1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115
|
<beans:beans
xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
<beans:bean id="filterSecurityInterceptor"
class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
<beans:property name="authenticationManager"
ref="authenticationManager"/>
<beans:property name="accessDecisionManager">
<beans:bean
class="org.springframework.security.vote.AffirmativeBased">
<beans:property name="allowIfAllAbstainDecisions"
value="false"/>
<beans:property name="decisionVoters">
<beans:list>
<beans:bean
class="org.springframework.security.vote.RoleVoter"/>
<beans:bean
class="org.springframework.security.vote.AuthenticatedVoter"/>
</beans:list>
</beans:property>
</beans:bean>
</beans:property>
<beans:property name="objectDefinitionSource">
<beans:value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/administration/**=ROLE_ADM
/accueil/**=ROLE_USER,ROLE_ADM
/habilitationAuto/**=ROLE_ANONYMOUS
</beans:value>
</beans:property>
</beans:bean>
<authentication-provider user-service-ref="detailServices"/>
<beans:bean id="detailServices"
class="fr.toto.portail.fw.web.security.EforproUserDetailsService">
<beans:property name="utilisateurService"
ref="utilisateurService"/>
</beans:bean>
<beans:bean id="authenticationProcessingFilter"
class="fr.toto.portail.fw.web.security.EforproSSOSecurityFilter">
<beans:property name="filterProcessesUrl"
value="/connexion.action"/>
<beans:property name="defaultTargetUrl"
value="/accueil/accueil/chargerAccueil.action"/>
<beans:property name="authenticationManager"
ref="authenticationManager"/>
<beans:property name="exceptionMappings">
<beans:props>
<beans:prop
key="org.springframework.security.BadCredentialsException">
/redirectLogin.jsp
</beans:prop>
<beans:prop
key="org.springframework.security.userdetails.UsernameNotFoundException">
/habilitation.jsp
</beans:prop>
</beans:props>
</beans:property>
</beans:bean>
<beans:bean id="filterChainProxy"
class="org.springframework.security.util.FilterChainProxy">
<filter-chain-map path-type="ant">
<filter-chain pattern="/**"
filters="httpSessionContextIntegrationFilter,authenticationProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor"/>
</filter-chain-map>
</beans:bean>
<beans:bean id="httpSessionContextIntegrationFilter"
class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>
<beans:bean id="exceptionTranslationFilter"
class="org.springframework.security.ui.ExceptionTranslationFilter">
<beans:property name="authenticationEntryPoint">
<beans:bean
class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<beans:property name="loginFormUrl"
value="/redirectLogin.jsp"/>
<beans:property name="forceHttps" value="false"/>
</beans:bean>
</beans:property>
<beans:property name="accessDeniedHandler">
<beans:bean
class="org.springframework.security.ui.AccessDeniedHandlerImpl">
<beans:property name="errorPage"
value="/habilitation.jsp"/>
</beans:bean>
</beans:property>
</beans:bean>
<beans:bean id="authenticationManager"
class="org.springframework.security.providers.ProviderManager">
<beans:property name="providers">
<beans:list>
<beans:ref local="detailServices"/>
<beans:bean
class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
<beans:property name="key" value="changeThis"/>
</beans:bean>
<beans:bean
class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
<beans:property name="key" value="changeThis"/>
</beans:bean>
</beans:list>
</beans:property>
</beans:bean>
</beans:beans> |
Partager