Vishal Puri
19 years ago
1 changed files with 174 additions and 0 deletions
@ -0,0 +1,174 @@
@@ -0,0 +1,174 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans" |
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
||||
xmlns:security="http://www.springframework.org/schema/security" |
||||
xmlns:util="http://www.springframework.org/schema/util" |
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd |
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd |
||||
http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd"> |
||||
|
||||
<!-- |
||||
- A simple "base bones" Acegi Security configuration. |
||||
- |
||||
- The sample includes the "popular" features that people tend to use. |
||||
- Specifically, form authentication, remember-me, and anonymous processing. |
||||
- Other features aren't setup, as these can be added later by inserting |
||||
- the relevant XML fragments as specified in the Reference Guide. |
||||
- |
||||
- To assist new users, the filters specified in the FilterChainProxy are |
||||
- declared in the application context in the same order. Collaborators |
||||
- required by those filters are placed at the end of the file. |
||||
- |
||||
- $Id: applicationContext-acegi-security.xml 1513 2006-05-29 13:32:12Z benalex $ |
||||
--> |
||||
|
||||
|
||||
|
||||
<bean id="filterChainProxy" |
||||
class="org.acegisecurity.util.FilterChainProxy"> |
||||
<property name="filterInvocationDefinitionSource"> |
||||
<value> |
||||
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON |
||||
PATTERN_TYPE_APACHE_ANT |
||||
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor |
||||
</value> |
||||
</property> |
||||
</bean> |
||||
|
||||
<!-- sessionCreation defaults to ifRequired(true) always(true) never(false) . --> |
||||
<security:session-context-integration |
||||
id="httpSessionContextIntegrationFilter" sessionCreation="ifRequired" /> |
||||
|
||||
|
||||
<!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) --> |
||||
<!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown --> |
||||
<security:logout-support id="logoutFilter" |
||||
redirectAfterLogoutUrl="/index.jsp" /> |
||||
|
||||
<security:authentication-remember-me-services |
||||
id="rememberMeServices" key="someValue" /> |
||||
|
||||
|
||||
<bean id="SecurityContextLogoutHandler" |
||||
class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" /> |
||||
|
||||
<!-- the URLs are all mandatory and have no defaults (well, except authenticationUrl) --> |
||||
<security:authentication-form id="authenticationProcessinFilter" |
||||
authenticationUrl="/j_acegi_security_check" defaultTargetUrl="/" |
||||
errorFormUrl="/acegilogin.jsp?login_error=1" /> |
||||
|
||||
<!-- make it optional, if not supplied autodetect all auth-providers from app ctx, using Ordered to resolve their order --> |
||||
<security:authentication-mechanism id="authenticationManager" /> |
||||
|
||||
<!-- dao authentication provider "authenticationRepository" --> |
||||
<security:authentication-repository id="daoAuthenticationProvider" /> |
||||
|
||||
<bean id="securityContextHolderAwareRequestFilter" |
||||
class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" /> |
||||
|
||||
<!-- makes the filter, but does little else, as it auto-detects everything --> |
||||
<security:authentication-remember-me-filter id="rememberMeFilter" /> |
||||
|
||||
<bean id="anonymousProcessingFilter" |
||||
class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"> |
||||
<property name="key" value="changeThis" /> |
||||
<property name="userAttribute" |
||||
value="anonymousUser,ROLE_ANONYMOUS" /> |
||||
</bean> |
||||
|
||||
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it; |
||||
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for |
||||
other props; i do not mind if you move the access denied stuff to a sub-element --> |
||||
<security:exception-translation id="exceptionTranslationFilter"> |
||||
<security:entry-point |
||||
entryPointBeanRef="authenticationEntryPoint" /> |
||||
</security:exception-translation> |
||||
|
||||
|
||||
<bean id="authenticationEntryPoint" |
||||
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> |
||||
<property name="loginFormUrl" value="/acegilogin.jsp" /> |
||||
<property name="forceHttps" value="false" /> |
||||
</bean> |
||||
|
||||
|
||||
<bean id="accessDeniedHandler" |
||||
class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> |
||||
<property name="errorPage" value="/accessDenied.jsp" /> |
||||
</bean> |
||||
|
||||
|
||||
<bean id="filterInvocationInterceptor" |
||||
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> |
||||
<property name="authenticationManager" |
||||
ref="authenticationManager" /> |
||||
<property name="accessDecisionManager"> |
||||
<bean class="org.acegisecurity.vote.AffirmativeBased"> |
||||
<property name="allowIfAllAbstainDecisions" |
||||
value="false" /> |
||||
<property name="decisionVoters"> |
||||
<list> |
||||
<bean class="org.acegisecurity.vote.RoleVoter" /> |
||||
<bean |
||||
class="org.acegisecurity.vote.AuthenticatedVoter" /> |
||||
</list> |
||||
</property> |
||||
</bean> |
||||
</property> |
||||
<property name="objectDefinitionSource"> |
||||
<value> |
||||
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON |
||||
PATTERN_TYPE_APACHE_ANT |
||||
/secure/extreme/**=ROLE_SUPERVISOR |
||||
/secure/**=IS_AUTHENTICATED_REMEMBERED |
||||
/**=IS_AUTHENTICATED_ANONYMOUSLY |
||||
</value> |
||||
</property> |
||||
</bean> |
||||
|
||||
|
||||
<!--<bean id="authenticationManager" |
||||
class="org.acegisecurity.providers.ProviderManager"> |
||||
<property name="providers"> |
||||
<list> |
||||
<ref local="daoAuthenticationProvider" /> |
||||
<bean |
||||
class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> |
||||
<property name="key" value="changeThis" /> |
||||
</bean> |
||||
<bean |
||||
class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> |
||||
<property name="key" value="changeThis" /> |
||||
</bean> |
||||
</list> |
||||
</property> |
||||
</bean>--> |
||||
|
||||
<bean id="userCache" |
||||
class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"> |
||||
<property name="cache"> |
||||
<bean |
||||
class="org.springframework.cache.ehcache.EhCacheFactoryBean"> |
||||
<property name="cacheManager"> |
||||
<bean |
||||
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" /> |
||||
</property> |
||||
<property name="cacheName" value="userCache" /> |
||||
</bean> |
||||
</property> |
||||
</bean> |
||||
|
||||
|
||||
<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users --> |
||||
|
||||
<security:principal-repository id="userDetailsService"> |
||||
<security:properties resource="/WEB-INF/users.properties" /> |
||||
</security:principal-repository> |
||||
|
||||
|
||||
<!-- This bean is optional; it isn't used by any other bean as it only listens and logs --> |
||||
<bean id="loggerListener" |
||||
class="org.acegisecurity.event.authentication.LoggerListener" /> |
||||
|
||||
</beans> |
||||
Loading…
Reference in new issue