17 жил өмнө · 42cd91e259
--- a/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
@@ -16,14 +16,15 @@
 
				 
			
 
				 
			
 
				     <http auto-config="true" realm="Contacts Realm">
			
 
				-        <intercept-url pattern="/index.jsp" access="ROLE_ANONYMOUS,ROLE_USER"/>
			
 
				-        <intercept-url pattern="/hello.htm" access="ROLE_ANONYMOUS,ROLE_USER"/>
			
 
				+        <intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
			
 
				+        <intercept-url pattern="/index.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
			
 
				+        <intercept-url pattern="/hello.htm" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
			
 
				+        <intercept-url pattern="/login.jsp*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>        
			
 
				         <intercept-url pattern="/switchuser.jsp" access="ROLE_SUPERVISOR"/>
			
 
				         <intercept-url pattern="/j_spring_security_switch_user" access="ROLE_SUPERVISOR"/>
			
 
				-        <intercept-url pattern="/acegilogin.jsp*" access="ROLE_ANONYMOUS,ROLE_USER"/>
			
 
				         <intercept-url pattern="/**" access="ROLE_USER"/>
			
 
				 
			
 
				-        <form-login login-page="/acegilogin.jsp" authentication-failure-url="/acegilogin.jsp?login_error=1"/>
			
 
				+        <form-login login-page="/login.jsp" authentication-failure-url="/acegilogin.jsp?login_error=1"/>
			
 
				         <logout logout-success-url="/index.jsp"/>
			
 
				     </http>
			
 
				 
			
@@ -39,7 +40,7 @@
 
				         based on the role granted the ability to 'switch' to another user -->
			
 
				    <!-- In this example 'rod' has ROLE_SUPERVISOR that can switch to regular ROLE_USER(s) -->
			
 
				    <b:bean id="switchUserProcessingFilter" class="org.springframework.security.ui.switchuser.SwitchUserProcessingFilter" autowire="byType">
			
 
				-       <custom-filter after="SWITCH_USER_FILTER"/>       
			
 
				+       <custom-filter position="SWITCH_USER_FILTER"/>       
			
 
				        <b:property name="targetUrl" value="/secure/index.htm"/>
			
 
				    </b:bean>
			
 
				 
			
--- a/samples/contacts/src/main/webapp/WEB-INF/web.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/web.xml
@@ -19,25 +19,12 @@
 
				 	<context-param>
			
 
				 		<param-name>contextConfigLocation</param-name>
			
 
				 		<param-value>
			
 
				-			/WEB-INF/applicationContext-acegi-security.xml
			
 
				+			/WEB-INF/applicationContext-security.xml
			
 
				 			classpath:applicationContext-common-business.xml
			
 
				 			classpath:applicationContext-common-authorization.xml
			
 
				 		</param-value>
			
 
				 	</context-param>
			
 
				 
			
 
				-
			
 
				-	<!--
			
 
				-	     Required for CAS ProxyTicketReceptor servlet. This is the
			
 
				-	     URL to CAS' "proxy" actuator, where a PGT and TargetService can
			
 
				-	     be presented to obtain a new proxy ticket. THIS CAN BE
			
 
				-	     REMOVED IF THE APPLICATION DOESN'T NEED TO ACT AS A PROXY
			
 
				-	  -->
			
 
				-
			
 
				-    <context-param>
			
 
				-        <param-name>edu.yale.its.tp.cas.proxyUrl</param-name>
			
 
				-        <param-value>http://localhost:8433/cas/proxy</param-value>
			
 
				-    </context-param>
			
 
				-
			
 
				    <!-- Nothing below here needs to be modified -->
			
 
				 
			
 
				 	<context-param>
			
--- a/samples/contacts/src/main/webapp/acegilogin.jsp
+++ b/samples/contacts/src/main/webapp/acegilogin.jsp