ICEfaces
  1. ICEfaces
  2. ICE-5845

Support Spring Security 3

          Details

          • Type: New Feature New Feature
          • Status: Closed
          • Priority: Major Major
          • Resolution: Fixed
          • Affects Version/s: 1.8.2-EE-GA_P01
          • Fix Version/s: 1.8.2-EE-GA_P02
          • Component/s: Framework
          • Labels:
            None
          • Environment:
            ICEFaces + Spring framework 3.0 + Spring Security 3.0

            Description

            A client provided patch here http://jira.icefaces.org/browse/ICE-5245 correctly tested for the repackaged Authentication class to detect Spring Security 3, but we need to create an additional wrapper (of the style provided by com.icesoft.faces.env.SpringAuthWrapper) to use the correct class. The API has changed slightly so the wrapper must change.

              Activity

              Descending order - Click to sort in ascending order
              Hide
              Permalink
              Krashan Brahmanjara added a comment - - edited

              Is this correct way of integration spring security 3.0.4 with ice?
              Now lib directory contains mix of security libraries (old 2.0.* and new 3.0.*) implementations
              Version 3.0.* was redesigned and some class was moved to another packages.

              Only SpringAuthWrapperV3.java was wriiten for security 3.0.4.
              Another sources still contain deprecated references. Just try remove spring-security-core-2.0.* from lib directory.

              [javac] Compiling 382 source files to D:\ice\src20101112\core\target\classes
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:37: package org.springframework.security does not exist
              [javac] import org.springframework.security.Authentication;
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:38: package org.springframework.security does not exist
              [javac] import org.springframework.security.GrantedAuthority;
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:39: package org.springframework.security.context does not exi
              st
              [javac] import org.springframework.security.context.HttpSessionContextIntegrationFilter;
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:40: package org.springframework.security.context does not exi
              st
              [javac] import org.springframework.security.context.SecurityContext;
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:47: cannot find symbol
              [javac] symbol : class Authentication
              [javac] location: class com.icesoft.faces.env.SpringAuthWrapper
              [javac] private final Authentication authentication;
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapperV3.java:39: package org.springframework.security.web.context does n
              ot exist
              [javac] import org.springframework.security.web.context.HttpSessionContextIntegrationFilter;
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\async\render\GroupAsyncRenderer.java:169: warning: non-varargs call of varargs method wi
              th inexact argument type for last parameter;
              [javac] cast to java.lang.Class<?> for a varargs call
              [javac] cast to java.lang.Class<?>[] for a non-varargs call and to suppress this warning
              [javac] Method getIdMethod = session.getClass().getMethod("getId", null );
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\async\render\GroupAsyncRenderer.java:170: warning: non-varargs call of varargs method wi
              th inexact argument type for last parameter;
              [javac] cast to java.lang.Object for a varargs call
              [javac] cast to java.lang.Object[] for a non-varargs call and to suppress this warning
              [javac] Object id = getIdMethod.invoke(session,null);
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:50: cannot find symbol
              [javac] symbol : class Authentication
              [javac] location: class com.icesoft.faces.env.SpringAuthWrapper
              [javac] this.authentication = (Authentication) principal;
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:59: cannot find symbol
              [javac] symbol : class GrantedAuthority
              [javac] location: class com.icesoft.faces.env.SpringAuthWrapper
              [javac] GrantedAuthority[] authorities = authentication.getAuthorities();
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:74: cannot find symbol
              [javac] symbol : class Authentication
              [javac] location: class com.icesoft.faces.env.SpringAuthWrapper
              [javac] if (principal instanceof Authentication) {
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:77: cannot find symbol
              [javac] symbol : class SecurityContext
              [javac] location: class com.icesoft.faces.env.SpringAuthWrapper
              [javac] SecurityContext sc = (SecurityContext) sessionMap.get(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:77: cannot find symbol
              [javac] symbol : class SecurityContext
              [javac] location: class com.icesoft.faces.env.SpringAuthWrapper
              [javac] SecurityContext sc = (SecurityContext) sessionMap.get(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:77: cannot find symbol
              [javac] symbol : variable HttpSessionContextIntegrationFilter
              [javac] location: class com.icesoft.faces.env.SpringAuthWrapper
              [javac] SecurityContext sc = (SecurityContext) sessionMap.get(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
              [javac] ^
              [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapperV3.java:83: cannot find symbol
              [javac] symbol : variable HttpSessionContextIntegrationFilter
              [javac] location: class com.icesoft.faces.env.SpringAuthWrapperV3
              [javac] HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
              [javac] ^
              [javac] Note: Some input files use or override a deprecated API.
              [javac] Note: Recompile with -Xlint:deprecation for details.
              [javac] Note: Some input files use unchecked or unsafe operations.
              [javac] Note: Recompile with -Xlint:unchecked for details.
              [javac] 13 errors
              [javac] 4 warnings

