Description
Summary
Since issue #6141 has been merged, the ACL module supports non-Long ObjectIdentity. @jzheaux has mentioned creating specific issues for documentation updates. I love Spring Security and have been a follower since the beta days of Acegi in 2006. I'm very proud to be a user and would greatly appreciate being able to contribute to the longevity of this wonderful project.
Actual Behavior
In the documentation, Section 11.6.3 Getting Started states:
Many parts of the ACL module rely on long identifiers. If you’re not using long (or an int, byte etc), there is a very good chance you’ll need to reimplement a number of classes. We do not intend to support non-long identifiers in Spring Security’s ACL module, as longs are already compatible with all database sequences, the most common identifier data type, and are of sufficient length to accommodate all common usage scenarios.
This statement is false. The ACL module fully supports UUID and String.
Expected Behavior
This statement should be removed. Updated schema DDL and instructions for using non-Long identifiers should be included.
Configuration
DDL updates
CREATE TABLE IF NOT EXISTS acl_class (
id BIGINT NOT NULL AUTO_INCREMENT,
class varchar(255) NOT NULL,
class_id_type varchar(255),
PRIMARY KEY (id),
UNIQUE KEY unique_uk_2 (class)
);
CREATE TABLE IF NOT EXISTS acl_object_identity (
id BIGINT NOT NULL AUTO_INCREMENT,
object_id_class BIGINT NOT NULL,
object_id_identity varchar(255) NOT NULL,
parent_object BIGINT DEFAULT NULL,
owner_sid BIGINT DEFAULT NULL,
entries_inheriting tinyint(1) NOT NULL,
PRIMARY KEY (id),
UNIQUE KEY unique_uk_3 (object_id_class,object_id_identity)
);
Settings in ACL configuration
jdbcMutableAclService.setAclClassIdSupported(true);
lookupStrategy.setAclClassIdSupported(true);
Version
5.2.2