github
/
spring-security
şunun yansıması https://github.com/spring-projects/spring-security


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768
							<?xml version="1.0" encoding="UTF-8"?>

<!--
  - Sample namespace-based configuration
  -
  - $Id$
  -->

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">

	<annotation-driven/>

    <http>
        <intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
        <intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_REMEMBERED" />
		<!-- Disable web URI authorization, as we're using <annotation-driven> and have @Secured the services layer instead
        <intercept-url pattern="/listAccounts.html" access="IS_AUTHENTICATED_REMEMBERED" />
        <intercept-url pattern="/post.html" access="ROLE_TELLER" />
        -->
        <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<!--
    Uncomment to enable X509 client authentication support -->
        <x509 />

        <!-- All of this is unnecessary if auto-config="true" -->
        <form-login />
        <anonymous />
        <http-basic />
        <logout />
        <remember-me />

        <concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true"/>

    </http>
<!--
    Uncomment to add X509 support as an external filter definition (an alternative to the <x509 /> element).

    <beans:bean id="x509Filter" class="org.springframework.security.ui.preauth.x509.X509PreAuthenticatedProcessingFilter" autowire="byType">
        <custom-filter after="X509_FILTER"/>
    </beans:bean>

    <beans:bean id="preauthProvider" class="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider" >
        <custom-authentication-provider />
        <beans:property name="preAuthenticatedUserDetailsService">
            <beans:bean class="org.springframework.security.providers.preauth.UserDetailsByNameServiceWrapper" autowire="byType"/>
        </beans:property>
    </beans:bean>
-->
    <!--
    Usernames/Passwords are
        rod/koala
        dianne/emu
        scott/wombat
    -->
    <authentication-provider>
        <password-encoder hash="md5"/>
        <user-service>
            <user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
	        <user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
            <user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
	    </user-service>
	</authentication-provider>

</beans:beans>