github
/
spring-security
mirror of https://github.com/spring-projects/spring-security


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176
							<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">

<!--
  - Application context definition for "contacts" DispatcherServlet.
  - $Id$
  -->

<beans>

	<!-- ========================== WEB DEFINITIONS ======================= -->

    <bean id="publicIndexController" class="sample.contact.PublicIndexController">
    	<property name="contactManager"><ref bean="contactManager"/></property>
 	</bean>

    <bean id="secureIndexController" class="sample.contact.SecureIndexController">
    	<property name="contactManager"><ref bean="contactManager"/></property>
 	</bean>

    <bean id="secureDeleteController" class="sample.contact.DeleteController">
    	<property name="contactManager"><ref bean="contactManager"/></property>
 	</bean>

    <bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
        <property name="mappings">
            <props>
                <prop key="/hello.htm">publicIndexController</prop>
                <prop key="/secure/add.htm">secureAddForm</prop>
                <prop key="/secure/index.htm">secureIndexController</prop>
                <prop key="/secure/del.htm">secureDeleteController</prop>
			</props>
        </property>
    </bean>

    <bean id="addValidator" class="sample.contact.WebContactValidator"/>
    <bean id="secureAddForm" class="sample.contact.WebContactAddController">
        <property name="sessionForm"><value>true</value></property>
        <property name="commandName"><value>webContact</value></property>
        <property name="commandClass"><value>sample.contact.WebContact</value></property>
        <property name="validator"><ref bean="addValidator"/></property>
        <property name="formView"><value>add</value></property>
        <property name="successView"><value>index.htm</value></property>
        <property name="contactManager">
            <ref bean="contactManager"/>
        </property>
    </bean>

	<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
		<property name="prefix"><value>/WEB-INF/jsp/</value></property>
		<property name="suffix"><value>.jsp</value></property>
	</bean>

	<!-- =================== SECURITY SYSTEM DEFINITIONS ================== -->
	
	<!-- RunAsManager -->
	<bean id="runAsManager" class="net.sf.acegisecurity.runas.RunAsManagerImpl">
     	<property name="key"><value>my_run_as_password</value></property>
 	</bean>

	<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHENTICATION DEFINITIONS ~~~~~~~~~~~~~~~~~~ -->
	
	<bean id="runAsAuthenticationProvider" class="net.sf.acegisecurity.runas.RunAsImplAuthenticationProvider">
     	<property name="key"><value>my_run_as_password</value></property>
 	</bean>

	<bean id="authByAdapterProvider" class="net.sf.acegisecurity.adapters.AuthByAdapterProvider">
  		<property name="key"><value>my_password</value></property>
 	</bean>

	<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
		<property name="providers">
		  <list>
		    <ref bean="runAsAuthenticationProvider"/>
		    <ref bean="authByAdapterProvider"/>
		    <ref bean="daoAuthenticationProvider"/>
		  </list>
		</property>
	</bean>

	<bean id="inMemoryDaoImpl" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
  		<property name="userMap">
			<value>
				marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
				dianne=emu,ROLE_TELLER
				scott=wombat,ROLE_TELLER
				peter=opal,disabled,ROLE_TELLER
			</value>
		</property>
	</bean>
	
	<bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
     	<property name="authenticationDao"><ref bean="inMemoryDaoImpl"/></property>
 		<property name="ignorePasswordCase"><value>false</value></property>
 		<property name="ignoreUsernameCase"><value>true</value></property>
	</bean>

	<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~~~~ -->

	<!-- An access decision voter that reads ROLE_* configuaration settings -->
	<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>

	<!-- An access decision voter that reads CONTACT_OWNED_BY_CURRENT_USER configuaration settings -->
	<bean id="contactSecurityVoter" class="sample.contact.ContactSecurityVoter"/>

	<!-- An affirmative access decision manager -->
	<bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
   		<property name="allowIfAllAbstainDecisions"><value>false</value></property>
		<property name="decisionVoters">
		  <list>
		    <ref bean="roleVoter"/>
		    <ref bean="contactSecurityVoter"/>
		  </list>
		</property>
	</bean>

	<!-- ===================== SECURITY DEFINITIONS ======================= -->
	
	<bean id="publicContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
    	<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
    	<property name="runAsManager"><ref bean="runAsManager"/></property>
 		<property name="objectDefinitionSource">
			<value>
				sample.contact.ContactManager.delete=ROLE_SUPERVISOR,RUN_AS_SERVER
				sample.contact.ContactManager.getAllByOwner=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
				sample.contact.ContactManager.save=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
				sample.contact.ContactManager.getById=ROLE_TELLER,RUN_AS_SERVER
			</value>
		</property>
	</bean>

	<!-- We expect all callers of the backend object to hold the role ROLE_RUN_AS_SERVER -->
	<bean id="backendContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
    	<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
    	<property name="runAsManager"><ref bean="runAsManager"/></property>
 		<property name="objectDefinitionSource">
			<value>
				sample.contact.ContactManager.delete=ROLE_RUN_AS_SERVER
				sample.contact.ContactManager.getAllByOwner=ROLE_RUN_AS_SERVER
				sample.contact.ContactManager.save=ROLE_RUN_AS_SERVER
				sample.contact.ContactManager.getById=ROLE_RUN_AS_SERVER
			</value>
		</property>
	</bean>

	<!-- ======================= BUSINESS DEFINITIONS ===================== -->

	<bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
    	<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
	    <property name="interceptorNames">
      	<list>
        	<value>publicContactManagerSecurity</value>
 	        <value>publicContactManagerTarget</value>
    	</list>
	    </property>
  	</bean>

	<bean id="publicContactManagerTarget" class="sample.contact.ContactManagerFacade">
    	<property name="backend"><ref bean="backendContactManager"/></property>
	</bean>

	<bean id="backendContactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
    	<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
	    <property name="interceptorNames">
      	<list>
        	<value>backendContactManagerSecurity</value>
 	        <value>backendContactManagerTarget</value>
    	</list>
	    </property>
  	</bean>

	<bean id="backendContactManagerTarget" class="sample.contact.ContactManagerBackend"/>

</beans>