Jayaraj Jaganathan

Jacob Kur wrote:ok I figured out that the code did not deploy at all due an error .... Duh!!!

Thanks . it helped me. I opened enterprise explorer , right click all EJB project and selected prepare for deployment. It worked

I hope service-ref tag is only applicable in jboss , websphere ..etc only
not in tomcat. please correct me if i am wrong

found the solution

Spring forum

thanks you Mark Spritzler

I have traced the problem but still don't know the solution

1)

Note : The below class doesn't implement or extend and other class

public class UserAction { public UserAction() { } public String onLoad() { }

<bean id="processUser" class="com.baseframework.web.security.core.userdetails.UserAction" scope="prototype" > <sec:intercept-methods> <sec:protect method="com.baseframework.web.security.core.userdetails.UserAction.onLoad" access="ROLE_SUPERVISOR" /> </sec:intercept-methods> </bean>

my code work with cglib but look at my spring file doesn't have <aop:config proxy-target-class="true" />

I hope <aop:config proxy-target-class="true" /> configuration is not necessary

2) Note : Now the class extend ActionSupport

I get the following exception

javax.servlet.ServletException: java.lang.NoSuchMethodException: $Proxy10.onLoad()

now my problem is my class must extend ActionSupport and cglib proxy need to be created

please help me

Hai all,

I am trying to integrate spring security in my project
i have successfully integrated custom authentication, business function.etc

now i am trying to secure my action methods

<bean id="processUser" class="com.baseframework.web.security.core.userdetails.UserAction" scope="prototype"> <property name="userService" ref="userService" /> </bean>

i have added the security by

<bean id="processUser" class="com.baseframework.web.security.core.userdetails.UserAction" scope="prototype"> <property name="userService" ref="userService" /> <sec:intercept-methods> <sec:protect method="onLoad" access="ROLE_ADMIN" /> </sec:intercept-methods> </bean>

my struts action is able to work correctly before i add sec:intercept-method
after i add sec:intercept-methods i am getting the below exception

javax.servlet.ServletException: java.lang.NoSuchMethodException: $Proxy10.onLoad() org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:515) org.apache.struts2.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:419)

i have searched many web site and finally i am looking for your help
your experience will help me.

please do reply

thanks in advance

Paul Sturrock wrote:Two mappings for the same entity so you can use two different id generation strategies? Why?

its complected to explain, let me try

existing design (shopping cart)
-----------------
when user submit order we store client credit card information in database, here we no need to assign an id, so we used sequence

new requirement (new shopping cart)
--------------------
when user submit order we need to call fraud web service after that we store client credit card information in database,
here fraud web service need credit card id as the request, so we are going to use assigned

Paul Sturrock wrote:What configuration do you want to use? You can either use a generator and delegate to something else to create an id or you can define the id as "assigned" and assign it yourself, you can't do both.

thanks for your reply

so i planned to have two hbm files
1. sequence
2. assigned

I have configuration doubt in hibernate.

please look into my configuration
<id name="id" type="java.lang.Long" column="CREDIT_CARD_ID"> <generator class="sequence"> <param name="sequence">SEQ_CREDIT_CARD_ID</param> </generator> </id>

according to above configuration whenever i save CreditCard.java , next sequence id is generated
now , i tried to set id manually by setting

CreditCard creditCard = new CreditCard(); creditCard.setId(513);

but still it generate next sequence id and getting saved.
please let me know how to configure it accordingly ?

thanks for all your help in advance...

I was using StrutsPrepareAndExecuteFilter for struts2 which catches my exception

I changed to latest version FilterDispatcher filter for struts2 which performs exactly same as i expected

Nathan Pruett wrote:You can implement Spring Security (nee Acegi) as Servlet filters to intercept requests, or annotate models. The view layer library doesn't really impact this decision...

thanks for your reply

i have problem while integration it with spring security

please click

problem description on struts 2 with spring security

after comparing this two log file i came to know that
my exception is not handled by ExceptionTranslationFilter

Spring security with spring mvc
the exception is catched by DispatcherServlet and redirected to login page

but in struts 2 we don't need DispatcherServlet
please some one tell me how to integrate spring security with struts 2

