Removing the Security Module

Table of Contents

1. POM
2. Configuration
3. Web.xml application descriptor
4. Java code
5. Security configuration files

These steps are required to remove the security module from a project.

You must also remove any other module that depends on the security module such as the Collaboration module.

1. POM

Remove the security module dependency (and any other module that requires security) from pom.xml:

<dependency>
    <groupId>twigkit</groupId>
    <artifactId>twigkit.security.provider.spring-security</artifactId>
    <version>${project.parent.version}</version>
</dependency>

2. Configuration

Replace the security module specified in conf/resources/security/security.conf with type: generic

3. Web.xml application descriptor

You must remove any reference to the Spring security filters and listeners from your web.xml application descriptor. For example:

<!-- Spring Security -->
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>classpath:spring-security.xml</param-value>
</context-param>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

If you are using any classes from the security Module in Java code, remove references to these. For example, if the SecurityModule is installed in a custom module, you would remove these references:

import twigkit.security.springsecurity.SpringSecurityModule;

install(new SpringSecurityModule());

5. Security configuration files

Optionally, remove the spring-security.xml configuration file.