Udgrade main pom.xml
Remove acegi
<dependencymanagement>
<dependencies>
...
<dependency>
<groupId>org.acegisecurity</groupId>
<artifactId>acegi-security</artifactId>
<version>1.0.6</version>
</dependency>
<dependency>
<groupId>org.acegisecurity</groupId>
<artifactId>acegi-security-tiger</artifactId>
<version>1.0.6</version>
</dependency>
<dependency>
...
</dependencies>
</dependencymanagement>
Add spring-security
<properties>
<spring.version>3.2.8.RELEASE</spring.version>
<spring.security.version>3.2.5.RELEASE</spring.security.version>
</properties>
<dependencymanagement>
<dependencies>
...
<!--SPRING SECURITY START-->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>${spring.security.version}</version>
</dependency>
<!--SPRING SECURITY END-->
...
</dependencies>
</dependencymanagement>
Upgrade classes:
org.acegisecurity.GrantedAuthorityImpl -> org.springframework.security.core.authority.SimpleGrantedAuthority
org.acegisecurity.GrantedAuthority -> org.springframework.security.core.GrantedAuthority
org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache -> org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache;
org.acegisecurity.providers.UsernamePasswordAuthenticationToken -> org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
org.acegisecurity.Authentication -> org.springframework.security.core.Authentication;
org.acegisecurity.context.SecurityContext -> org.springframework.security.core.context.SecurityContext;
org.acegisecurity.context.SecurityContextHolder -> org.springframework.security.core.context.SecurityContextHolder;
org.acegisecurity.AuthenticationException -> org.springframework.security.authentication.AuthenticationServiceException
org.acegisecurity.AuthenticationServiceException -> org.springframework.security.authentication.AuthenticationServiceException
org.acegisecurity.BadCredentialsException -> org.springframework.security.authentication.BadCredentialsException
org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider -> org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
org.acegisecurity.userdetails.UserDetails -> org.springframework.security.core.userdetails.UserDetails
org.acegisecurity.AuthenticationManager -> org.springframework.security.authentication.AuthenticationManager
org.acegisecurity.annotation.Secured -> org.springframework.security.access.annotation.Secured
org.acegisecurity.userdetails.User -> org.springframework.security.core.userdetails.User
for me update constructorur for convert array to collection was enough
class AppUser {
public AppUser(String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired,
boolean accountNonLocked, GrantedAuthority[] authorities) throws IllegalArgumentException {
super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, Arrays.asList(authorities));
}
...
}
authorities -> Arrays.asList(authorities)
Upgrade context:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<!--was
<bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
<property name="authenticationEntryPoint" ref="basicProcessingFilterEntryPoint" />
<property name="authenticationManager" ref="authenticationManager" />
</bean>
-->
<bean id="springSecurityFilterChain" class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
<property name="authenticationEntryPoint" ref="basicProcessingFilterEntryPoint" />
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<!--was
<bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
<property name="realmName" value="My Realm" />
</bean>
-->
<bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
<property name="realmName" value="My Realm" />
</bean>
<!--
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
<property name="allowSessionCreation" value="false" />
</bean>
-->
<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
<property name="forceEagerSessionCreation" value="false" />
</bean>
<!--was
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="usernamePasswordAuthenticationProvider" />
</list>
</property>
</bean>
-->
<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<ref bean="usernamePasswordAuthenticationProvider" />
</list>
</property>
</bean>
......
<!--was
<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter">
<property name="rolePrefix" value="" />
</bean>
-->
<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter">
<property name="rolePrefix" value="" />
</bean>
<!--was
<bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions">
<value>false</value>
</property>
<property name="decisionVoters">
<list>
<ref bean="roleVoter" />
</list>
</property>
</bean>
-->
<!--was
<bean id="securityAnnotationAttributes" class="org.acegisecurity.annotation.SecurityAnnotationAttributes" />
<bean id="objectDefinitionSource" class="org.acegisecurity.intercept.method.MethodDefinitionAttributes">
<property name="attributes" ref="securityAnnotationAttributes" />
</bean>
<bean id="annotationBasedMethodSecurityInterceptor" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="validateConfigAttributes" value="false" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="accessDecisionManager" ref="accessDecisionManager" />
<property name="objectDefinitionSource" ref="objectDefinitionSource" />
</bean>
<bean class="org.acegisecurity.intercept.method.aopalliance.MethodDefinitionSourceAdvisor">
<constructor-arg ref="annotationBasedMethodSecurityInterceptor" />
</bean>
-->
<security:global-method-security pre-post-annotations="enabled"/>
Upgrade app-servlet.xml
just updated necessary dependency. nathing more.
Upgrade web.xml
<!--was
<filter>
<filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.ui.basicauth.BasicProcessingFilter</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
thanks
ReplyDelete