|
|
@@ -1,154 +0,0 @@
|
|
|
-<?xml version="1.0" encoding="UTF-8"?>
|
|
|
-
|
|
|
-<beans xmlns="http://www.springframework.org/schema/beans"
|
|
|
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
|
- xmlns:security="http://www.springframework.org/schema/security"
|
|
|
- xmlns:util="http://www.springframework.org/schema/util"
|
|
|
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
|
- http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
|
- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd">
|
|
|
-
|
|
|
- <!--
|
|
|
- - A simple "base bones" Acegi Security configuration.
|
|
|
- -
|
|
|
- - The sample includes the "popular" features that people tend to use.
|
|
|
- - Specifically, form authentication, remember-me, and anonymous processing.
|
|
|
- - Other features aren't setup, as these can be added later by inserting
|
|
|
- - the relevant XML fragments as specified in the Reference Guide.
|
|
|
- -
|
|
|
- - To assist new users, the filters specified in the FilterChainProxy are
|
|
|
- - declared in the application context in the same order. Collaborators
|
|
|
- - required by those filters are placed at the end of the file.
|
|
|
- -
|
|
|
- - $Id: applicationContext-acegi-security.xml 1513 2006-05-29 13:32:12Z benalex $
|
|
|
- -->
|
|
|
-
|
|
|
- <bean id="filterChainProxy"
|
|
|
- class="org.acegisecurity.util.FilterChainProxy">
|
|
|
- <property name="filterInvocationDefinitionSource">
|
|
|
- <value>
|
|
|
- CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
|
|
|
- PATTERN_TYPE_APACHE_ANT
|
|
|
- /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
|
|
|
- </value>
|
|
|
- </property>
|
|
|
- </bean>
|
|
|
-
|
|
|
- <!-- sessionCreation defaults to ifRequired(true) always(true) never(false) . -->
|
|
|
- <security:session-context-integration
|
|
|
- id="httpSessionContextIntegrationFilter" sessionCreation="ifRequired" />
|
|
|
-
|
|
|
-
|
|
|
- <!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) -->
|
|
|
- <!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown -->
|
|
|
- <security:logout-support id="logoutFilter"
|
|
|
- redirectAfterLogoutUrl="/index.jsp" />
|
|
|
-
|
|
|
- <security:authentication-remember-me-services
|
|
|
- id="rememberMeServices" key="someValue" />
|
|
|
-
|
|
|
-
|
|
|
- <bean id="SecurityContextLogoutHandler"
|
|
|
- class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" />
|
|
|
-
|
|
|
- <!-- the URLs are all mandatory and have no defaults (well, except authenticationUrl) -->
|
|
|
- <security:authentication-form id="authenticationProcessinFilter"
|
|
|
- authenticationUrl="/j_acegi_security_check" defaultTargetUrl="/"
|
|
|
- errorFormUrl="/acegilogin.jsp?login_error=1" />
|
|
|
-
|
|
|
- <!-- make it optional, if not supplied autodetect all auth-providers from app ctx, using Ordered to resolve their order -->
|
|
|
- <security:authentication-mechanism id="authenticationManager" />
|
|
|
-
|
|
|
- <!-- dao authentication provider "authenticationRepository" -->
|
|
|
- <security:authentication-repository id="daoAuthenticationProvider" repositoryBeanRef="userDetailsService"/>
|
|
|
-
|
|
|
- <bean id="securityContextHolderAwareRequestFilter"
|
|
|
- class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" />
|
|
|
-
|
|
|
- <!-- makes the filter, but does little else, as it auto-detects everything -->
|
|
|
- <security:authentication-remember-me-filter id="rememberMeFilter" />
|
|
|
-
|
|
|
- <bean id="anonymousProcessingFilter"
|
|
|
- class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
|
|
|
- <property name="key" value="changeThis" />
|
|
|
- <property name="userAttribute"
|
|
|
- value="anonymousUser,ROLE_ANONYMOUS" />
|
|
|
- </bean>
|
|
|
-
|
|
|
- <!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it;
|
|
|
- alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for
|
|
|
- other props; i do not mind if you move the access denied stuff to a sub-element -->
|
|
|
- <security:exception-translation id="exceptionTranslationFilter">
|
|
|
- <security:entry-point
|
|
|
- entryPointBeanRef="authenticationEntryPoint" />
|
|
|
- </security:exception-translation>
|
|
|
-
|
|
|
-
|
|
|
- <!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
|
|
|
-
|
|
|
- <security:principal-repository id="userDetailsService">
|
|
|
- <security:properties resource="/WEB-INF/users.properties" />
|
|
|
- </security:principal-repository>
|
|
|
-
|
|
|
-
|
|
|
- <bean id="authenticationEntryPoint"
|
|
|
- class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
|
|
|
- <property name="loginFormUrl" value="/acegilogin.jsp" />
|
|
|
- <property name="forceHttps" value="false" />
|
|
|
- </bean>
|
|
|
-
|
|
|
-
|
|
|
- <bean id="accessDeniedHandler"
|
|
|
- class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
|
|
|
- <property name="errorPage" value="/accessDenied.jsp" />
|
|
|
- </bean>
|
|
|
-
|
|
|
-
|
|
|
- <bean id="filterInvocationInterceptor"
|
|
|
- class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
|
|
|
- <property name="authenticationManager"
|
|
|
- ref="authenticationManager" />
|
|
|
- <property name="accessDecisionManager">
|
|
|
- <bean class="org.acegisecurity.vote.AffirmativeBased">
|
|
|
- <property name="allowIfAllAbstainDecisions"
|
|
|
- value="false" />
|
|
|
- <property name="decisionVoters">
|
|
|
- <list>
|
|
|
- <bean class="org.acegisecurity.vote.RoleVoter" />
|
|
|
- <bean
|
|
|
- class="org.acegisecurity.vote.AuthenticatedVoter" />
|
|
|
- </list>
|
|
|
- </property>
|
|
|
- </bean>
|
|
|
- </property>
|
|
|
- <property name="objectDefinitionSource">
|
|
|
- <value>
|
|
|
- CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
|
|
|
- PATTERN_TYPE_APACHE_ANT
|
|
|
- /secure/extreme/**=ROLE_SUPERVISOR
|
|
|
- /secure/**=IS_AUTHENTICATED_REMEMBERED
|
|
|
- /**=IS_AUTHENTICATED_ANONYMOUSLY
|
|
|
- </value>
|
|
|
- </property>
|
|
|
- </bean>
|
|
|
-
|
|
|
- <bean id="userCache"
|
|
|
- class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
|
|
|
- <property name="cache">
|
|
|
- <bean
|
|
|
- class="org.springframework.cache.ehcache.EhCacheFactoryBean">
|
|
|
- <property name="cacheManager">
|
|
|
- <bean
|
|
|
- class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
|
|
|
- </property>
|
|
|
- <property name="cacheName" value="userCache" />
|
|
|
- </bean>
|
|
|
- </property>
|
|
|
- </bean>
|
|
|
-
|
|
|
-
|
|
|
- <!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
|
|
|
- <bean id="loggerListener"
|
|
|
- class="org.acegisecurity.event.authentication.LoggerListener" />
|
|
|
-
|
|
|
-</beans>
|
Vishal Puri