Эхлэл Бүгдийг харах Тусламж
Бүртгүүлэх Нэвтрэх
github
/
spring-security
-ын хуулбар https://github.com/spring-projects/spring-security
2
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Мод: 19e56f4397
Салаанууд Тагууд
spring-security
/
samples
/
tutorial
/
src
/
main
/
webapp
/
WEB-INF
/
applicationContext-security.xml

applicationContext-security.xml 2.4 KB
Түүх Анхны өгөгдөл

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 
  1. <?xml version="1.0" encoding="UTF-8"?>
    2. 

  2. 

  3. <!--
    4. 

  4.   - Sample namespace-based configuration
    5. 

  5.   -
    6. 

  6.   -->
    7. 

  7. 

  8. <beans:beans xmlns="http://www.springframework.org/schema/security"
    9. 

  9.     xmlns:beans="http://www.springframework.org/schema/beans"
    10. 

  10.     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    11. 

  11.     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    12. 

  12.                         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
    13. 

  13. 

  14.     <debug />
    15. 

  15. 

  16.     <global-method-security pre-post-annotations="enabled" />
    17. 

  17. 

  18.     <http pattern="/loggedout.jsp" security="none"/>
    19. 

  19. 

  20.     <http use-expressions="true">
    21. 

  21.         <intercept-url pattern="/secure/extreme/**" access="hasRole('ROLE_SUPERVISOR')"/>
    22. 

  22.         <intercept-url pattern="/secure/**" access="isAuthenticated()" />
    23. 

  23.         <!--
    24. 

  24.              Allow all other requests. In a real application you should
    25. 

  25.              adopt a whitelisting approach where access is not allowed by default
    26. 

  26.           -->
    27. 

  27.         <intercept-url pattern="/**" access="permitAll" />
    28. 

  28.         <form-login />
    29. 

  29.         <logout logout-success-url="/loggedout.jsp" delete-cookies="JSESSIONID"/>
    30. 

  30.         <remember-me />
    31. 

  31. <!--
    32. 

  32.     Uncomment to enable X509 client authentication support
    33. 

  33.         <x509 />
    34. 

  34. -->
    35. 

  35.         <!-- Uncomment to limit the number of sessions a user can have -->
    36. 

  36.         <session-management invalid-session-url="/timeout.jsp">
    37. 

  37.             <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
    38. 

  38.         </session-management>
    39. 

  39. 

  40.     </http>
    41. 

  41. 

  42.     <!--
    43. 

  43.     Usernames/Passwords are
    44. 

  44.         rod/koala
    45. 

  45.         dianne/emu
    46. 

  46.         scott/wombat
    47. 

  47.         peter/opal
    48. 

  48.     -->
    49. 

  49.     <authentication-manager>
    50. 

  50.         <authentication-provider>
    51. 

  51.             <password-encoder hash="md5"/>
    52. 

  52.             <user-service>
    53. 

  53.                 <user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
    54. 

  54.                 <user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
    55. 

  55.                 <user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
    56. 

  56.                 <user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
    57. 

  57.             </user-service>
    58. 

  58.         </authentication-provider>
    59. 

  59.     </authentication-manager>
    60. 

  60. 

  61. </beans:beans>
    62.