Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-05 02:02:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add MethodSecurityInterceptor, to more accurately reflect the capabilities offered by auto-config="true".

Browse Source
This commit is contained in:
Ben Alex 2007-12-11 19:14:34 +00:00
parent 9728f48adf
commit 2655955a40
1 changed files with 151 additions and 135 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

286
samples/tutorial/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
View File

@ -1,53 +1,53 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!-- <!--
- A simple "base bones" Acegi Security configuration. - A simple "base bones" Acegi Security configuration.
- -
- The sample includes the "popular" features that people tend to use. - The sample includes the "popular" features that people tend to use.
- Specifically, form authentication, remember-me, and anonymous processing. - Specifically, form authentication, remember-me, and anonymous processing.
- Other features aren't setup, as these can be added later by inserting - Other features aren't setup, as these can be added later by inserting
- the relevant XML fragments as specified in the Reference Guide. - the relevant XML fragments as specified in the Reference Guide.
- -
- To assist new users, the filters specified in the FilterChainProxy are - To assist new users, the filters specified in the FilterChainProxy are
- declared in the application context in the same order. Collaborators - declared in the application context in the same order. Collaborators
- required by those filters are placed at the end of the file. - required by those filters are placed at the end of the file.
- -
- $Id$ - $Id$
--> -->
<beans> <beans>
<bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy"> <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource"> <property name="filterInvocationDefinitionSource">
<value><![CDATA[ <value><![CDATA[
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
]]></value> ]]></value>
</property> </property>
</bean> </bean>
<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/> <bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>
<bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter"> <bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout --> <constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
<constructor-arg> <constructor-arg>
<list> <list>
<ref bean="rememberMeServices"/> <ref bean="rememberMeServices"/>
<bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/> <bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
</list> </list>
</constructor-arg> </constructor-arg>
</bean> </bean>
<bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter"> <bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
<property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationManager" ref="authenticationManager"/>
<property name="authenticationFailureUrl" value="/acegilogin.jsp?login_error=1"/> <property name="authenticationFailureUrl" value="/acegilogin.jsp?login_error=1"/>
<property name="defaultTargetUrl" value="/"/> <property name="defaultTargetUrl" value="/"/>
<property name="filterProcessesUrl" value="/j_spring_security_check"/> <property name="filterProcessesUrl" value="/j_spring_security_check"/>
<property name="rememberMeServices" ref="rememberMeServices"/> <property name="rememberMeServices" ref="rememberMeServices"/>
</bean> </bean>
<bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter"> <bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
<property name="authenticationManager"><ref local="authenticationManager"/></property> <property name="authenticationManager"><ref local="authenticationManager"/></property>
<property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property> <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
@ -57,89 +57,105 @@
<property name="realmName"><value>My Realm</value></property> <property name="realmName"><value>My Realm</value></property>
</bean> </bean>
<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter"/> <bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter"/>
<bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter"> <bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter">
<property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationManager" ref="authenticationManager"/>
<property name="rememberMeServices" ref="rememberMeServices"/> <property name="rememberMeServices" ref="rememberMeServices"/>
</bean> </bean>
<bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter"> <bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter">
<property name="key" value="changeThis"/> <property name="key" value="changeThis"/>
<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/> <property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
</bean> </bean>
<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter"> <bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint"> <property name="authenticationEntryPoint">
<bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/acegilogin.jsp"/> <property name="loginFormUrl" value="/acegilogin.jsp"/>
<property name="forceHttps" value="false"/> <property name="forceHttps" value="false"/>
</bean> </bean>
</property> </property>
<property name="accessDeniedHandler"> <property name="accessDeniedHandler">
<bean class="org.springframework.security.ui.AccessDeniedHandlerImpl"> <bean class="org.springframework.security.ui.AccessDeniedHandlerImpl">
<property name="errorPage" value="/accessDenied.jsp"/> <property name="errorPage" value="/accessDenied.jsp"/>
</bean> </bean>
</property> </property>
</bean> </bean>
<bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor"> <bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
<property name="authenticationManager" ref="authenticationManager"/> <property name="allowIfAllAbstainDecisions" value="false"/>
<property name="accessDecisionManager"> <property name="decisionVoters">
<bean class="org.springframework.security.vote.AffirmativeBased"> <list>
<property name="allowIfAllAbstainDecisions" value="false"/> <bean class="org.springframework.security.vote.RoleVoter"/>
<property name="decisionVoters"> <bean class="org.springframework.security.vote.AuthenticatedVoter"/>
<list> </list>
<bean class="org.springframework.security.vote.RoleVoter"/> </property>
<bean class="org.springframework.security.vote.AuthenticatedVoter"/> </bean>
</list>
</property> <bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
</bean> <property name="authenticationManager" ref="authenticationManager"/>
</property> <property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource"> <property name="objectDefinitionSource">
<value><![CDATA[ <value><![CDATA[
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT PATTERN_TYPE_APACHE_ANT
/secure/extreme/**=ROLE_SUPERVISOR /secure/extreme/**=ROLE_SUPERVISOR
/secure/**=IS_AUTHENTICATED_REMEMBERED /secure/**=IS_AUTHENTICATED_REMEMBERED
/**=IS_AUTHENTICATED_ANONYMOUSLY /**=IS_AUTHENTICATED_ANONYMOUSLY
]]></value> ]]></value>
</property> </property>
</bean> </bean>
<bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices"> <bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="userDetailsService"/> <property name="userDetailsService" ref="userDetailsService"/>
<property name="key" value="changeThis"/> <property name="key" value="changeThis"/>
</bean> </bean>
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager"> <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers"> <property name="providers">
<list> <list>
<ref local="daoAuthenticationProvider"/> <ref local="daoAuthenticationProvider"/>
<bean class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider"> <bean class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
<property name="key" value="changeThis"/> <property name="key" value="changeThis"/>
</bean> </bean>
<bean class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider"> <bean class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
<property name="key" value="changeThis"/> <property name="key" value="changeThis"/>
</bean> </bean>
</list> </list>
</property> </property>
</bean> </bean>
<bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider"> <bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService" ref="userDetailsService"/> <property name="userDetailsService" ref="userDetailsService"/>
</bean> </bean>
<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users --> <!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
<bean id="userDetailsService" class="org.springframework.security.userdetails.memory.InMemoryDaoImpl"> <bean id="userDetailsService" class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
<property name="userProperties"> <property name="userProperties">
<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean"> <bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="location" value="/WEB-INF/users.properties"/> <property name="location" value="/WEB-INF/users.properties"/>
</bean> </bean>
</property> </property>
</bean> </bean>
<!-- This bean is optional; it isn't used by any other bean as it only listens and logs --> <!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
<bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener"/> <bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener"/>
<bean id="daacc" class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"/>
<bean id="attributes" class="org.springframework.security.annotation.SecurityAnnotationAttributes"/>
<bean id="objectDefinitionSource" class="org.springframework.security.intercept.method.MethodDefinitionAttributes">
<property name="attributes"><ref local="attributes"/></property>
</bean>
<bean id="securityInterceptor" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="authenticationManager"><ref local="authentication"/></property>
<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
<property name="objectDefinitionSource">
<ref local="objectDefinitionSource"/>
</property>
</bean>
</beans> </beans>