Listing 1
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
"http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>
<display-name>Acegi Demo</display-name>
<!-- 1. Setup two parameters: -->
<!-- a) Acegišs configuration file -->
<!-- b) Loggin configuration file -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<!-- 2. Setup the Acegi Filter Chain Proxy -->
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 3. Setup three listeners -->
<!-- a) Setup a listener to connect spring with the web context -->
<listener>
<listener-
class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- b) Setup a listener to connect spring with log4J -->
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!-- c) Setup ACEGI to subscribe to http session events in the web context -->
<listener>
<listener-class>net.sf.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
</listener>
<!-- 4. The Usual Welcome File List -->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
Listing 2
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter, authenticationProcessingFilter,
anonymousProcessingFilter, securityEnforcementFilter
</value>
</property>
</bean>
<!-- The first item in the Chain: httpSessionContextIntegrationFilter -->
<bean id="httpSessionContextIntegrationFilter"
class="net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter">
<property name="context">
<value>net.sf.acegisecurity.context.security.SecureContextImpl</value>
</property>
</bean>
<!-- the second item in the chain: authenticationProcessingFilter -->
<bean id="authenticationProcessingFilter"
class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
<property name="authenticationManager"><ref
bean="authenticationManager"/></property>
<property
name="authenticationFailureUrl"><value>/acegilogin.jsp?login_error=1</value></property>
<property name="defaultTargetUrl"><value>/secured/</value></property>
<property name="alwaysUseDefaultTargetUrl"><value>true</value></property>
<property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
</bean>
<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="daoAuthenticationProvider"/>
<ref local="anonymousAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="authenticationDao">
<ref local="memoryAuthenticationDao"/>
</property>
</bean>
<bean id="memoryAuthenticationDao"
class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
<property name="userMap">
<value>sapient=password,ROLE_ADMIN,ROLE_USER</value>
</property>
</bean>
<bean id="anonymousAuthenticationProvider" class="net.sf.
acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
<property name="key"><value>foobar</value></property>
</bean>
<!-- the third item in the chain: anonymousProcessingFilter -->
<bean id="anonymousProcessingFilter"
class="net.sf.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key"><value>foobar</value></property>
<property
name="userAttribute"><value>anonymousUser,ROLE_ANONYMOUS</value></property>
</bean>
<!-- the fourth item in the chain: securityEnforcementFilter -->
<bean id="securityEnforcementFilter"
class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
<property name="filterSecurityInterceptor"><ref
local="filterInvocationInterceptor"/></property>
<property name="authenticationEntryPoint"><ref
local="authenticationProcessingFilterEntryPoint"/></property>
</bean>
<bean id="filterInvocationInterceptor"
class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager"><ref
bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref
local="httpRequestAccessDecisionManager"/></property>
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/acegilogin.jsp*=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
/secured*=ROLE_ADMIN
/**=ROLE_USER
</value>
</property>
</bean>
<!-- authenticationManager defined above -->
<bean id="httpRequestAccessDecisionManager"
class="net.sf.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
<property name="decisionVoters">
<list>
<ref bean="roleVoter"/>
</list>
</property>
</bean>
<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
<bean id="authenticationProcessingFilterEntryPoint"
class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl"><value>/acegilogin.jsp</value></property>
<property name="forceHttps"><value>false</value></property>
</bean>
<!-- Done with the chain -->
<!-- This bean automatically receives AuthenticationEvent messages from
DaoAuthenticationProvider -->
<bean id="loggerListener"
class="net.sf.acegisecurity.providers.dao.event.LoggerListener"/>
</beans>