| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128 |
- <?xml version="1.0" encoding="UTF-8"?>
- <!--
- - Sample namespace-based configuration
- -
- - $Id: applicationContext-security-ns.xml 2923 2008-04-12 17:17:46Z luke_t $
- -->
- <b:beans xmlns="http://www.springframework.org/schema/security"
- xmlns:b="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:aop="http://www.springframework.org/schema/aop"
- xmlns:context="http://www.springframework.org/schema/context"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
- http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
- <!--b:import resource="appContext-misc.xml"/-->
- <context:component-scan base-package='sample'/>
- <global-method-security secured-annotations="enabled" access-decision-manager-ref="methodAccessMgr">
- <protect-pointcut expression="execution(* sample.service.UserService+.*(..))"
- access="ROLE_LOGGEDIN" />
- </global-method-security>
- <aop:aspectj-autoproxy/>
- <b:bean id="methodAccessMgr" class="org.springframework.security.access.vote.AffirmativeBased">
- <b:property name="decisionVoters">
- <b:list>
- <b:bean class="sample.TestVoter"/>
- </b:list>
- </b:property>
- </b:bean>
- <http>
- <intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
- <intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_REMEMBERED" />
- <intercept-url pattern="/testMulti.htm*" access="IS_AUTHENTICATED_FULLY" />
- <!-- Disable web URI authorization, as we're using <global-method-security> and have @Secured the services layer instead
- <intercept-url pattern="/listAccounts.html" access="IS_AUTHENTICATED_REMEMBERED" />
- <intercept-url pattern="/post.html" access="ROLE_TELLER" />
- -->
- <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
- <!--
- Uncomment to enable X509 client authentication support
- <x509 user-service-ref="daoUserService"/>
- -->
- <form-login default-target-url="/secure/index.jsp" login-page="/login.jsp" authentication-failure-url="/login.jsp?login-error=1" always-use-default-target="false"/>
- <!-- http-basic / -->
- <logout />
- <remember-me key='doesntmatter' token-repository-ref='tokenRepo' user-service-ref='daoUserService'/>
- <!-- <remember-me user-service-ref="daoUserService"/> -->
- <!-- Uncomment to limit the number of sessions a user can have -->
- <session-management>
- <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" session-registry-ref='sessionRegistry'/>
- </session-management>
-
- <!-- custom-filter position="AUTHENTICATION_PROCESSING_FILTER" ref="customAuthFilter" / -->
- </http>
- <b:bean id='tokenRepo' class='org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl'/>
- <!-- Traditional Session Control Beans -->
- <!--
- <b:bean id='sessionControlFilter' class="org.springframework.security.concurrent.ConcurrentSessionFilter">
- <custom-filter position="CONCURRENT_SESSION_FILTER"/>
- <b:property name="sessionRegistry" ref='sessionRegistry'/>
- </b:bean>
- -->
- <b:bean id='sessionRegistry' class="org.springframework.security.core.session.SessionRegistryImpl"/>
- <!--
- <b:bean id="customAuthFilter" class="heavyduty.security.ui.HeavyDutyAuthenticationProcessingFilter">
- <b:property name="defaultTargetUrl" value="/"/>
- <b:property name="authenticationManager" ref="authenticationManager"/>
- </b:bean>
- <b:bean id="customEntryPoint" class="heavyduty.security.ui.HeavyDutyEntryPoint">
- <b:property name="loginFormUrl" value="/login.jsp"/>
- </b:bean>
- -->
- <!--
- <b:bean id="loginPageGenerator" class="org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter">
- <custom-filter after="AUTHENTICATION_PROCESSING_FILTER"/>
- <b:constructor-arg ref="customAuthFilter"/>
- </b:bean>
- -->
- <authentication-manager alias="authenticationManager" >
- <authentication-provider user-service-ref="daoUserService">
- <password-encoder hash="md5" />
- </authentication-provider>
-
- <authentication-provider>
- <password-encoder hash="md5"/>
- <user-service>
- <user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
- <user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
- <user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
- <user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
- </user-service>
- </authentication-provider>
- </authentication-manager>
- <ldap-server id="ldapServer"/>
- <!-- b:bean id="mbeanServer" class="org.springframework.jmx.support.MBeanServerFactoryBean"/ -->
- <b:bean id="exporter" class="org.springframework.jmx.export.MBeanExporter">
- <b:property name="beans">
- <b:map>
- <b:entry key="bean:name=ldapContextSource" value-ref="ldapServer"/>
- </b:map>
- </b:property>
- <b:property name="assembler">
- <b:bean class="org.springframework.jmx.export.assembler.MethodNameBasedMBeanInfoAssembler">
- <b:property name="managedMethods" value="setPassword,setUserDn,getUrls,setUrl,setUrls,setPooled,isPooled,setBase,getBaseLdapPathAsString"/>
- </b:bean>
- </b:property>
- <!-- b:property name="server" ref="mbeanServer"/-->
- </b:bean>
- </b:beans>
|
