Articles, notes and random thoughts on Software Development and Technology
Expression-based Access Control allows you to annotate specific methods with access rules. To enable, add the following element to your webmvc-config.xml file for your Roo webapp (not the security context file, it must be in the context file for the web app):
<security:global-method-security pre-post-annotations="enabled"/>
The explanation for why this needs to be in your webapp context is covered here.
To map a default Spring MVC view to a URL, for example to map the default URL, /, add this to your webmvc-config.xml file to define a static view, i.e. a view not using an explicit Controller:
<mvc:view-controller path="/" view-name="index"/>
You can change the view-name attribute to point to any other view if you need to have a default other than /views/index.jspx .
Note that using the web.xml welcome file only works for a real file, and doesn’t work to map to a Spring MVC view URL:
<welcome-file-list><welcome-file>/index</welcome-file></welcome-file-list>
By default, after you’ve added Spring Security to your Roo app with ‘security setup’, you get an example config in a applicationContext-security.xml file like this:
<http auto-config="true" use-expressions="true">
<form-login login-processing-url="/resources/j_spring_security_check" login-page="/login" authentication-failure-url="/login?login_error=t"/>
<logout logout-url="/resources/j_spring_security_logout"/>
<!-- Configure these elements to secure URIs in your application -->
<intercept-url pattern="/choices/**" access="hasRole('ROLE_ADMIN')"/>
<intercept-url pattern="/member/**" access="isAuthenticated()" />
<intercept-url pattern="/resources/**" access="permitAll" />
<intercept-url pattern="/**" access="permitAll" />
</http>
The default pattern matching approach is to use Ant style path matching. If you need to be more specific for what URLs you need to define security against, then you can change to use regex style pattern matching by adding this attribute to the <http> element:
<http ... path-type="regex" ... >
Now, let’s say you need to have different roles for creating verses listing member records – Spring Roo uses a couple of GET parameters to distinguish between these actions, so using regex you can match on these like this:
<intercept-url pattern="/member?form" access="hasRole('ROLE_ADMIN')" />
<intercept-url pattern="/member?page.*" access="hasRole('ROLE_USER')" />
It seems Spring Roo has some issues taking an existing Maven project and converting it to a Roo project, even if the imported project has nothing more than skeleton src folder structure and a vanilla pom.xml file.
Trying to update the project’s config via the Maven plugin in also gives odd errors:
Problems encountered while setting the problem description
Trying to use Roo to get started with the existing project to add your persistence setup gives errors about missing config in your pom.xml:
roo> persistence setup --database MYSQL --provider HIBERNATE additionalBuildcommands element of the maven-eclipse-plugin required
I think the main issue is if you take an existing source and then convert it to an Eclipse project with ‘mvn eclipse:eclipse’ – this seems to the be starting point for the issues, as you end up with Eclipse .project and .classpath files configured differently from what Roo + STS is expecting.
I created an empty new Roo project to look at what changes you’d need to do by hand to get this fixed up, and it looks like you need to copy across the following to your existing project:
.project:
<buildSpec> <buildCommand> <name>org.eclipse.ajdt.core.ajbuilder</name> <arguments> </arguments> </buildCommand> <buildCommand> <name>org.springframework.ide.eclipse.core.springbuilder</name> <arguments> </arguments> </buildCommand> <buildCommand> <name>org.eclipse.m2e.core.maven2Builder</name> <arguments> </arguments> </buildCommand> </buildSpec> <natures> <nature>org.eclipse.m2e.core.maven2Nature</nature> <nature>org.eclipse.jdt.core.javanature</nature> <nature>org.eclipse.ajdt.ui.ajnature</nature> <nature>com.springsource.sts.roo.core.nature</nature> <nature>org.springframework.ide.eclipse.core.springnature</nature> </natures>
Maven pom.xml file changes:
<properties>
<roo.version>1.1.5.RELEASE</roo.version>
<spring.version>3.0.5.RELEASE</spring.version>
<aspectj.version>1.6.11</aspectj.version>
<slf4j.version>1.6.1</slf4j.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
Repo and plugin in repo settings:
<repositories>
<repository>
<id>spring-maven-release</id>
<name>Spring Maven Release Repository</name>
<url>http://maven.springframework.org/release</url>
</repository>
<repository>
<id>spring-maven-milestone</id>
<name>Spring Maven Milestone Repository</name>
<url>http://maven.springframework.org/milestone</url>
</repository>
<repository>
<id>spring-roo-repository</id>
<name>Spring Roo Repository</name>
<url>http://spring-roo-repository.springsource.org/release</url>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>spring-maven-release</id>
