You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

CSF Security in a non-MITSIS App

Prerequisites

There are some criteria that a non-MITSIS application must fulfill before it can use CSF Security. The app should use:

  • Spring Framework 3.1
  • Spring MVC 3.1
  • Spring Security 3.1
  • Java 6 or higher

Add CSF Security Dependencies to App

CSF Security code is contained in a jar file named "csf-security-x.x.x.jar" where x.x.x is the CSF version number. An example, for CSF version 2.0.20 is csf-security-2.2.20.jar. All CSF jar files are located in the IS&T Maven repository (see https://maven.mit.edu), and they can be downloaded from that web site.

CSF security has further dependencies on CSF Base, and CSF Webservices. These modules are in separate jar files, tagged with a matching release number: csf-base-x.x.x.jar and csf-webservices-x.x.x.jar.

So, to summarize, the app needs access to the following CSF jar files:

  • csf-security-x.x.x.jar
  • csf-base-x.x.x.jar
  • csf-webservices-x.x.x.jar

How these jar files are included in the app depends on the build method of the app.

Maven Builds

For apps using Maven, the following dependency should be added to the app's pom.xml file:

        <dependency>
            <groupId>edu.mit.ist.es.csf</groupId>
            <artifactId>csf-security</artifactId>
            <version>x.x.x</version>
        </dependency>

where x.x.x would be replaced by the CSF version number.

This dependency specification will automatically pull in the csf-base and csf-webservices dependencies.

Ant Builds

For apps using Ant for the build process, you will have to get hold of the three jar files (csf-security, csf-base, and csf-webservices) and copy them to the "lib" folder of your web application. The jar files can be downloaded from https://maven.mit.edu/.

CSF Security Spring Configuration

To configure CSF security, you will need to do some XML configuration.

First, make sure your Spring context is referencing the CSF Spring XML files:

    <import resource="classpath*:applicationContext-csf-security-spring.xml" />
    <import resource="classpath*:applicationContext-csf-base.xml" />
    <import resource="classpath*:applicationContext-csf-webservices.xml" />

This is standard Spring Security configuration; we are just plugging in CSF classes into the Spring Security. Assuming you have an XML file controlling your Spring Security configuration, you would need to add

  • No labels