Access dynamic URLs from a form using Spring Security using Struts2?

Question

Access dynamic URLs from a form using Spring Security using Struts2?

I have now developed a web application using java with the spring framework. And I also used spring security 3.0 for security.

I used spring to authenticate login through a database, access URLs and manage session by default. Now I am ready to apply URL rights dynamically from the form, and not define it in an XML file, which makes searching in spring security more difficult.

Struts.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">

<struts>
<constant name="struts.devMode" value="false" />

<constant name="struts.action.excludePattern" value="/j_spring_security_check" />
<constant name="struts.action.excludePattern"
    value="/j_spring_security_check.*,.*\\.j_spring_security_check" />
<package name="lms"  extends="struts-default,json-default">

    <!-- /** defining result types for implementing tiles **/ -->
    <result-types>
        <result-type name="tiles"  class="org.apache.struts2.views.tiles.TilesResult" />
        <result-type name="plainText" class="org.apache.struts2.dispatcher.PlainTextResult" />
        <result-type name="json" class="org.apache.struts2.json.JSONResult" />
    </result-types>


    <interceptors>
        <interceptor name="json"
            class="org.apache.struts2.json.JSONInterceptor" />
            <!-- <interceptor-stack name="storeStack">
            <interceptor-ref name="defaultStack" />
            <interceptor-ref name="store">
                <param name="operationMode">STORE</param>
            </interceptor-ref>
        </interceptor-stack>

        <interceptor-stack name="retrieveStack">
            <interceptor-ref name="defaultStack" />
            <interceptor-ref name="store">
                <param name="operationMode">RETRIEVE</param>
            </interceptor-ref>
        </interceptor-stack> -->

    </interceptors>
    <!-- <interceptors>
        <interceptor-stack name="storeStack">
            <interceptor-ref name="defaultStack" />
            <interceptor-ref name="store">
                <param name="operationMode">STORE</param>
            </interceptor-ref>
        </interceptor-stack>

        <interceptor-stack name="retrieveStack">
            <interceptor-ref name="defaultStack" />
            <interceptor-ref name="store">
                <param name="operationMode">RETRIEVE</param>
            </interceptor-ref>
        </interceptor-stack>
    </interceptors> -->
    <action name="lead_home">
        <result type="tiles">lead_tiles</result>
    </action>

    <action name="">
        <result></result>
    </action>
    <action name="baseTemplate">
        <result>/dashboard.jsp</result>
    </action>

    </package>


<!-- #####[Lead_Setup_Source]#### -->
<package name="lead_setup_source" namespace="/lead/setup/source" extends="lms">

    <action name="getForm" class="com.tpc.action.LeadSourceAction">
        <result type="tiles">setup_lead_source</result>
    </action>

    <action name="formAction" method="actionTriggerLeadSource"
        class="com.tpc.action.LeadSourceAction">
        <result name="SAVE_SUCCESS" type="redirectAction">
            <param name="actionName">getList</param>
            <param name="action_msg">${action_msg}</param>
        </result>
        <result name="SAVE_ERROR" type="tiles">setup_lead_source</result>
        <result name="UPDATE_ERROR" type="tiles">setup_lead_source</result>
        <result name="DELETE_ERROR" type="tiles">setup_lead_source</result>
        <result name="UPDATE_SUCCESS" type="redirectAction">
            <param name="actionName">getList</param>
            <param name="action_msg">${action_msg}</param>
        </result>
        <result name="DELETE_SUCCESS" type="redirectAction">
            <param name="actionName">getList</param>
            <param name="action_msg">${action_msg}</param>
        </result>
        <result name="NEW_SUCCESS" type="redirect">getForm</result>
    </action>

    <action name="getById" method="actionGetLeadSource"
        class="com.tpc.action.LeadSourceAction">
        <result name="success" type="tiles">setup_lead_source</result>
    </action>

    <action name="getList" method="actionGetListLeadSource"
        class="com.tpc.action.LeadSourceAction">
        <result name="success" type="tiles">setup_lead_source_list</result>
    </action>

</package>


<!-- #####[Lead_Source_Event]#### -->
<package name="lead_setup_source_event" namespace="/lead/setup/source_event" extends="lms">

    <action name="getForm" method="loadLeadSourceEventForm" class="com.tpc.action.LeadSourceEventAction">
        <interceptor-ref name="store">
            <param name="operationMode">RETRIEVE</param>
        </interceptor-ref>
        <result name="success" type="tiles">setup_lead_source_event</result>
        <result name="error" type="tiles">setup_lead_source_event</result>
    </action>

    <action name="formAction" method="triggerAction" class="com.tpc.action.LeadSourceEventAction">
        <interceptor-ref name="store">
            <param name="operationMode">STORE</param>
        </interceptor-ref>
        <interceptor-ref name="defaultStack" />

