|
|
@@ -6,120 +6,120 @@
|
|
|
- $Id: applicationContext-security-ns.xml 2396 2007-12-23 16:36:44Z luke_t $
|
|
|
-->
|
|
|
|
|
|
-<b:beans xmlns="http://www.springframework.org/schema/security"
|
|
|
- xmlns:b="http://www.springframework.org/schema/beans"
|
|
|
+<beans xmlns="http://www.springframework.org/schema/beans"
|
|
|
+ xmlns:sec="http://www.springframework.org/schema/security"
|
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
|
|
|
|
|
|
|
- <b:bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
|
|
|
- <filter-chain-map path-type="ant">
|
|
|
- <filter-chain pattern="/**" filters="sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>
|
|
|
- </filter-chain-map>
|
|
|
- </b:bean>
|
|
|
+ <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
|
|
|
+ <sec:filter-chain-map path-type="ant">
|
|
|
+ <sec:filter-chain pattern="/**" filters="sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>
|
|
|
+ </sec:filter-chain-map>
|
|
|
+ </bean>
|
|
|
|
|
|
|
|
|
- <b:bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
|
|
|
- <b:property name="providers">
|
|
|
- <b:list>
|
|
|
- <b:ref local="preAuthenticatedAuthenticationProvider"/>
|
|
|
- </b:list>
|
|
|
- </b:property>
|
|
|
- </b:bean>
|
|
|
+ <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
|
|
|
+ <property name="providers">
|
|
|
+ <list>
|
|
|
+ <ref local="preAuthenticatedAuthenticationProvider"/>
|
|
|
+ </list>
|
|
|
+ </property>
|
|
|
+ </bean>
|
|
|
|
|
|
- <b:bean id="sif" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>
|
|
|
+ <bean id="sif" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>
|
|
|
|
|
|
- <b:bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider">
|
|
|
- <b:property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService"/>
|
|
|
- </b:bean>
|
|
|
+ <bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider">
|
|
|
+ <property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService"/>
|
|
|
+ </bean>
|
|
|
|
|
|
- <b:bean id="preAuthenticatedUserDetailsService"
|
|
|
+ <bean id="preAuthenticatedUserDetailsService"
|
|
|
class="org.springframework.security.providers.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService"/>
|
|
|
|
|
|
- <b:bean id="j2eePreAuthFilter" class="org.springframework.security.ui.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">
|
|
|
- <b:property name="authenticationManager" ref="authenticationManager"/>
|
|
|
- <b:property name="authenticationDetailsSource" ref="authenticationDetailsSource"/>
|
|
|
- </b:bean>
|
|
|
+ <bean id="j2eePreAuthFilter" class="org.springframework.security.ui.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">
|
|
|
+ <property name="authenticationManager" ref="authenticationManager"/>
|
|
|
+ <property name="authenticationDetailsSource" ref="authenticationDetailsSource"/>
|
|
|
+ </bean>
|
|
|
|
|
|
- <b:bean id="preAuthenticatedProcessingFilterEntryPoint"
|
|
|
+ <bean id="preAuthenticatedProcessingFilterEntryPoint"
|
|
|
class="org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint"/>
|
|
|
|
|
|
|
|
|
- <b:bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
|
|
|
- <b:constructor-arg value="/"/>
|
|
|
- <b:constructor-arg>
|
|
|
- <b:list>
|
|
|
- <b:bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
|
|
|
- </b:list>
|
|
|
- </b:constructor-arg>
|
|
|
- </b:bean>
|
|
|
+ <bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
|
|
|
+ <constructor-arg value="/"/>
|
|
|
+ <constructor-arg>
|
|
|
+ <list>
|
|
|
+ <bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
|
|
|
+ </list>
|
|
|
+ </constructor-arg>
|
|
|
+ </bean>
|
|
|
|
|
|
- <b:bean id="authenticationDetailsSource" class="org.springframework.security.ui.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource">
|
|
|
- <b:property name="j2eeMappableRolesRetriever">
|
|
|
- <b:ref local="j2eeMappableRolesRetriever"/>
|
|
|
- </b:property>
|
|
|
+ <bean id="authenticationDetailsSource" class="org.springframework.security.ui.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource">
|
|
|
+ <property name="j2eeMappableRolesRetriever">
|
|
|
+ <ref local="j2eeMappableRolesRetriever"/>
|
|
|
+ </property>
|
|
|
|
|
|
- <b:property name="j2eeUserRoles2GrantedAuthoritiesMapper">
|
|
|
- <b:ref local="j2eeUserRoles2GrantedAuthoritiesMapper"/>
|
|
|
- </b:property>
|
|
|
- </b:bean>
|
|
|
+ <property name="j2eeUserRoles2GrantedAuthoritiesMapper">
|
|
|
+ <ref local="j2eeUserRoles2GrantedAuthoritiesMapper"/>
|
|
