Today I did an upgrade of acegi for my sample application. Ofcourse there are a lot of resources about upgrading. There is an entry on the homepage of acegi and the blog from Matt Raible. These are my findings.
I have a CustomJdbcDaoImpl class, I used to obtain the granted authorities with the following lines of code:
PersonDetails person = (PersonDetails) users.get(0);
List dbAuths = getAuthoritiesByUsernameMapping().execute(person.getUsername());
if (dbAuths.size() == 0) {
throw new UsernameNotFoundException(“User has no GrantedAuthority”);
}
GrantedAuthority[] arrayAuths = {};
addCustomAuthorities(person.getUsername(), dbAuths);
There is however a problem with the method ‘ getAuthoritiesByUsernameMapping()’, this does not exist anymore in the 0.9.0 acegi version.
To be continued
The following change is getting a secure context. With the new version we use the following code to obtain a secure context:
SecurityContextHolder.getContext()
There is an issue with the events as well, there are now two main events, one for authentication and one for authorization:
<bean id=”authenticationLoggerListener” class=”net.sf.acegisecurity.event.authentication.LoggerListener”/>
<bean id=”authorizationLoggerListener” class=”net.sf.acegisecurity.event.authorization.LoggerListener”/>
I also had to change my SecurityEventListener, the names of the events are changed, the code now looks like this:
public void onApplicationEvent(ApplicationEvent event) {
if (event instanceof AuthenticationFailureBadCredentialsEvent) {
AuthenticationFailureBadCredentialsEvent authEvent = (AuthenticationFailureBadCredentialsEvent) event;
securityManager.disablePerson(((User)authEvent.getAuthentication().getPrincipal()).getUsername());
}
if (event instanceof AuthenticationSuccessEvent) {
AuthenticationSuccessEvent authEvent = (AuthenticationSuccessEvent) event;
securityManager.savePersonLastLoggedOn(((User)authEvent.getAuthentication().getPrincipal()).getUsername());
}
}
And finally, since my tag for authentication is now within the project I removed all the customized code for my custom taglibrary. See earliar posts if you want to know what I am talking about.