              Show
              Krashan Brahmanjara added a comment - - edited Is this correct way of integration spring security 3.0.4 with ice? Now lib directory contains mix of security libraries (old 2.0.* and new 3.0.*) implementations Version 3.0.* was redesigned and some class was moved to another packages. Only SpringAuthWrapperV3.java was wriiten for security 3.0.4. Another sources still contain deprecated references. Just try remove spring-security-core-2.0.* from lib directory. [javac] Compiling 382 source files to D:\ice\src20101112\core\target\classes [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:37: package org.springframework.security does not exist [javac] import org.springframework.security.Authentication; [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:38: package org.springframework.security does not exist [javac] import org.springframework.security.GrantedAuthority; [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:39: package org.springframework.security.context does not exi st [javac] import org.springframework.security.context.HttpSessionContextIntegrationFilter; [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:40: package org.springframework.security.context does not exi st [javac] import org.springframework.security.context.SecurityContext; [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:47: cannot find symbol [javac] symbol : class Authentication [javac] location: class com.icesoft.faces.env.SpringAuthWrapper [javac] private final Authentication authentication; [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapperV3.java:39: package org.springframework.security.web.context does n ot exist [javac] import org.springframework.security.web.context.HttpSessionContextIntegrationFilter; [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\async\render\GroupAsyncRenderer.java:169: warning: non-varargs call of varargs method wi th inexact argument type for last parameter; [javac] cast to java.lang.Class<?> for a varargs call [javac] cast to java.lang.Class<?>[] for a non-varargs call and to suppress this warning [javac] Method getIdMethod = session.getClass().getMethod("getId", null ); [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\async\render\GroupAsyncRenderer.java:170: warning: non-varargs call of varargs method wi th inexact argument type for last parameter; [javac] cast to java.lang.Object for a varargs call [javac] cast to java.lang.Object[] for a non-varargs call and to suppress this warning [javac] Object id = getIdMethod.invoke(session,null); [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:50: cannot find symbol [javac] symbol : class Authentication [javac] location: class com.icesoft.faces.env.SpringAuthWrapper [javac] this.authentication = (Authentication) principal; [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:59: cannot find symbol [javac] symbol : class GrantedAuthority [javac] location: class com.icesoft.faces.env.SpringAuthWrapper [javac] GrantedAuthority[] authorities = authentication.getAuthorities(); [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:74: cannot find symbol [javac] symbol : class Authentication [javac] location: class com.icesoft.faces.env.SpringAuthWrapper [javac] if (principal instanceof Authentication) { [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:77: cannot find symbol [javac] symbol : class SecurityContext [javac] location: class com.icesoft.faces.env.SpringAuthWrapper [javac] SecurityContext sc = (SecurityContext) sessionMap.get(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY); [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:77: cannot find symbol [javac] symbol : class SecurityContext [javac] location: class com.icesoft.faces.env.SpringAuthWrapper [javac] SecurityContext sc = (SecurityContext) sessionMap.get(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY); [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapper.java:77: cannot find symbol [javac] symbol : variable HttpSessionContextIntegrationFilter [javac] location: class com.icesoft.faces.env.SpringAuthWrapper [javac] SecurityContext sc = (SecurityContext) sessionMap.get(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY); [javac] ^ [javac] D:\ice\src20101112\core\src\com\icesoft\faces\env\SpringAuthWrapperV3.java:83: cannot find symbol [javac] symbol : variable HttpSessionContextIntegrationFilter [javac] location: class com.icesoft.faces.env.SpringAuthWrapperV3 [javac] HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY); [javac] ^ [javac] Note: Some input files use or override a deprecated API. [javac] Note: Recompile with -Xlint:deprecation for details. [javac] Note: Some input files use unchecked or unsafe operations. [javac] Note: Recompile with -Xlint:unchecked for details. [javac] 13 errors [javac] 4 warnings
              Hide
              Permalink
              Greg Dick added a comment -

              We took the user patch that contained introspective extensions to the BridgeExternalContext for Spring 3 and corrected the way the Authorization class was instantiated in the same class. Now that the Spring security demonstration application is working, we can verify that the support for spring 3 is working. http://jira.icefaces.org/browse/ICE-5864

              Show
              Greg Dick added a comment - We took the user patch that contained introspective extensions to the BridgeExternalContext for Spring 3 and corrected the way the Authorization class was instantiated in the same class. Now that the Spring security demonstration application is working, we can verify that the support for spring 3 is working. http://jira.icefaces.org/browse/ICE-5864

                People

                • Assignee:
                  Greg Dick
                  Reporter:
                  Greg Dick
                • Votes:
                  1 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: