ACEGI Authorization

Hi,in my previous blog i have talked about authentication.Here i am going to talk about authorization.Let me tell u first what it is.
Say for an application you want some users to use some feautres and you do not want that feautre to accessible by othere users.This blocking you can achieve through ACEGI
what you have to do is to create roles for each uses and giving priviles to each roles so that roles having certain privileges can access their feautres.Like in an web application we can have roles like Admin,Manager,Quest etc.So each roles can access feautres that others cannot.
You can use the code as i have given in authentication only you have to add some extra tags
which is shown below.
<br /><bean id="dbdrivenFilterInvocationDefinitionSource" class="mypackage.URLInterceptor"/><br />
Here URLInterceptor is a filter which gets invoked for each url and sees whether the current user with a given role has the privilege to acess the url if yes then he can go to the page defined by this url else he is redirected to acess denied page.

The filter code goes here
<br /><br /><br />import java.util.Iterator;<br />import java.util.List;<br />import java.util.Map;<br /><br />import org.acegisecurity.ConfigAttributeDefinition;<br />import org.acegisecurity.ConfigAttributeEditor;<br />import org.acegisecurity.intercept.web.AbstractFilterInvocationDefinitionSource;<br /><br />/**<br /> * *********************<br /> * Intercepts URL<br /> * @author Ajay<br /> * *********************<br /> *<br /> */<br />public classURLInterceptor extends AbstractFilterInvocationDefinitionSource{<br /> /**<br /> * default constructor<br /> *<br /> */<br /> public URLInterceptor(){<br /> <br /> }<br /> /**<br /> * Retrives the roles based on url.<br /> * @param url String<br /> * @return ConfigAttributeDefinition<br /> */<br /> public ConfigAttributeDefinition lookupAttributes(String url) {<br /> List secureObjectRoles = null;<br /> String absUrl = null;<br /> if( url.endsWith("Login.jsp") || url.endsWith("MyAlerts.jsp") || url.endsWith("error.jsp"))<br /> {<br /> return null;<br /> }<br /> final IROAppsAlertService alertSer = (IROAppsAlertService) ROAppsBeanLoader<br /> .getInstance("ROAppsAlertService");<br /> if(url.indexOf("?") > 0 )<br /> {<br /> absUrl=url.substring( url.lastIndexOf("/")+1,url.lastIndexOf("."));<br /> if(absUrl.equalsIgnoreCase("ROAppsAcegiLogin"))<br /> {<br /> return null;<br /> }<br /> secureObjectRoles = alertSer.getRoleBasedOnURL(absUrl);<br /> System.out.println("xxxxxxxxxxxxxxxxurlxxxxxxxxxxxxxxxx"+absUrl);<br /> System.out.println("xxxxxxxxxxxxxxxxxxxxurl rolesxxxxxxxxxxxxx"+secureObjectRoles);<br /> }<br /> if(url.endsWith("jsp") || url.endsWith("jspf"))<br /> {<br /> <br /> absUrl=url.substring( url.lastIndexOf("/")+1,url.lastIndexOf("."));<br /> secureObjectRoles = alertSer.getRoleBasedOnURL(absUrl);<br /> System.out.println("xxxxxxxxxxxxxxxxxxsecured oblectsx ends withxxxxxxxxxxxxxxxx"+secureObjectRoles);<br /> }<br /> if (secureObjectRoles == null)// if secure object not exist in database<br /> return null;<br /> if (secureObjectRoles != null && !secureObjectRoles.isEmpty()) {<br /> System.out.println("xxxxxxxxxxxxxxxxxxsecured oblects not nullxxxxxxxxxxxxxxxxx"+secureObjectRoles);<br /> final ConfigAttributeEditor configAttrEditor = new ConfigAttributeEditor();<br /> final StringBuffer rolesStr = new StringBuffer();<br /> for (int i = 0; i < secureObjectRoles.size(); i++) {<br /> final Map objRole = (Map) secureObjectRoles.get(i);<br /> final String role=(String) objRole.get("txt_acegi_role");<br /> rolesStr.append(role).append(",");<br /> }<br /> System.out.println("xxxxxxxxxxxxxxxxxrole stringxxxxxxxxxxx"+rolesStr);<br /> configAttrEditor.setAsText(rolesStr.toString().substring(0,<br /> rolesStr.length() - 1));<br /> final ConfigAttributeDefinition configAttrDef = (ConfigAttributeDefinition) configAttrEditor<br /> .getValue();<br /> return configAttrDef;<br /> }<br /> return null;<br /> <br /> }<br /> /**<br /> * Implemented to store and can identify <br /> * the net.sf.acegisecurity.ConfigAttributeDefinition<br /> * that applies to a given secure object invocation.<br /> * @return Iterator<br /> */<br /> public Iterator getConfigAttributeDefinitions() {<br /> return null;<br /> }<br />}<br /><br />


Let me explain a bit of the code the method lookupAttributes gets called for each url
with parameter as the url of the current page.Here in this method we do some login inorder to find the all the roles for the current role from the database.
and bind that url to the ConfigAttributeEditor object and return to the caller that is the browser.If the user has role that is present in the this object than he can access the current page else not.

Memory leakage

What is memory leakage?
It is nothing but if your jvm cannot provide heap size that your application requires at runtime then memory leakage takes place.
Todays industry are facing a great problem with this the reason basically for this is creating unnessary objects.And also care has not been taken while creating session object which pays a high penalty.Imagine a web application where a 1000 user hits persecond and we have created session objects without having any thought so imagine what is going to happen.
To avoid this lets create only one session per user.For that you have to create session like this
HttpSession session =request.getSession(false);
what it will do if a session object is already there it wont create a new one as regard to true or void arguement of getSession method of request object.

How to give an alias name for a web application?

Well one day a need arised that we have to maintain versioning for our application i.e a war and ear
So the problem happpened with me was how to keep the context root of the war which i have used in my Apps for page redirection.
As i was using Jboss server for development.It has a capability of adding an alias name for context root.We just have to create a file called jboss-web.xml and put inside our web-inf folder of our application the tag we have to put inside the file is
<br /><jboss-web><br /><context-root>yourroot</context-root><br /></jboss-web><br />
thats all.So now if your war file name is project-1.0.war
you can just acess your application from brower as http://host:portno/yourroot/ thats all.