        <result name="CREATE_SUCCESS" type="redirectAction">
            <param name="actionName">getList</param>
            <param name="lead_source_e_id">${lead_source_e_id}</param>
        </result>
        <result name="CREATE_ERROR" type="redirectAction">getForm</result>
        <result name="GET_SUCCESS" type="tiles">setup_lead_source_event
        </result>
        <result name="UPDATE_SUCCESS" type="redirectAction">
            <param name="actionName">getList</param>
            <param name="lead_source_e_id">${lead_source_e_id}</param>
        </result>
        <result name="UPDATE_ERROR" type="redirectAction">getById</result>
        <result name="DELETE_SUCCESS" type="redirectAction">getList
        </result>
        <result name="DELETE_ERROR" type="redirectAction">getList
        </result>
        <result name="error" type="tiles">setup_lead_source_event
        </result>
    </action>

    <action name="getById" method="actionGetLeadSourceEvent" class="com.tpc.action.LeadSourceEventAction">
        <interceptor-ref name="defaultStack" />
        <interceptor-ref name="store">
            <param name="operationMode">RETRIEVE</param>
        </interceptor-ref>
        <result name="success" type="tiles">setup_lead_source_event
        </result>
        <result name="error" type="tiles">setup_lead_source_event</result>
    </action>

    <action name="getList" method="actionGetLeadSourceEventList"    class="com.tpc.action.LeadSourceEventAction">
        <interceptor-ref name="store">
            <param name="operationMode">RETRIEVE</param>
        </interceptor-ref>

        <result name="success" type="tiles">list_lead_source_event
        </result>
        <result name="error" type="tiles">list_lead_source_event</result>
    </action>

</package>
</struts>

spring -security.xml

<?xml version="1.0" encoding="UTF-8" ?>
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:b="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans

http://www.springframework.org/schema/beans/spring-beans-3.0.xsd


http://www.springframework.org/schema/security


http://www.springframework.org/schema/security/spring-security-3.1.xsd">

<http realm="Project Realm" auto-config="true" use-expressions="true">




<!-- Lead Source Setup -->
<intercept-url pattern="/lead/setup/source/**" access="hasAnyRole('ROLE_ADMIN','ROLE_DIRECTOR','ROLE_LEAD_MANAGER')"/>


<!-- Lead Source Event -->
<intercept-url pattern="/lead/setup/source_event/**" access="hasAnyRole('ROLE_ADMIN','ROLE_DIRECTOR','ROLE_LEAD_MANAGER','ROLE_LEAD_OFFICER')"/>





<intercept-url pattern="/lead/lead_home" access="hasAnyRole('ROLE_ADMIN','ROLE_DIRECTOR','ROLE_LEAD_MANAGER','ROLE_LEAD_OFFICER')"/>

<!-- ******END OF LEAD ******END OF LEAD ******END OF LEAD ******END OF LEAD ******END OF LEAD ******END OF LEAD ******END OF LEAD ****** -->




<intercept-url pattern="/annapurnaERP/**" access="hasAnyRole('ROLE_ADMIN','ROLE_DIRECTOR')"/>
<form-login login-page="/login.jsp" default-target-url="/dashboard.jsp" 
    authentication-failure-url="/login.jsp?login_error=1"/>

<logout logout-success-url="/login.jsp"/>
<remember-me />
</http>

<authentication-manager>
    <authentication-provider>

    <jdbc-user-service data-source-ref="dataSource"

   users-by-username-query="
     SELECT USERNAME, PASSWORD, CASE ENABLED WHEN 1 THEN 'true' ELSE 'false' END 'ENABLED' 
     FROM SETUP_SYSTEM_USER_CREDIENTIALS  
     WHERE USERNAME=?;"

   authorities-by-username-query="
    SELECT u.USERNAME, r.ROLES 
    FROM SETUP_SYSTEM_USER_CREDIENTIALS u, SETUP_SYSTEM_STAFF_USER_ROLES r
    WHERE u.SSUR_ID = r.SSUR_ID
    AND u.USERNAME=?;"

    />
</authentication-provider>
</authentication-manager>

</b:beans>

So, as you can see, the entire URL pattern is defined in this XML file. So, how can I define a URL pattern dynamically from forms. By the way, right now my project is working fine, I just want to add some dynamon.

, , : . , XML . , , LEAD_OFFICER ( ) .

<-- Lead Source Setup -->
<intercept-url pattern="/lead/setup/source/**"         access="hasAnyRole('ROLE_ADMIN','ROLE_DIRECTOR')"/>


<!-- Lead Source Event -->
<intercept-url pattern="/lead/setup/source_event/**" access="hasAnyRole('ROLE_ADMIN','ROLE_DIRECTOR','ROLE_LEAD_OFFICER')"/>

xml . , XML . , UI FORM. , . .

+4

java spring spring-mvc spring-security struts2

SunJCarkeY 20 '14 4:55

1

afsal parangooz · Answer 1 · 2014-06-12T15:53:05+0000

jsp, <img src="<s:url value="YourUrlCreationAction" />">

UrlCreationAction Urls

Access dynamic URLs from a form using Spring Security using Struts2?

More articles: