Changeset 4013


Ignore:
Timestamp:
11/12/13 16:49:14 (11 years ago)
Author:
olhsha
Message:

implementing authentication=provider as a database, using approach 2 from http://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#ns-auth-providers, and constructing the security Db as in http://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#db_schema_users_authorities

Location:
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend
Files:
1 added
3 edited

Legend:

Unmodified
Added
Removed

  • DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/nb-configuration.xml

    r3974 r4013  
    2020        <config-files>
    2121            <config-file>src/main/resources/spring-config/applicationContext-security.xml</config-file>
    22             <config-file>src/test/resources/spring-test-config/mockHttpServletRequest.xml</config-file>
    23             <config-file>src/test/resources/spring-test-config/mockHttpServletResponse.xml</config-file>
    24             <config-file>src/main/resources/spring-config/httpServletResponse.xml</config-file>
     22            <config-file>src/main/resources/spring-config/securityDataSource.xml</config-file>
    2523        </config-files>
    2624        <config-file-groups/>

  • DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/rest/AnnotationResource.java

    r4010 r4013  
    113113        } else {
    114114            try {
    115                 logger.error("Unathorized-access attempt");
    116                 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
     115                logger.error("FORBIDDEN-access attempt");
     116                httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
    117117            } catch (IOException ioe) {
    118118                logger.error("IOException: Cannot send server respond about unaithorized access.");
     
    138138        } else {
    139139            try {
    140                 logger.error("Unathorized-access attempt");
     140                logger.error("FORBIDDEN-access attempt");
    141141                httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
    142142            } catch (IOException ioe) {
     
    184184        } else {
    185185            try {
    186                 logger.error("Unathorized-access attempt");
     186                logger.error("FORBIDDEN-access attempt");
    187187                httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
    188188            } catch (IOException ioe) {
     
    209209            return result + " annotation(s) deleted.";
    210210        } else {
    211             logger.error("Unathorized-access attempt. Only the owner can delete an annotation.");
     211            logger.error("FORBIDDEN-access attempt. Only the owner can delete an annotation.");
    212212            try {
    213213                httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
     
    258258
    259259        } else {
    260             logger.error("Unathorized-access attempt.");
     260            logger.error("FORBIDDEN-access attempt.");
    261261            logger.error("The logged-in user is not authorised to alter this annotation. ");
    262262            try {
     
    288288
    289289        } else {
    290             logger.error("Unathorized-access attempt");
     290            logger.error("FORBIDDEN-access attempt");
    291291            logger.error("The logged-in user is not authorised to alter this annotation. ");
    292292            try {
     
    313313            return new ObjectFactory().createResponseBody(makePermissionResponseEnvelope(annotationID));
    314314        } else {
    315             logger.error("Unathorized-access attempt");
     315            logger.error("FORBIDDEN-access attempt");
    316316            logger.error("The logged-in user is not authorised to alter this annotation. ");
    317317            try {

  • DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/resources/spring-config/applicationContext-security.xml

    r3972 r4013  
    3939<authentication-manager>
    4040    <authentication-provider>
    41         <user-service>
    42             <user name="olha" password="adminpassword" authorities="ROLE_USER, ROLE_ADMIN" />
    43             <user name="twan" password="twanpassword" authorities="ROLE_USER" />
    44             <user name="eric" password="ericpassword" authorities="ROLE_USER" />
    45             <user name="stephanie" password="stephaniepassword" authorities="ROLE_USER" />
    46             <user name="olof" password="olofpassword" authorities="ROLE_USER" />
    47             <user name="peter" password="peterpassword" authorities="ROLE_USER" />
    48             <user name="daan" password="daanpassword" authorities="ROLE_USER" />
    49             <user name="menzo" password="menzopassword" authorities="ROLE_USER" />
    50             <user name="przemek" password="przemekpassword" authorities="ROLE_USER" />
    51         </user-service>
     41        <jdbc-user-service data-source-ref="securityDataSource"/>
    5242    </authentication-provider>
    5343</authentication-manager>
Note: See TracChangeset for help on using the changeset viewer.