Now that version 0.7 of Acegi is out, I had to make two small changes to Craig's
acegi-common.xmlfile. This file holds all the default and stock beans needed for a generic install of Acegi. By moving all the boilerplate config out of the main configuration files, Acegi suddenly becomes usable.
To make this config work in the Acegi 0.7 + Spring 1.1.4 world, you must make (at least) two minor modifications.
First, for all the beans in
acegi-common.xmlthat will be redefined in your application specific security configuration, you must add the attribute
abstract="true". This is in addition to
abstractattribute forces Spring not to load up the bean, even if another bean references it. This is the case in
httpSessionIntegrationFilterbean references other beans.
Which brings me to my second tip. You need to change the
HttpSessionIntegrationFilter(or another IntegrationFilter of your choice). In version 0.7 of Acegi, the
AutoIntegrationFilterhas been removed.
It all seems to be working, now!