Using Acegi to protect Java applications, part 5th: Securing JavaBean in JSF applications

Source: Internet
Author: User

Configurable security for beans used in JSF applications

This series is made up of five parts, describes the Acegi security System, and demonstrates how to use Acegi to protect enterprise-class Java applications. This article is the last part of the series and will continue to discuss the use of Acegi to protect JSF applications. In part 4th, I described how to use Acegi to protect JSF pages without writing Java code. I also detail the events that occurred when deploying JSF-ACEGI applications and users accessing the program. In this section, I will focus on techniques for protecting JavaBean in JSF applications.

The first example of how to apply the bean security concepts demonstrated in part 3rd to JSF applications is less than ideal. It then demonstrates two new technologies that are particularly suited to protecting JavaBean in JSF applications. Finally, summarizing the four-point strategy allows you to use Acegi to protect beans in a JSF application without writing any Java code.

Simple technology

The easiest way to use a security bean in a JSF application is to perform the five steps described in Listing 4 of part 3rd. In part 3rd, I removed the WEB application context object for the Spring framework from the servlet context. You can safely access the bean at a later time using the WEB application context. Listing 1 below shows how to use the WEB application context in a JSF page:

Listing 1. Extracts a WEB application context from the servlet context and uses it for JSF pages

<%@ page language= "java" contenttype= "text/html; Charset=iso-8859-1 "
pageencoding= "Iso-8859-1"%>
<% @page import= "Sample. Catalogbean "%>
<% @page import= "Org.springframework.web.context.support.WebApplicationContextU tils"%>
<% @page import= "Org.springframework.web.context.WebApplicationContext"% >

<%@ taglib uri= "http://java.sun.com/jsf/html" prefix= "H"% >
<%@ taglib uri= "Http://java.sun.com/jsf/core" prefix= "F"% >

<title>acegi Simple method Security Application:test page</title>
<body>

<f:view>
<%
try {
Webapplicationcontext Webapplicationcontext =
Webapplicationcontextutils.getwebapplicationcontext (
This.getservletconfig (). Getservletcontext ());
Catalogbean Privatecatalog = (Catalogbean)
Webapplicationcontext.getbean ("Privatecatalog");
String privatedata = Catalog.getdata ();
Request.setattribute ("Privatedata", privatedata);
}
catch (Exception e) {}
%>


</f:view>
</body>

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.