SEC-640: Converted preauth sample to use filter-invocation-definition-source element. (also fixed some recently changed property names).
This commit is contained in:
Luke Taylor
parent
33023565a8
commit
9eb86194a2
|
|
@ -12,14 +12,12 @@
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
||||||
|
|
||||||
|
|
||||||
<bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
|
<bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
|
||||||
<sec:filter-chain-map path-type="ant">
|
<sec:filter-chain-map path-type="ant">
|
||||||
<sec:filter-chain pattern="/**" filters="sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>
|
<sec:filter-chain pattern="/**" filters="sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>
|
||||||
</sec:filter-chain-map>
|
</sec:filter-chain-map>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
|
|
||||||
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
|
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
|
||||||
<property name="providers">
|
<property name="providers">
|
||||||
<list>
|
<list>
|
||||||
|
|
@ -45,7 +43,6 @@
|
||||||
<bean id="preAuthenticatedProcessingFilterEntryPoint"
|
<bean id="preAuthenticatedProcessingFilterEntryPoint"
|
||||||
class="org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint"/>
|
class="org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint"/>
|
||||||
|
|
||||||
|
|
||||||
<bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
|
<bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
|
||||||
<constructor-arg value="/"/>
|
<constructor-arg value="/"/>
|
||||||
<constructor-arg>
|
<constructor-arg>
|
||||||
|
|
@ -59,14 +56,13 @@
|
||||||
<property name="j2eeMappableRolesRetriever">
|
<property name="j2eeMappableRolesRetriever">
|
||||||
<ref local="j2eeMappableRolesRetriever"/>
|
<ref local="j2eeMappableRolesRetriever"/>
|
||||||
</property>
|
</property>
|
||||||
|
<property name="j2eeUserRoles2GrantedAuthoritiesMapper">
|
||||||
<property name="j2eeUserRoles2GrantedAuthoritiesMapper">
|
|
||||||
<ref local="j2eeUserRoles2GrantedAuthoritiesMapper"/>
|
<ref local="j2eeUserRoles2GrantedAuthoritiesMapper"/>
|
||||||
</property>
|
</property>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="j2eeUserRoles2GrantedAuthoritiesMapper" class="org.springframework.security.authoritymapping.SimpleAttributes2GrantedAuthoritiesMapper">
|
<bean id="j2eeUserRoles2GrantedAuthoritiesMapper" class="org.springframework.security.authoritymapping.SimpleAttributes2GrantedAuthoritiesMapper">
|
||||||
<property name="convertRoleToUpperCase" value="true"/>
|
<property name="convertAttributeToUpperCase" value="true"/>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="j2eeMappableRolesRetriever" class="org.springframework.security.ui.preauth.j2ee.WebXmlMappableAttributesRetriever">
|
<bean id="j2eeMappableRolesRetriever" class="org.springframework.security.ui.preauth.j2ee.WebXmlMappableAttributesRetriever">
|
||||||
|
|
@ -89,31 +85,24 @@
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
|
<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
|
||||||
|
<property name="allowIfAllAbstainDecisions" value="false"/>
|
||||||
<property name="allowIfAllAbstainDecisions" value="false"/>
|
<property name="decisionVoters">
|
||||||
<property name="decisionVoters">
|
<list>
|
||||||
<list>
|
<ref bean="roleVoter"/>
|
||||||
<ref bean="roleVoter"/>
|
</list>
|
||||||
</list>
|
</property>
|
||||||
</property>
|
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
|
|
||||||
<bean id="fsi" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
|
<bean id="fsi" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
|
||||||
<property name="authenticationManager" ref="authenticationManager"/>
|
<property name="authenticationManager" ref="authenticationManager"/>
|
||||||
<property name="accessDecisionManager">
|
<property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/>
|
||||||
<ref local="httpRequestAccessDecisionManager"/>
|
<property name="objectDefinitionSource">
|
||||||
</property>
|
<sec:filter-invocation-definition-source>
|
||||||
|
<sec:intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
|
||||||
<property name="objectDefinitionSource">
|
<sec:intercept-url pattern="/secure/**" access="ROLE_USER"/>
|
||||||
<value>
|
<sec:intercept-url pattern="/**" access="ROLE_USER"/>
|
||||||
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
|
</sec:filter-invocation-definition-source>
|
||||||
PATTERN_TYPE_APACHE_ANT
|
</property>
|
||||||
/secure/extreme/**=ROLE_SUPERVISOR
|
|
||||||
/secure/**=ROLE_USER
|
|
||||||
/**=ROLE_USER
|
|
||||||
</value>
|
|
||||||
</property>
|
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"/>
|
<bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"/>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue