Today I did an upgrade of acegi for my sample application. Ofcourse there are a lot of resources about upgrading. There is an entry on the homepage of acegi and the blog from Matt Raible. These are my findings.

I have a CustomJdbcDaoImpl class, I used to obtain the granted authorities with the following lines of code:

PersonDetails person = (PersonDetails) users.get(0);
List dbAuths = getAuthoritiesByUsernameMapping().execute(person.getUsername());
if (dbAuths.size() == 0) {
  throw new UsernameNotFoundException(“User has no GrantedAuthority”);
GrantedAuthority[] arrayAuths = {};
addCustomAuthorities(person.getUsername(), dbAuths);

There is however a problem with the method ‘ getAuthoritiesByUsernameMapping()’, this does not exist anymore in the 0.9.0 acegi version.
To be continued

The following change is getting a secure context. With the new version we use the following code to obtain a secure context:

There is an issue with the events as well, there are now two main events, one for authentication and one for authorization:

<bean id=”authenticationLoggerListener” class=”net.sf.acegisecurity.event.authentication.LoggerListener”/>
<bean id=”authorizationLoggerListener” class=”net.sf.acegisecurity.event.authorization.LoggerListener”/>

I also had to change my SecurityEventListener, the names of the events are changed, the code now looks like this:
public void onApplicationEvent(ApplicationEvent event) {
  if (event instanceof AuthenticationFailureBadCredentialsEvent) {
  AuthenticationFailureBadCredentialsEvent authEvent = (AuthenticationFailureBadCredentialsEvent) event;
  if (event instanceof AuthenticationSuccessEvent) {
  AuthenticationSuccessEvent authEvent = (AuthenticationSuccessEvent) event;

And finally, since my tag for authentication is now within the project I removed all the customized code for my custom taglibrary. See earliar posts if you want to know what I am talking about.

problems while upgrading sample from acegi 0.8.3 to 0.9.0