khs-sherpa-spring
Integrates the khsSherpa RESTful JSON API framework with Spring and Spring Authentication.
Link to khsSherpa project here...[https://github.com/in-the-keyhole/khs-sherpa]
Getting Started
Validated with SPRING version 3.1.3-RELEASE
Using Maven: add this dependency in your 'pom.xml' (available in Maven central repo).
<dependency>
<groupId>com.keyholesoftware</groupId>
<artifactId>khs-sherpa-spring</artifactId>
<version>1.3.0</version>
</dependency>
To build it, clone then install in local maven repo:
$ git clone ...
$ cd khs-sherpa-spring
$ mvn install
Add the following entry to sherpa.properties
:
application.context=com.khs.sherpa.spring.SpringApplicationContext
Add following to your web.xml
after Sherpa's listener, but before your application listener:
<listener>
<listener-class>com.khs.sherpa.spring.SpringApplicationContext</listener-class>
</listener>
Your ready to start wiring things up with Spring and Sherpa
NOTE: Versions of Sherpa prior to v.1.3.0 do not require defining
application.context
orthe SpringApplicationContext
listener to be defined
@Autowire Dependencies
Allows Sherpa @Endpoints to @Autowire Spring beans
@Endpoint
public class UserEndpoint {
@Autowired
private UserInfoService userInfoService;
@Action(mapping = "/service/users", method = MethodRequest.GET)
public Collection<UserInfo> getUsers() {
return userInfoService.getAll();
}
}
Authenticate End points with Spring Security
Add the spring application context entries shown below to the application context XML( this configures authentication against LDAP).
<bean class="com.khs.sherpa.spring.SpringAuthentication"/>
<security:ldap-server id="contextSource"
url="ldap://<host>:<port>/dc=keyholesoftware,dc=com"
manager-dn="cn=KeyholeRootUser,cn=Root DNs,cn=config"
manager-password="<password>" />
<bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
<constructor-arg ref="contextSource" />
</bean>
<security:authentication-manager alias="authManager">
<security:ldap-authentication-provider
user-dn-pattern="uid={0},ou=Users"
user-details-class="inetOrgPerson"
group-search-filter="member={0}"
group-search-base="ou=Groups"
role-prefix="none"/>
</security:authentication-manager>
Turn on endpoint authentication by adding the following entry to the sherpa.properties file
#turn on endpoint authentication
endpoint.authentication=true
Get authenticated token from Sherpa with URL below.
token = /sherpa?action=authenticate&userid=""&password=""
Invoke end point URL using jquery, notice auth token and userid being set in request header.
$.ajax({
url:sherpa/service/users,
type:"GET",
beforeSend: function (request)
{ // add secure token an userid to request header
var token = $("#token").val();
var userid = $("#userid").val();
request.setRequestHeader("token", token);
request.setRequestHeader("userid", userid);
},
success: function(data) {
$("#results").val(FormatJSON(data, ""));
},
error: function(jaXhr,status,errorThrown ) {
$("#results").val("Error executing ");
}
});