ACEGI JSF Components hit the stores

Acegi Security Framework’s mission statement is; “To provide comprehensive security services for The Spring Framework” as stated in acegisecurity.org. In our project we are using JSF-Spring-Hibernate and lately for the security issues, we made the obvious choice Acegi Framework. Acegi has very nice features like securing HTTP Requests, spring method calls and domain object instance security. My first encounter with Acegi was a presentation given by Kenan Sevindik, he showed a demo featuring http requests, spring method calls, testing and securing components on a page by acegi’s jsp tags.

Acegi uses a structure like this when securing components on a page;

<authz:authorize ifAllGranted=”ROLE_SUPERVISOR”>
    Components that are only visible to the users that satisfy the requirements here…
</authz:authorize>

This tag library has the following attributes ifAllGranted, ifAnyGranted and ifNotGranted, what it does is controlling the components within the tag body and does not render if the user’s role does not satisy the requirements.

And another one to display user info;

<authz:authentication operation=”username”/>

Although these tags may work with JSF, we need pure jsf components for acegi in our project (for value binding and etc.) that will play nicely with JSF lifecycle so I’ve implemented “acegi-jsf” custom components. Instead of Acegi’s authz taglib, the name is acegijsf, the tag names and attributes are the same. More will come in the next release(hopefully).

ACEGI-JSF AUTHORIZATION
<acegijsf:authorize ifAllGranted=”ROLE_SUPERVISOR,ROLE_ADMIN”>
     Components that are only visible to the users that satisfy the requirements here…
</acegijsf:authorize>

The attribute names are same both in jsp tag and the jsf component. You just give a role list seperated with a comma(Whitespaces omitted). All of these attributes can be binded to a value using EL.

ifAllGranted = User must be in all of the roles
ifAnyGranted = User must be in any of the roles
ifNotGranted = None of the roles must be granted for the user

This component does not render the secured children components if the user does not satisfy the granting requirements given with the attributes.

ACEGI-JSF AUTHENTICATION
<acegijsf:authentication operation=”username”/>

This component does what the acegi’ authentication tag does and outputs user info.

HOW TO USE
You just need to add the following taglib in order to use the acegi-jsf components in your pages;

You also need to define the “SecurityContextHolderAwareRequestFilter” to your filter chain. (This dependency will be fixed in version 1.2)

<%@taglib uri=”http://sourceforge.net/projects/jsf-comp/acegijsf” prefix=”acegijsf”%>

SECURING STATIC HTML
This component library is designed to secure the jsf components. However controlling static html is also possible using f:verbatim. Html code must be surrounded by an f:verbatim tag. Important thing is “not to add the jsf components to the body of the verbatim tag”. Due to the content-interweaving problem of jsf and jsp, this will cause errors. Good news is that, it is fixed in JSF 1.2.

DOWNLOAD
You can find both of the distribution and the source of the component library at jsf-comp. As I mentioned in my previous entry, it is an alternative sandbox of myfaces. In addition I’ve created an example web application demonstrating the integration of jsf, spring, acegi and usage of the acegi-jsf components.

JSF Chart Creator released in sourceforge jsf-comp

JSF Chart Creator is now released in a sourceforge project called jsf-comp. jsf-comp is a subproject of myfaces designed as a testing ground of myfaces. Due to a license issue my component cannot be included to myfaces for now but as a first step it has joined jsf-comp. Currently both distribution and source files are released, they can be found at the downloads section. Here are the links;

• jsf-comp main site
• jsf-comp downloads section
• chart creator documentation

Also more info about the component and features can be reached here

JSF CHART CREATOR

I have searched for a jsf chart component on web but end up with one or two commercial ones whose prices are around thousands of dollars, so I have created my own component:) JSF Chart Creator is an open-source free JSF component that can display various types of charts in a JSF web application, the chart creation engine is based on famous JFreeChart. In addition the component supports portlets.(from 1.2.0)

Supported Charts

• Pie Charts
• 3D Pie Charts
• Bar Charts
• Stacked Bar Charts
• 3D Bar Charts
• 3D Stacked Bar Charts
• Area Charts
• Stacked Area Charts
• Line Charts
• 3D Line Charts
• Waterfall Charts
• Time Series Charts
• XYLine Charts
• Polar Charts
• Ring Charts
• Scatter Charts
• XYArea Charts
• XYStep Area Chart
• XYStep Charts
• Bubble Charts
• Candle Stick Charts
• Gantt Charts
• Box and Whisker Charts
• High and Low Charts
• Histogram Charts
• Signal Charts
• Wind Charts

Attributes

The component has several attributes for customizing the chart’s properties like type, datasource, colors, dhtml events, image maps, 3d, antialias, styleclass and more. Refer to the documentation for the whole list.

Online Demo

Check out the online example to see the chart creator in action

Here is a portion of the configuration screenshot from the IBM’s WSAD;

Referrers

There are references to the component at jfree.org , jsfTutorials.net and jsfcentral.com.

Some Screenshots

    

Download

• If you are interested to use it in your development, you can download the component free. The current release is version 1.2.0-RC1.
• You must download the current release of the jfreechart in order to use the component.
• There is also an example web application demonstrating the usage and customization of several charts.
• Also here is the documentation of the component at sourceforge.
  
• In addition there is a sticky forum thread at jfree.org’s site.

PropertyAccessException: exception setting property with CGLIB

I haven’t been writing about common hibernate exceptions for a while until yesterday; I got this error

PropertyAccessException: exception setting property with cglib

There are two reasons I’ve observed.

Incompatible types between the hibernate mapping and the model being mapped

For example you have a Set of objects but in the mapping file this relation is mapped as a list. When hibernate tries to set the values in the db to the model, the exception will be thrown because mapping is incompatible. Solution is to make the model and the mapping compatible.

Mapping a primitive type to a nullable column

This one is also a common mistake, the reason is again a compatibility issue, primitives cannot be null and when hibernate observes the value in the mapped column is null then it tries to set a null value to a primitive which is invalid.In order to overcome this error, you can either assign a default value to the primitive value in the code like 0 or change the primitive to a wrapper which means use Integer instead of int.