.org.venhaservir.modulo.seguranca.controle.AuthenticationController" scope="session">
	<property name="authenticationManager">
		<ref bean="authenticationManager" />
	</property>
</bean>

<!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
<bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener" />
<!-- ********************** -->
<!-- Segurança - Fim        -->
<!-- ********************** -->
Alura Sistemas operacionais: entenda seu conceito e suas funções Descubra o que são sistemas operacionais, suas funções e tipos. Aprenda tudo de forma clara e objetiva. Não perca tempo!
Criado 14 de outubro de 2007
Respostas 0
Participantes 1

Topicos relacionados

Componente de forum 4 respostas Consultar CPF pelo nome na Receita Federal 5 respostas Pegadinhas que se fazem com os pobres estagiários 62 respostas [Resolvido] Como comparar Strings em C? 6 respostas Converter pixels para centímetros 9 respostas
Fiap Graduacao em Tecnologia — FIAP Analise e Desenvolvimento de Sistemas, Engenharia de Software e mais
Casa do Codigo Casa do Codigo — Livros de tecnologia Livros de programacao, infraestrutura e inovacao