log file spring security with struts
[DEBUG,AffirmativeBased] Voter: org.springframework.security.access.vote.RoleVoter@e77781, returned: -1 [DEBUG,AffirmativeBased] Voter: org.springframework.security.access.vote.AuthenticatedVoter@56d149, returned: 0 [DEBUG,HttpSessionSecurityContextRepository] SecurityContext contents are anonymous - context will not be stored in HttpSession. [DEBUG,ExceptionTranslationFilter] Chain processed normally [DEBUG,SecurityContextPersistenceFilter] SecurityContextHolder now cleared, as request processing completed
log file spring security with spring mvc
[DEBUG,AffirmativeBased] Voter: org.springframework.security.access.vote.RoleVoter@2bae98, returned: -1 [DEBUG,AffirmativeBased] Voter: org.springframework.security.access.vote.AuthenticatedVoter@1d3ac6e, returned: 0 [DEBUG,AnnotationMethodHandlerExceptionResolver] Resolving exception from handler [bigbank.web.PostAccounts@16f3619]: org.springframework.security.access.AccessDeniedException: Access is denied [DEBUG,ResponseStatusExceptionResolver] Resolving exception from handler [bigbank.web.PostAccounts@16f3619]: org.springframework.security.access.AccessDeniedException: Access is denied [DEBUG,DefaultHandlerExceptionResolver] Resolving exception from handler [bigbank.web.PostAccounts@16f3619]: org.springframework.security.access.AccessDeniedException: Access is denied [DEBUG,DispatcherServlet] Could not complete request org.springframework.security.access.AccessDeniedException: Access is denied at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:71) .... [DEBUG,ExceptionTranslationFilter] Access is denied (user is anonymous); redirecting to authentication entry point org.springframework.security.access.AccessDeniedException: Access is denied at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:71) [DEBUG,HttpSessionRequestCache] DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/bank/post.html?id=1&amount=-20.00] [DEBUG,ExceptionTranslationFilter] Calling Authentication entry point. [DEBUG,DefaultRedirectStrategy] Redirecting to 'http://localhost:8080/bank/spring_security_login' [DEBUG,SecurityContextPersistenceFilter] SecurityContextHolder now cleared, as request processing completed

I am trying to integrated spring security with struts 2.

<bean id="helloWorldClass" class="com.vaannila.HelloWorld" > <security:intercept-methods> <security:protect method="com.vaannila.HelloWorld.onUpdate" access="ROLE_SUPERVISOR" /> <security:protect method="com.vaannila.HelloWorld.onLoad" access="ROLE_USER" /> <security:protect method="com.vaannila.HelloWorld.onPublic" access="ROLE_ANONYMOUS" /> </security:intercept-methods> </bean>

when user access onLoad or onUpdate method i am getting error page 500
org.springframework.security.access.AccessDeniedException: Access is denied

instead it has to redirect to login page to get user credentials and back

I don't know what i configuration i have missed out
please help me

Nathan Pruett wrote:They are really the same project - Spring Security is the new name and Acegi Security was the old name.

thanks for your reply.

I have another doubt, I have chosen struts2 as my mvc , now i like to add
security for my web application

please let me know which one to choose Spring Security or acegi

do anyone have sample with struts 2 and spring security or acegi security ?

please help me again

I am confused in choosing spring security or acegi security

I came to know that acegi security is developed using spring and now called as spring security.
but i have downloaded spring security 3.0.2 and extracted it. but i did't find anything related to
acegi.

I tried to find the difference between the two. but i realized that both look similar to me.

I also tried some sample with acegi it has lot of confusing configuration .

please some one help me. which is better and why ?

Thanks for your patient in reviewing my code and giving valuable feed back.

Please look into my new Design as per your comment

David Newton wrote:SalesTax.java

I have renamed into Tax.java due to requirement changes
Requirement 1
to
Requirement 2

Lines 10-12: Redundant comment.

I have removed it

Lines 15, 17: Constants should be named with all capital letters, with words separated by underscores.

I have changed it

Lines 26-35: Misleading comment: you use numeric values in the comment that are not defined in the method itself: if the constants change and the comments don't you're misleading the code maintainer.

You are right and I have changed it

Line 19: There's no reason to have this be an instance variable. (See next.)

I have changed it

Entire class: As written there's no good reason to have this be anything but static methods. If it implemented an interface and there were different ways of calculating the tax I could see it being a class.

if i use interface as below
public interface Tax{ public void calculateTax(Item item); }
and implemented class say SalesTax . for requirement 1 this holds good
but when requirement changes which need Passport to determine SalesTax.
Even though I program to interface still there is no use, because i am going to change both
Tax.java and implemented class SalesTax.java
public interface Tax{ public void calculateTax(Item item); public void calculateTax(Item item,Passport passport); }
Please give your valuable comments on this

Line 64: Misleading comment; uses values not defined locally.

I am not clear on this . Please brief

Lines 70-75: I'm not a big fan of redefining parameter values; it's potentially misleading and I believe it should be avoided.

Please let me know how do you think this can be solved.

Design: I'm not convinced that an Item should have a sales tax field. Items don't really have sales tax: purchases do (or "line items" do, which is a combination of an item, a quantity, etc.).

I too agree and created a class names OrderDetail.java for line item which has an Item and tax .
and Order.java for an Purchace

Item.java:

Getter/setter comments: don't bother; it's obvious.