|
+ </property>
|
|
|
+ </bean>
|
|
|
|
|
|
- <b:bean id="j2eeUserRoles2GrantedAuthoritiesMapper" class="org.springframework.security.rolemapping.SimpleRoles2GrantedAuthoritiesMapper">
|
|
|
- <b:property name="convertRoleToUpperCase" value="true"/>
|
|
|
- </b:bean>
|
|
|
+ <bean id="j2eeUserRoles2GrantedAuthoritiesMapper" class="org.springframework.security.rolemapping.SimpleRoles2GrantedAuthoritiesMapper">
|
|
|
+ <property name="convertRoleToUpperCase" value="true"/>
|
|
|
+ </bean>
|
|
|
|
|
|
- <b:bean id="j2eeMappableRolesRetriever" class="org.springframework.security.ui.preauth.j2ee.WebXmlMappableRolesRetriever">
|
|
|
+ <bean id="j2eeMappableRolesRetriever" class="org.springframework.security.ui.preauth.j2ee.WebXmlMappableRolesRetriever">
|
|
|
|
|
|
- <b:property name="webXmlInputStream"><b:bean factory-bean="webXmlResource" factory-method="getInputStream"/>
|
|
|
- </b:property>
|
|
|
- </b:bean>
|
|
|
+ <property name="webXmlInputStream"><bean factory-bean="webXmlResource" factory-method="getInputStream"/>
|
|
|
+ </property>
|
|
|
+ </bean>
|
|
|
|
|
|
- <b:bean id="webXmlResource" class="org.springframework.web.context.support.ServletContextResource">
|
|
|
- <b:constructor-arg ref="servletContext"/>
|
|
|
- <b:constructor-arg value="/WEB-INF/web.xml"/>
|
|
|
- </b:bean>
|
|
|
+ <bean id="webXmlResource" class="org.springframework.web.context.support.ServletContextResource">
|
|
|
+ <constructor-arg ref="servletContext"/>
|
|
|
+ <constructor-arg value="/WEB-INF/web.xml"/>
|
|
|
+ </bean>
|
|
|
|
|
|
- <b:bean id="servletContext" class="org.springframework.web.context.support.ServletContextFactoryBean"/>
|
|
|
+ <bean id="servletContext" class="org.springframework.web.context.support.ServletContextFactoryBean"/>
|
|
|
|
|
|
- <b:bean id="etf" class="org.springframework.security.ui.ExceptionTranslationFilter">
|
|
|
- <b:property name="authenticationEntryPoint">
|
|
|
- <b:ref local="preAuthenticatedProcessingFilterEntryPoint"/>
|
|
|
- </b:property>
|
|
|
- </b:bean>
|
|
|
+ <bean id="etf" class="org.springframework.security.ui.ExceptionTranslationFilter">
|
|
|
+ <property name="authenticationEntryPoint">
|
|
|
+ <ref local="preAuthenticatedProcessingFilterEntryPoint"/>
|
|
|
+ </property>
|
|
|
+ </bean>
|
|
|
|
|
|
- <b:bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
|
|
|
+ <bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
|
|
|
|
|
|
- <b:property name="allowIfAllAbstainDecisions" value="false"/>
|
|
|
- <b:property name="decisionVoters">
|
|
|
- <b:list>
|
|
|
- <b:ref bean="roleVoter"/>
|
|
|
- </b:list>
|
|
|
- </b:property>
|
|
|
- </b:bean>
|
|
|
+ <property name="allowIfAllAbstainDecisions" value="false"/>
|
|
|
+ <property name="decisionVoters">
|
|
|
+ <list>
|
|
|
+ <ref bean="roleVoter"/>
|
|
|
+ </list>
|
|
|
+ </property>
|
|
|
+ </bean>
|
|
|
|
|
|
|
|
|
- <b:bean id="fsi" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
|
|
|
- <b:property name="authenticationManager" ref="authenticationManager"/>
|
|
|
- <b:property name="accessDecisionManager">
|
|
|
- <b:ref local="httpRequestAccessDecisionManager"/>
|
|
|
- </b:property>
|
|
|
+ <bean id="fsi" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
|
|
|
+ <property name="authenticationManager" ref="authenticationManager"/>
|
|
|
+ <property name="accessDecisionManager">
|
|
|
+ <ref local="httpRequestAccessDecisionManager"/>
|
|
|
+ </property>
|
|
|
|
|
|
- <b:property name="objectDefinitionSource">
|
|
|
- <b:value>
|
|
|
+ <property name="objectDefinitionSource">
|
|
|
+ <value>
|
|
|
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
|
|
|
PATTERN_TYPE_APACHE_ANT
|
|
|
/secure/extreme/**=ROLE_SUPERVISOR
|
|
|
/secure/**=ROLE_USER
|
|
|
/**=ROLE_USER
|
|
|
- </b:value>
|
|
|
- </b:property>
|
|
|
- </b:bean>
|
|
|
+ </value>
|
|
|
+ </property>
|
|
|
+ </bean>
|
|
|
|
|
|
- <b:bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"/>
|
|
|
+ <bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"/>
|
|
|
|
|
|
- <b:bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter">
|
|
|
- <b:property name="wrapperClass" value="org.springframework.security.wrapper.SecurityContextHolderAwareRequestWrapper"/>
|
|
|
- </b:bean>
|
|
|
+ <bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter">
|
|
|
+ <property name="wrapperClass" value="org.springframework.security.wrapper.SecurityContextHolderAwareRequestWrapper"/>
|
|
|
+ </bean>
|
|
|
|
|
|
-</b:beans>
|
|
|
+</beans>
|
Luke Taylor