ACEGI Authentication with JDBC provider

The purpose of writing this article is when i wanted to implement ACEGI authentication and authorization i did not got any solution.I tried hard with Spring forum for the solution but i got no response.In fact i was very new to this framework and finding very dificulty to understand.
I toiled hard to get the solution in fact i determined to get the solution thats why i got.
So i want all the new bie or even experienced people to get help from my post how to do ACEGI authentication and authorization so that they wont struggle like i did to get the solution.

First you have to know what is ACEGI
ACEGI is nothing but a security framework based on spring.
As far of my kowledge this framework provides security for web based and standalone application
So the requisite for this is first of all we have to do some configuration in web.xml
Which is as below.

<?xml version="1.0" encoding="UTF-8"?><br /><web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xsi="http://www.w3.org/2001/XMLSchema-instance" schemalocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"><br /><context-param><br /> <param-name>contextConfigLocation</param-name><br /> <param-value><br /> /WEB-INF/applicationContext.xml<br /> </param-value><br /> </context-param> <br /> <br /> <listener> <br /> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class><br /> </listener><br /> <filter><br /><filter-name>Acegi Filter Chain Proxy</filter-name><br /><filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class><br /><init-param><br /><param-name>targetClass</param-name><br /><param-value>org.acegisecurity.util.FilterChainProxy</param-value><br /></init-param><br /></filter><br /><filter-mapping><br /><filter-name>Acegi Filter Chain Proxy</filter-name><br /><url-pattern>/*</url-pattern><br /><!--<dispatcher>FORWARD</dispatcher>//Uncomment it when u use jsf<br /><dispatcher>REQUEST</dispatcher> --><br /></filter-mapping><br /></web-app>


Lets have some look for the for the tag in web.xml the first tag load a spring applicationContext file at the load up.
The second tag is basically a listener which enables any spring filter in web.xml with application Context Filter(Beans) here in our case is FilterChain Proxy
The final tag is for a basically filter which allows all the request to pass through this filter so that it can be captured by ACEGI framework.


Next step is lets create the login page for this
The code goes below

<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %><br /><%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %><br /><%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %><br /><%@ page import="org.acegisecurity.AuthenticationException" %><br /><br /><br /><br /><script type="text/javascript"><br /> function callFun()<br /> {<br /> alert("aaa");<br /> document.getElementById("buttonId").click();<br /> }<br /> </script><br /><br /><br /><br /><br /><c:if test="${not empty param.login_error}"><br /><span style="color:red;"><br />Your login attempt was not successful, try again.<br /><br /><br />Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %><br /></span><br /></c:if><br /><br /><form action="" value="'/j_acegi_security_check'/">" method="post"><br /><table><br /><tbody><tr><td>User:</td><td><input name="j_username" value="<%=session.getAttribute("uname")%" type="text">></td></tr><br /><tr><td>Password:</td><td><input name="j_password" value="<%=session.getAttribute("pass")%" type="password">></td></tr><br /><tr><td><input name="_acegi_security_remember_me" type="checkbox"></td><td>Don't ask for my password for two weeks</td></tr><br /><br /><tr><td colspan="2"><input name="submit" id="buttonId" type="submit"></td></tr><br /><tr><td colspan="2"><input name="reset" type="reset"></td></tr><br /></tbody></table><br /><br /></form>




This code is little modification from original login page In this case i assume u are using some frame work like Struts or JSF/ADF for ur application if that is the case
just create a login page for ur application with frame work tages appart from this login page such that when u have filled the username and password and clicked on the Login Button it will hit the regular jsf/struts method from there u have to redirect it to this page which takes care of every thing remember one thing u dont have to any authentication in the method.It will take care by the spring context file which i will explain shortly.

Now lets write the applicationContext file and place it in the same path of web.xml

the code for the that is given below.




