Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEC-1780: Drop in JPA based replacement for the JDBC ACL Security Implementation #2015

Open
spring-issuemaster opened this issue Jul 8, 2011 · 0 comments

Comments

@spring-issuemaster
Copy link

@spring-issuemaster spring-issuemaster commented Jul 8, 2011

Claude Warren (Migrated from SEC-1780) said:

I have implemented a drop in JPA based replacement for the JDBC ACL security implementation.

We had an issue where we wanted to create ACL entries and and use them within a JPA bean test. The issue we found was that the JDBC ACL implementation used a different session so we were not able to create the ACLs, use them, and roll them back in a single transaction. This implementation allows that.

The attached jar contains the SOURCE for the implementation. It does not modify any existing classes but creates jpa packages equivalent to the existing jdbc packages.

Test cases are included

The jpa-security.xml provides an example of the configuration. It does require an externally defined userDetailsService bean.

The design utilizes the JPA transactions to isolate changes until a commit occurs. The design also utilizes the DB functionality to store large ACLs.

The SQL code has been tested on MySQL.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.