Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-271: Rolled back new namespaces changes from 1.0.4 release

This commit is contained in:
Vishal Puri 2007-05-25 03:03:12 +00:00
parent 24b31c0c57
commit 5c5b0d2020
1 changed files with 147 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
samples/tutorial/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
View File

@ -1,12 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- <!--
- A simple "base bones" Acegi Security configuration. - A simple "base bones" Acegi Security configuration.
@ -23,9 +16,9 @@
- $Id$ - $Id$
--> -->
<beans>
<bean id="filterChainProxy" <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource"> <property name="filterInvocationDefinitionSource">
<value> <value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
@ -35,89 +28,61 @@
</property> </property>
</bean> </bean>
<!-- sessionCreation defaults to ifRequired(true) always(true) never(false) . --> <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
<security:session-context-integration
id="httpSessionContextIntegrationFilter" sessionCreation="ifRequired" />
<bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
<!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) --> <constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
<!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown --> <constructor-arg>
<security:logout-support id="logoutFilter" <list>
redirectAfterLogoutUrl="/index.jsp" logoutUrl="/j_acegi_logout" /> <ref bean="rememberMeServices"/>
<bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
<security:authentication-remember-me-services </list>
id="rememberMeServices" key="someValue" /> </constructor-arg>
<bean id="securityContextLogoutHandler"
class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" />
<!-- the URLs are all mandatory and have no defaults (well, except authenticationUrl) -->
<security:authentication-form id="authenticationProcessingFilter"
authenticationUrl="/j_acegi_security_check" defaultTargetUrl="/"
errorFormUrl="/acegilogin.jsp?login_error=1" />
<!-- make it optional, if not supplied autodetect all auth-providers from app ctx, using Ordered to resolve their order -->
<security:authentication-mechanism id="authenticationManager" />
<!-- dao authentication provider "authenticationRepository" -->
<security:authentication-repository id="daoAuthenticationProvider" />
<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
<security:principal-repository id="userDetailsService">
<security:properties resource="/WEB-INF/users.properties" />
</security:principal-repository>
<bean id="securityContextHolderAwareRequestFilter"
class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" />
<!-- makes the filter, but does little else, as it auto-detects everything -->
<security:authentication-remember-me-filter
id="rememberMeProcessingFilter" />
<bean id="anonymousProcessingFilter"
class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key" value="changeThis" />
<property name="userAttribute"
value="anonymousUser,ROLE_ANONYMOUS" />
</bean> </bean>
<!-- Basically accessDeniedUrl is optional, we if unspecified impl will auto-detect any AccessDeniedHandler in ctx and use it; <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
alternately if there are > 1 such handlers, we can nominate the one to use via accessDeniedBeanRef; provide nested elements for <property name="authenticationManager" ref="authenticationManager"/>
other props; i do not mind if you move the access denied stuff to a sub-element --> <property name="authenticationFailureUrl" value="/acegilogin.jsp?login_error=1"/>
<security:exception-translation id="exceptionTranslationFilter"> <property name="defaultTargetUrl" value="/"/>
<security:entry-point <property name="filterProcessesUrl" value="/j_acegi_security_check"/>
entryPointBeanRef="authenticationEntryPoint" /> <property name="rememberMeServices" ref="rememberMeServices"/>
</security:exception-translation> </bean>
<bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
<bean id="authenticationEntryPoint" <bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="authenticationManager" ref="authenticationManager"/>
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key" value="changeThis"/>
<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
</bean>
<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/acegilogin.jsp"/> <property name="loginFormUrl" value="/acegilogin.jsp"/>
<property name="forceHttps" value="false"/> <property name="forceHttps" value="false"/>
</bean> </bean>
</property>
<property name="accessDeniedHandler">
<bean id="accessDeniedHandler" <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
<property name="errorPage" value="/accessDenied.jsp"/> <property name="errorPage" value="/accessDenied.jsp"/>
</bean> </bean>
</property>
</bean>
<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<bean id="filterInvocationInterceptor" <property name="authenticationManager" ref="authenticationManager"/>
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager"
ref="authenticationManager" />
<property name="accessDecisionManager"> <property name="accessDecisionManager">
<bean class="org.acegisecurity.vote.AffirmativeBased"> <bean class="org.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions" <property name="allowIfAllAbstainDecisions" value="false"/>
value="false" />
<property name="decisionVoters"> <property name="decisionVoters">
<list> <list>
<bean class="org.acegisecurity.vote.RoleVoter"/> <bean class="org.acegisecurity.vote.RoleVoter"/>
<bean <bean class="org.acegisecurity.vote.AuthenticatedVoter"/>
class="org.acegisecurity.vote.AuthenticatedVoter" />
</list> </list>
</property> </property>
</bean> </bean>
@ -133,40 +98,51 @@
</property> </property>
</bean> </bean>
<bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="userDetailsService"/>
<property name="key" value="changeThis"/>
</bean>
<!--<bean id="authenticationManager" <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
class="org.acegisecurity.providers.ProviderManager">
<property name="providers"> <property name="providers">
<list> <list>
<ref local="daoAuthenticationProvider"/> <ref local="daoAuthenticationProvider"/>
<bean <bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
<property name="key" value="changeThis"/> <property name="key" value="changeThis"/>
</bean> </bean>
<bean <bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
<property name="key" value="changeThis"/> <property name="key" value="changeThis"/>
</bean> </bean>
</list> </list>
</property> </property>
</bean>--> </bean>
<bean id="userCache" <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"> <property name="userDetailsService" ref="userDetailsService"/>
<property name="userCache">
<bean class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
<property name="cache"> <property name="cache">
<bean <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager"> <property name="cacheManager">
<bean <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
</property> </property>
<property name="cacheName" value="userCache"/> <property name="cacheName" value="userCache"/>
</bean> </bean>
</property> </property>
</bean> </bean>
</property>
</bean>
<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
<bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
<property name="userProperties">
<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="location" value="/WEB-INF/users.properties"/>
</bean>
</property>
</bean>
<!-- This bean is optional; it isn't used by any other bean as it only listens and logs --> <!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
<bean id="loggerListener" <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/>
class="org.acegisecurity.event.authentication.LoggerListener" />
</beans> </beans>