<name>Spring Maven Release Repository</name>
<url>http://maven.springframework.org/release</url>
</pluginRepository>
<pluginRepository>
<id>spring-maven-milestone</id>
<name>Spring Maven Milestone Repository</name>
<url>http://maven.springframework.org/milestone</url>
</pluginRepository>
<pluginRepository>
<id>spring-roo-repository</id>
<name>Spring Roo Repository</name>
<url>http://spring-roo-repository.springsource.org/release</url>
</pluginRepository>
</pluginRepositories>
Dependencies:
<dependencies>
<!-- General dependencies for standard applications -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.8.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.16</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${slf4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<version>${slf4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>${slf4j.version}</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>${aspectj.version}</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>${aspectj.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>net.sf.flexjson</groupId>
<artifactId>flexjson</artifactId>
<version>2.1</version>
</dependency>
<!-- ROO dependencies -->
<dependency>
<groupId>org.springframework.roo</groupId>
<artifactId>org.springframework.roo.annotations</artifactId>
<version>${roo.version}</version>
<scope>provided</scope>
</dependency>
<!-- Spring dependencies -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aspects</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>${spring.version}</version>
</dependency>
</dependencies>
Build section:
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.1.1</version>
<!-- <configuration> <webXml>target/web.xml</webXml> </configuration> -->
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>2.3.2</version>
<configuration>
<source>1.6</source>
<target>1.6</target>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>aspectj-maven-plugin</artifactId>
<version>1.2</version> <!-- NB: do use 1.3 or 1.3.x due to MASPECTJ-90 - wait for 1.4 -->
<dependencies>
<!-- NB: You must use Maven 2.0.9 or above or these are ignored (see MNG-2972) -->
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>${aspectj.version}</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjtools</artifactId>
<version>${aspectj.version}</version>
</dependency>
</dependencies>
<executions>
<execution>
<goals>
<goal>compile</goal>
<goal>test-compile</goal>
</goals>
</execution>
</executions>
<configuration>
<outxml>true</outxml>
<aspectLibraries>
<aspectLibrary>
<groupId>org.springframework</groupId>
<artifactId>spring-aspects</artifactId>
</aspectLibrary>
</aspectLibraries>
<source>1.6</source>
<target>1.6</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-resources-plugin</artifactId>
<version>2.5</version>
<configuration>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.8</version>
<configuration>
<printSummary>false</printSummary>
<redirectTestOutputToFile>true</redirectTestOutputToFile>
<excludes>
<exclude>**/*_Roo_*</exclude>
</excludes>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<version>2.2.1</version>
<configuration>
<descriptorRefs>
<descriptorRef>jar-with-dependencies</descriptorRef>
</descriptorRefs>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<version>2.6</version>
</plugin>
<!-- IDE -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-eclipse-plugin</artifactId>
<version>2.7</version> <!-- Note 2.8 does not work with AspectJ aspect path -->
<configuration>
<downloadSources>true</downloadSources>
<downloadJavadocs>false</downloadJavadocs>
<wtpversion>2.0</wtpversion>
<additionalBuildcommands>
<buildCommand>
<name>org.eclipse.ajdt.core.ajbuilder</name>
<arguments>
<aspectPath>org.springframework.aspects</aspectPath>
</arguments>
</buildCommand>
<buildCommand>
<name>org.springframework.ide.eclipse.core.springbuilder</name>
</buildCommand>
</additionalBuildcommands>
<additionalProjectnatures>
<projectnature>org.eclipse.ajdt.ui.ajnature</projectnature>
<projectnature>com.springsource.sts.roo.core.nature</projectnature>
<projectnature>org.springframework.ide.eclipse.core.springnature</projectnature>
</additionalProjectnatures>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-idea-plugin</artifactId>
<version>2.2</version>
<configuration>
<downloadSources>true</downloadSources>
<dependenciesAsLibraries>true</dependenciesAsLibraries>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>tomcat-maven-plugin</artifactId>
<version>1.1</version>
</plugin>
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<version>7.4.2.v20110526</version>
<configuration>
<webAppConfig>
<contextPath>/${project.name}</contextPath>
</webAppConfig>
</configuration>
</plugin>
</plugins>
</build>
One last step: copy across a blank applicationContext.xml file from an empty Roo project – if you don’t, when you issue Roo commands it looks for the file expecting it to already exist.
There’s notes here on how to convert an existing project to Roo, though it’s more like some suggestions than actual steps.