Re: [appfuse-user] About Acegi security in appfuse 1.9.4

Tue, 05 Jun 2007 07:43:28 -0700 

From the javadocs for PathBasedFilterInvocationDefinitionMap

(http://tinyurl.com/29talb):

The order of registering the Ant paths using the addSecureUrl(String,
ConfigAttributeDefinition) is very important. The system will identify
the first matching path for a given HTTP URL. It will not proceed to
evaluate later paths if a match has already been found. Accordingly,
the most specific paths should be registered first, with the most
general paths registered last.

Matt

On 6/5/07, Haotian Sun <[EMAIL PROTECTED]> wrote:

Hi all,

I just have an interesting question about the order of URL patterns for
odbjectDefintionSource in FilterSecurityInterceptor. The following is
the original configuration from appfuse's securtity in version 1.9.4

 <bean id="filterInvocationInterceptor"
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
        <property name="authenticationManager" ref="authenticationManager"/>
        <property name="accessDecisionManager" ref="accessDecisionManager"/>
        <property name="objectDefinitionSource">
            <value>
                PATTERN_TYPE_APACHE_ANT
                /clickstreams.jsp*=admin
                /flushCache.*=admin
                /passwordHint.html*=ROLE_ANONYMOUS,admin,user
                /reload.*=admin
                /signup.html*=ROLE_ANONYMOUS,admin,user
                /users.html*=admin
                /**/*.html*=admin,user
            </value>
        </property>
    </bean>

If I change the order of thsoe URL patterns to the following order, for
example, move the /passwordHint.html* after /**/*.html*, the
passwordHint will not be invoked anyhow.
      <property name="objectDefinitionSource">
            <value>
                PATTERN_TYPE_APACHE_ANT
                /clickstreams.jsp*=admin
                /flushCache.*=admin
                /reload.*=admin
                /signup.html*=ROLE_ANONYMOUS,admin,user
                /users.html*=admin
                /**/*.html*=admin,user
                /passwordHint.html*=ROLE_ANONYMOUS,admin,user
            </value>
        </property>

Can anyone please explain me the mistery there? Is there any specific
order for those URLs to follow in appuse's security configuration?

Best regards,

Haotian Sun

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





--
http://raibledesigns.com

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to