<beans><br /><bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"><br /><property name="filterInvocationDefinitionSource"><br /><value><br />CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON<br />PATTERN_TYPE_APACHE_ANT<br />/**=httpSessionContextIntegrationFilter,formAuthenticationProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor<br /></value><br /></property><br /></bean><br /><bean id="formAuthenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"><br /><property name="filterProcessesUrl"><br /><value>/j_acegi_security_check</value><br /></property><br /><property name="authenticationFailureUrl"><br /><value>/pages/accessDenied.jsp</value><br /></property><br /><property name="defaultTargetUrl"><br /><value>/</value><br /></property><br /><property name="authenticationManager"><br /><ref bean="authenticationManager"><br /></ref><br /></property><br /><bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"><br /></bean><br /><bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"><br /><property name="providers"><br /><list><br /><ref bean="daoAuthenticationProvider"><br /></ref><br /></list><br /></property><br /><bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"><br /><property name="userDetailsService"><br /><ref local="jdbcAuthenticationDao"><br /></ref><br /></property><br /><bean id="jdbcAuthenticationDao" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"><br /><property name="dataSource"><br /><ref bean="dataSource"><br /></ref><br /><property name="usersByUsernameQuery"><br /><value><br />SELECT username,password,enabled as '1' FROM user WHERE username =?<br /></value><br /></property><br /><!--<property name="authoritiesByUsernameQuery"><br /> <value>SELECT username,authority FROM authorities WHERE username = ?</value><br /> </property> --><br /></property><br /><bean id="filterSecurityInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"><br /><property name="authenticationManager"><br /><ref bean="authenticationManager"><br /></ref><br /><property name="accessDecisionManager"><br /><ref bean="accessDecisionManager"><br /></ref><br /><property name="objectDefinitionSource"><br /><value><br />CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON<br />PATTERN_TYPE_APACHE_ANT<br /></value><br /></property><br /></property><br /><bean id="formLoginAuthenticationEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"><br /><property name="loginFormUrl"><br /><value>/pages/login.jsp</value><br /></property><br /><property name="forceHttps"><br /><value>false</value><br /></property><br /></bean><br /><bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"><br /><property name="authenticationEntryPoint"><br /><ref bean="formLoginAuthenticationEntryPoint"><br /></ref><br /></property><br /><bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"><br /><property name="driverClassName"><br /><value>com.mysql.jdbc.Driver</value><br /></property><br /><property name="url"><br /><value>jdbc:mysql://localhost/database</value><br /></property><br /><property name="username"><br /><value>root</value><br /></property><br /><property name="password"><br /><value>root</value><br /></property><br /></bean><br /><bean id="accessDecisionManager" class="org.acegisecurity.vote.UnanimousBased"><br /><property name="decisionVoters"><br /><!--<list><br /> <ref bean="roleVoter"><br /> </list> --><br /><bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"><br /></bean><br /></property><br /><!-- <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"><br /> <property name="rolePrefix"><br /> <value>ROLE_ADMIN</value><br /> </property><br /> </bean> --><br /></bean><br /></bean></beans>

The above code explanation u can get from any tutorial
but i like to tell u some thing here very special abt jbdcDaoImp which really hit me hard the queryies which i have created for property 'usersByUsernameQuery'
is mandate for authenctication which u can map it to ur users table
but some think here needs to be remembered is that the username and password field in the table should be same as what i have mentioned and one more extra filed has to be included in the users table i'e enabled which is a boolean field.In the users table one thing needs to be taken care is that username should be the primary key.
Lastly u have to do one more thing is u have to create an extra table
Called authorites which is mandate
The Script of is i am giving below


CREATE TABLE `authorities` (<br />`username` varchar(50) NOT NULL,<br />`authority` varchar(50) NOT NULL,<br />KEY `fk_authorities_users` (`username`),<br />CONSTRAINT `fk_authorities_users` FOREIGN KEY (`username`) REFERENCES `user` (`username`)<br />) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Remember one thing this username in primary key in users table
Thats all u will now be able to do authenticaion with ACEGI
Happy coding