spring-security/ntlm/applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">

<beans>

    <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
        <property name="filterInvocationDefinitionSource">
            <value>
            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
            PATTERN_TYPE_APACHE_ANT
            /login_error.jsp=httpSessionContextIntegrationFilter
            /**=httpSessionContextIntegrationFilter, exceptionTranslationFilter, ntlmFilter, filterSecurityInterceptor
            </value>
        </property>
    </bean>

    <!-- The first item in the Chain: httpSessionContextIntegrationFilter -->
    <bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.core.context.HttpSessionContextIntegrationFilter">
        <property name="context">
            <value>org.springframework.security.core.context.SecurityContextImpl</value>
        </property>
    </bean>

    <!-- the second item in the chain: exceptionTranslationFilter -->
    <bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
        <property name="authenticationEntryPoint" ref="ntlmEntryPoint"/>
    </bean>

    <!-- the third item in the chain: ntlmFilter -->
    <bean id="ntlmFilter" class="org.springframework.security.ui.ntlm.NtlmProcessingFilter">
        <property name="defaultDomain" value="YOURDOMAIN"/>
        <!-- It is better to use a WINS server if available over a specific domain controller
         <property name="domainController" value="FOO"/> -->
        <property name="netbiosWINS" value="192.168.0.3"/>
        <property name="authenticationManager" ref="providerManager"/>
    </bean>

    <bean id="providerManager" class="org.springframework.security.authentication.ProviderManager">
        <property name="providers">
            <list>
                <ref local="daoAuthenticationProvider"/>
            </list>
        </property>
    </bean>

    <bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
        <property name="userDetailsService">
            <ref local="memoryUserDetailsService"/>
        </property>
    </bean>

    <!-- NOTE: You will need to write a custom UserDetailsService in most cases -->
    <bean id="memoryUserDetailsService" class="org.springframework.security.core.userdetails.memory.InMemoryDaoImpl">
        <property name="userMap">
            <value>jdoe=PASSWORD,ROLE_USER</value>
        </property>
    </bean>

    <!-- the fourth item in the chain: filterSecurityInterceptor -->
    <bean id="filterSecurityInterceptor" class="org.springframework.security.access.intercept.web.FilterSecurityInterceptor">
        <property name="authenticationManager"><ref local="providerManager"/></property>
        <property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
        <property name="securityMetadataSource">
            <value>
            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
            PATTERN_TYPE_APACHE_ANT
            /**=ROLE_USER
            </value>
        </property>
    </bean>

    <!-- authenticationManager defined above -->
    <bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
        <property name="allowIfAllAbstainDecisions">
            <value>false</value>
        </property>
        <property name="decisionVoters">
            <list>
                <ref local="roleVoter"/>
            </list>
        </property>
    </bean>

    <bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter"/>

    <bean id="ntlmEntryPoint" class="org.springframework.security.ui.ntlm.NtlmProcessingFilterEntryPoint">
        <property name="authenticationFailureUrl" value="/login_error.jsp"/>
    </bean>

    <!-- Done with the chain -->

    <!-- This bean automatically receives AuthenticationEvent messages from DaoAuthenticationProvider -->
    <bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/>

</beans>
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00			`<?xml version="1.0" encoding="UTF-8"?>`
			`<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">`

			`<beans>`

SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">`
			`<property name="filterInvocationDefinitionSource">`
			`<value>`
			`CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON`
			`PATTERN_TYPE_APACHE_ANT`
			`/login_error.jsp=httpSessionContextIntegrationFilter`
			`/**=httpSessionContextIntegrationFilter, exceptionTranslationFilter, ntlmFilter, filterSecurityInterceptor`
			`</value>`
			`</property>`
			`</bean>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<!-- The first item in the Chain: httpSessionContextIntegrationFilter -->`
SEC-1132: Created core and authentication packages within core module. 2009-04-13 09:43:23 -04:00			`<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.core.context.HttpSessionContextIntegrationFilter">`
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<property name="context">`
SEC-1132: Created core and authentication packages within core module. 2009-04-13 09:43:23 -04:00			`<value>org.springframework.security.core.context.SecurityContextImpl</value>`
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`</property>`
			`</bean>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<!-- the second item in the chain: exceptionTranslationFilter -->`
			`<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">`
			`<property name="authenticationEntryPoint" ref="ntlmEntryPoint"/>`
			`</bean>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<!-- the third item in the chain: ntlmFilter -->`
			`<bean id="ntlmFilter" class="org.springframework.security.ui.ntlm.NtlmProcessingFilter">`
			`<property name="defaultDomain" value="YOURDOMAIN"/>`
			`<!-- It is better to use a WINS server if available over a specific domain controller`
			`<property name="domainController" value="FOO"/> -->`
			`<property name="netbiosWINS" value="192.168.0.3"/>`
			`<property name="authenticationManager" ref="providerManager"/>`
			`</bean>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1132: Created core and authentication packages within core module. 2009-04-13 09:43:23 -04:00			`<bean id="providerManager" class="org.springframework.security.authentication.ProviderManager">`
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<property name="providers">`
			`<list>`
			`<ref local="daoAuthenticationProvider"/>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00			`</list>`
			`</property>`
			`</bean>`

SEC-1132: Created core and authentication packages within core module. 2009-04-13 09:43:23 -04:00			`<bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">`
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<property name="userDetailsService">`
			`<ref local="memoryUserDetailsService"/>`
			`</property>`
			`</bean>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<!-- NOTE: You will need to write a custom UserDetailsService in most cases -->`
SEC-1132: Moved userdetails into core and added core/authority sub-package 2009-04-15 03:39:21 -04:00			`<bean id="memoryUserDetailsService" class="org.springframework.security.core.userdetails.memory.InMemoryDaoImpl">`
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<property name="userMap">`
			`<value>jdoe=PASSWORD,ROLE_USER</value>`
			`</property>`
			`</bean>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<!-- the fourth item in the chain: filterSecurityInterceptor -->`
SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet 2009-04-12 08:23:23 -04:00			`<bean id="filterSecurityInterceptor" class="org.springframework.security.access.intercept.web.FilterSecurityInterceptor">`
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<property name="authenticationManager"><ref local="providerManager"/></property>`
			`<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>`
			`<property name="securityMetadataSource">`
			`<value>`
			`CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON`
			`PATTERN_TYPE_APACHE_ANT`
			`/**=ROLE_USER`
			`</value>`
			`</property>`
			`</bean>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<!-- authenticationManager defined above -->`
SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet 2009-04-12 08:23:23 -04:00			`<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">`
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<property name="allowIfAllAbstainDecisions">`
			`<value>false</value>`
			`</property>`
			`<property name="decisionVoters">`
			`<list>`
			`<ref local="roleVoter"/>`
			`</list>`
			`</property>`
			`</bean>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet 2009-04-12 08:23:23 -04:00			`<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter"/>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<bean id="ntlmEntryPoint" class="org.springframework.security.ui.ntlm.NtlmProcessingFilterEntryPoint">`
			`<property name="authenticationFailureUrl" value="/login_error.jsp"/>`
			`</bean>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<!-- Done with the chain -->`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 00:32:06 -04:00			`<!-- This bean automatically receives AuthenticationEvent messages from DaoAuthenticationProvider -->`
SEC-1132: Created core and authentication packages within core module. 2009-04-13 09:43:23 -04:00			`<bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/>`
SEC-8: Imported contributed NTLM code. Some changes because of current state of LDAP code. 2007-09-17 08:26:46 -04:00
			`</beans>`