Acegi Security Framework for Spring Tips

Over at Craig's stack trace, Crag has a nice post on a terse configuration for the Acegi Security Framework for Spring.

Now that version 0.7 of Acegi is out, I had to make two small changes to Craig's acegi-common.xml file. This file holds all the default and stock beans needed for a generic install of Acegi. By moving all the boilerplate config out of the main configuration files, Acegi suddenly becomes usable.

To make this config work in the Acegi 0.7 + Spring 1.1.4 world, you must make (at least) two minor modifications.

First, for all the beans in acegi-common.xml that will be redefined in your application specific security configuration, you must add the attribute abstract="true". This is in addition to lazy-init="true". The abstract attribute forces Spring not to load up the bean, even if another bean references it. This is the case in acegi-common.xml where the httpSessionIntegrationFilter bean references other beans.

Which brings me to my second tip. You need to change the AutoIntegrationFilter reference to HttpSessionIntegrationFilter (or another IntegrationFilter of your choice). In version 0.7 of Acegi, the AutoIntegrationFilter has been removed.

It all seems to be working, now!
Post a Comment

Popular posts from this blog

  • Sponsor:  Register today for  New Game, the conference for HTML5 game developers . Learn from Mozilla, Opera, Google, Spil, Bocoup, Mandreel, Subsonic, Gamesalad, EA, Zynga, and others at this intimate and technically rich conference. Join us for two days of content from developers building HTML5 games today. Nov 1-2, 2011 in San Francisco.  Register now ! This is the second article in a Box2D series, following the Box2D Orientation article. The Box2DWeb port of Box2D contains a nice example to show off the basics of integrating physics simulations into your web app. This post will provide a walkthrough of the example, explaining the high level concepts and code. First, let's see the example in action. The code for the above is open source and available on GitHub. It was adapted from Box2DWeb's example . Animating Before we look at Box2D, it's important to understand how the above simulation is animated. You might think setInterval or setTimeout is
  • In which I port a snazzy little JavaScript audio web app to Dart , discover a bug, and high-five type annotations. Here's what I learned. [As it says in the header of this blog, I'm a seasoned Dart developer. However, I certainly don't write Dart every day (I wish!). Don't interpret this post as "Hi, I'm new to Dart". Instead, interpret this post as "I'm applying what I've been documenting."] This post analyzes two versions of the same app, both the original (JavaScript) version and the Dart version. The original version is a proxy for any small JavaScript app, there's nothing particularly special about the original version, which is why it made for a good example. This post discusses the differences between the two implementations: file organization, dependencies and modules, shims, classes, type annotations, event handling, calling multiple methods, asynchronous programming, animation, and interop with JavaScript libraries. F
  • Angular and Polymer, sitting in a DOM tree, B-i-n-d-i-n-g. First comes components, Then comes elements, Then comes the interop with the node dot bind. Angular , a super heroic MVC framework, and Polymer , polyfills and enhancements for custom elements built on top of Web Components, can live harmoniously in the same app. This post shows you how to connect Angular-controlled components to Polymer-controlled elements via data binding. And we do it all in Dart . Angular and Polymer I get asked "Should I use Angular or Polymer?" a lot. My answer is, "Yes". That is, both libraries have distinct strengths, and you can use both in the same app. Polymer excels at creating encapsulated custom elements. You can use those custom elements in any web app or web page, regardless if that app is built with Angular, Ember, etc. Angular excels at application engineering, with dependency injection, end-to-end testability, routing, and services. Here are som