Uploaded image for project: 'Spring Security'
  1. Spring Security
  2. SEC-1780

Drop in JPA based replacement for the JDBC ACL Security Implementation

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.0.5
    • Fix Version/s: None
    • Component/s: ACLs

      Description

      I have implemented a drop in JPA based replacement for the JDBC ACL security implementation.

      We had an issue where we wanted to create ACL entries and and use them within a JPA bean test. The issue we found was that the JDBC ACL implementation used a different session so we were not able to create the ACLs, use them, and roll them back in a single transaction. This implementation allows that.

      The attached jar contains the SOURCE for the implementation. It does not modify any existing classes but creates jpa packages equivalent to the existing jdbc packages.

      Test cases are included

      The jpa-security.xml provides an example of the configuration. It does require an externally defined userDetailsService bean.

      The design utilizes the JPA transactions to isolate changes until a commit occurs. The design also utilizes the DB functionality to store large ACLs.

      The SQL code has been tested on MySQL.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            claudenw Claude Warren
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: