Month: May 2006

Posted on

Side by side comparison of level of animation details possible in PS3 vs PS2

This is a video on the Fosfor Gadgets website of a Sony/EA presentation showing the level of detail possible in animating game characters on the PS3.

What is amazing is whereas before to get an ingame character on the PS2 to respond to events happening in space around the character and turn to look at that event such as a ball in a basketball game it is obvious from the video that the developers had a number of different versions of the character and would switch between the graphic animations, eg for one for each point of the compass and maybe one inbetween each point. Now on the PS3 they have enough horse power to animate to turn and respond to something happening 360 degrees around the character, without having to swtich between different animation sets of images (or if they do it is completely seamless).

The level of detail in the basketball character as he moves is also quite amazing. They point out in the video before on the PS2 most of the time foot movements are not truely animated, but the character’s feet tend to slide across the floor, for example as he turns on the spot. Now on the PS3 his feet movements can be truely animated as if the character is walking and turning, and it looks very realistic.

What I also noticed is the physics details in the players body movement – his arms don’t just raise up and down – as they come down to his side you get the impression of weight as they move, and as he turns it is obvious his arms have weight and are affected by the movement of his body. Quite amazing.

I don;t know if this is a technical demo or in game action (they said it was live and being demo’d on a PS3), but it really is amazing.

Posted on

Securing a Grails web-app using Spring Acegi Security

There’s no mention of Security on the Grails website, however, since the framework and the generated applications are using Spring under the covers, I wondered if you could use the Acegi Security System to secure URLs.

From some experiementing with the supplied beans, and adding filters to the web.xml and bean defs in the applicationContext.xml file, this is possible, exactly the same as for any other web application.

This is awesome as it allows you to add role-based URL security to URLs in your web app, and to protect access to certain parts of the application, perhaps ‘edit’ and ‘create’ controllers so that unauthenticated users can just have access to the view parts of the application.

See my notes here for the configuration.

Posted on

Creating a new web app with Grails – step by step guide

I’ve started working with Grails on a new project, and as part of this work I’m documenting as I go what is involved.

Here’s my latest article covering how to create a new web pap from scratch using the Grails framework. From these few steps you can be up and running with a web app and generated scaffolding code giving you basic CRUD functionality in no time.

If you haven’t seen Grails yet, take a look at these steps to see how little effort is involved. And if you were shying away from Ruby on Rails because you spend the majority of your time living and working in the Java world, then Grails may be for you as it is based on Groovy, a Java based scripting language that runs on the Java VM.

Posted on

Securing a Grails application using Spring and Acegi Security

Since a Grails application uses Spring, it’s possible to configure an application using Grails to use Acegi Security. This example shows what is required to provide role-based URL security for a Grails application.

web.xml config

I found that the ContextLoaderServlet did not work with Acegi Security – it didn’t find the applicationContext file. Replacing it with the Listener configuration did work:

  • Comment out the ContextLoaderServlet in web-app/web.template.xml
  • Add the following lines: 
    <code>
&lt;context-param&gt;
  &lt;param-name&gt;contextConfigLocation&lt;/param-name&gt;
  &lt;param-value&gt;/WEB-INF/applicationContext.xml&lt;/param-value&gt;
&lt;/context-param&gt;

&lt;listener&gt;
  &lt;listener-class&gt;org.springframework.web.context.ContextLoaderListener&lt;/listener-class&gt;
&lt;/listener&gt;
</code>

Add the following filter configuration and mapping to wire in the Acegi Security beans to the web app:

<code>
&lt;filter&gt;
    &lt;filter-name&gt;Acegi Filter Chain Proxy&lt;/filter-name&gt;
    &lt;filter-class&gt;
	  org.acegisecurity.util.FilterToBeanProxy
    &lt;/filter-class&gt;
    &lt;init-param&gt;
	  &lt;param-name&gt;targetClass&lt;/param-name&gt;
	  &lt;param-value&gt;
		org.acegisecurity.util.FilterChainProxy
	  &lt;/param-value&gt;
    &lt;/init-param&gt;
&lt;/filter&gt;
      
&lt;filter-mapping&gt;
  &lt;filter-name&gt;Acegi Filter Chain Proxy&lt;/filter-name&gt;
  &lt;url-pattern&gt;/*&lt;/url-pattern&gt;
&lt;/filter-mapping&gt;

</code>

This filter mapping configuration will send all requests through the Acegi filter to check authentication if needed (depending on URL patterns configured in the next section.

Acegi Bean Configuration

Add the following bean definitions to the applicationContext.xml file in web-app/WEB-INF:

<code>
   &lt;bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"&gt;
     &lt;property name="providers"&gt;
       &lt;list&gt;
         &lt;ref bean="daoAuthenticationProvider"/&gt;
       &lt;/list&gt;
     &lt;/property&gt;
&lt;/bean&gt;

&lt;bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"&gt;
  &lt;property name="userDetailsService"&gt;&lt;ref bean="inMemoryDaoImpl"/&gt;&lt;/property&gt;
&lt;/bean&gt;

   &lt;bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"&gt;
     &lt;property name="userMap"&gt;
       &lt;value&gt;
           admin=password,ROLE_ADMIN
       &lt;/value&gt;
     &lt;/property&gt;
&lt;/bean&gt;

&lt;bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"&gt;
  &lt;property name="authenticationManager"&gt;&lt;ref bean="authenticationManager"/&gt;&lt;/property&gt;
  &lt;property name="authenticationFailureUrl"&gt;&lt;value&gt;/acegilogin.jsp?login_error=1&lt;/value&gt;&lt;/property&gt;
  &lt;property name="defaultTargetUrl"&gt;&lt;value&gt;/&lt;/value&gt;&lt;/property&gt;
  &lt;property name="filterProcessesUrl"&gt;&lt;value&gt;/j_acegi_security_check&lt;/value&gt;&lt;/property&gt;
&lt;/bean&gt;

&lt;!-- prior to ACEGI RC2, was org.acegisecurity.intercept.web.SecurityEnforcementFilter --&gt;
&lt;!--
RC2 notes:
org.acegisecurity.intercept.web.SecurityEnforcementFilter has moved to a new location and name, 
org.acegisecurity.ui.ExceptionTranslationFilter. In addition, the "filterSecurityInterceptor" property on the old 
SecurityEnforcementFilter class has been removed. This is because SecurityEnforcementFilter will no longer 
delegate to FilterSecurityInterceptor as it has in the past. Because this delegation feature has been 
removed (see SEC-144 for a background as to why), please add a new filter definition for FilterSecurityInterceptor 
to the end of your FilterChainProxy. Generally you'll also rename the old SecurityEnforcementFilter entry in your FilterChainProxy 
to ExceptionTranslationFilter, more accurately reflecting its purpose. If you are not using FilterChainProxy 
(although we recommend that you do), you will need to add an additional filter entry to web.xml and use 
FilterToBeanProxy to access the FilterSecurityInterceptor.
--&gt;
&lt;bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"&gt;
    &lt;property name="authenticationEntryPoint"&gt;
        &lt;ref bean="authenticationEntryPoint"/&gt;
    &lt;/property&gt;
&lt;/bean&gt;

      &lt;bean id="httpSessionIntegrationFilter"
            class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"&gt;
            &lt;property name="context"&gt;
                  &lt;value&gt;
                        org.acegisecurity.context.SecurityContextImpl
                  &lt;/value&gt;
            &lt;/property&gt;
      &lt;/bean&gt;
      
&lt;bean id="authenticationEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"&gt;
  &lt;property name="loginFormUrl"&gt;&lt;value&gt;/acegilogin.jsp&lt;/value&gt;&lt;/property&gt;
  &lt;property name="forceHttps"&gt;&lt;value&gt;false&lt;/value&gt;&lt;/property&gt;
&lt;/bean&gt;
      
&lt;bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/&gt;

&lt;bean id="accessDecisionManager" class="org.acegisecurity.vote.UnanimousBased"&gt;
    &lt;property name="allowIfAllAbstainDecisions"&gt;
        &lt;value&gt;false&lt;/value&gt;
    &lt;/property&gt;
    &lt;property name="decisionVoters"&gt;
        &lt;list&gt;
           &lt;ref local="roleVoter"/&gt;
        &lt;/list&gt;
    &lt;/property&gt;
&lt;/bean&gt;

&lt;bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"&gt;
    &lt;property name="authenticationManager"&gt;
        &lt;ref bean="authenticationManager"/&gt;&lt;/property&gt;
    &lt;property name="accessDecisionManager"&gt;
        &lt;ref bean="accessDecisionManager"/&gt;&lt;/property&gt;
    &lt;property name="objectDefinitionSource"&gt;
        &lt;value&gt;
            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
           PATTERN_TYPE_APACHE_ANT
            /secure/**=ROLE_ADMIN
            /item/create=ROLE_ADMIN
            /item/delete/*=ROLE_ADMIN
            /item/edit/*=ROLE_ADMIN
            /category/create=ROLE_ADMIN
            /category/delete/*=ROLE_ADMIN
            /category/edit/*=ROLE_ADMIN
            
        &lt;/value&gt;
    &lt;/property&gt;
&lt;/bean&gt;

      &lt;bean id="filterChainProxy"
            class="org.acegisecurity.util.FilterChainProxy"&gt;
            &lt;property name="filterInvocationDefinitionSource"&gt;
                  &lt;value&gt;
                        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                        PATTERN_TYPE_APACHE_ANT
                        /**=httpSessionIntegrationFilter,authenticationProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
                  &lt;/value&gt;
            &lt;/property&gt;
      &lt;/bean&gt;
</code>

This configuration uses the org.acegisecurity.userdetails.memory.InMemoryDaoImpl ‘in memory’ configuration and defines one user, ‘admin’, with password ‘password’, and a role of ‘ROLE_ADMIN’.

The org.acegisecurity.ui.webapp.AuthenticationProcessingFilter bean defines the HTML form to be used to perform the authentication, using the page acegilogin.jsp.

The FilterSecurityInterceptor bean ties together all the configuration beans, and allows you to specify URL patterns and roles that are allowed to access those URLs. The URLs are relative to the Grails app. In this example, roles are assigned to Item and Category controllers, and various CRUD actions on those controllers.

Example login page

This is the simplest case HTML page with a form for the logon. Create this file, acegilogin.jsp in the web-app directory:

<code>
&lt;html&gt;

&lt;body&gt;
&lt;h3&gt;Logon&lt;/h3&gt;
&lt;form action="j_acegi_security_check" method="POST"&gt;
&lt;p&gt;UserID: &lt;input type="text" name="j_username"&gt;
&lt;p&gt;Password: &lt;input type="text" name="j_password"&gt;
&lt;p&gt;&lt;input type="submit" value="Logon"&gt;
&lt;/form&gt;

&lt;/body&gt;

&lt;/html&gt;
</code>
Proudly powered by WordPress