45 lines
2.2 KiB
XML
45 lines
2.2 KiB
XML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
|
<beans:beans xmlns="http://www.springframework.org/schema/security"
|
||
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
|
||
|
|
xmlns:mvc="http://www.springframework.org/schema/mvc"
|
||
|
|
xsi:schemaLocation="
|
||
|
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
|
||
|
|
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
|
||
|
|
http://www.springframework.org/schema/mvc
|
||
|
|
http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd">
|
||
|
|
<http use-expressions="true">
|
||
|
|
<intercept-url pattern="/login*" access="permitAll" />
|
||
|
|
<intercept-url pattern="/logout*" access="permitAll" />
|
||
|
|
<intercept-url pattern="/home*" access="permitAll" />
|
||
|
|
<intercept-url pattern="/files/**" access="permitAll" />
|
||
|
|
<intercept-url pattern="/resources/**" access="permitAll" />
|
||
|
|
<intercept-url pattern="/js/**" access="permitAll" />
|
||
|
|
<intercept-url pattern="/other-files/**" access="permitAll" />
|
||
|
|
<intercept-url pattern="/invalidSession*" access="isAnonymous()" />
|
||
|
|
<intercept-url pattern="/**" access="isAuthenticated()" />
|
||
|
|
|
||
|
|
<form-login login-page='/login.html'
|
||
|
|
authentication-failure-url="/login.html?error=true"
|
||
|
|
authentication-success-handler-ref="myAuthenticationSuccessHandler"
|
||
|
|
default-target-url="home.html" />
|
||
|
|
<session-management invalid-session-url="/invalidSession.html"
|
||
|
|
session-fixation-protection="none" />
|
||
|
|
<logout invalidate-session="false" logout-success-url="/logout.html?logSucc=true"
|
||
|
|
logout-url="/j_spring_security_logout" delete-cookies="JSESSIONID" />
|
||
|
|
|
||
|
|
</http>
|
||
|
|
|
||
|
|
<!-- for XML static resource confguration- comment out for java based config -->
|
||
|
|
<!-- -<mvc:resources mapping="/resources/**" location="/resources/" /> -->
|
||
|
|
|
||
|
|
<beans:bean id="myAuthenticationSuccessHandler"
|
||
|
|
class="org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler" />
|
||
|
|
<authentication-manager>
|
||
|
|
<authentication-provider>
|
||
|
|
<user-service>
|
||
|
|
<user name="user1" password="user1Pass" authorities="ROLE_USER" />
|
||
|
|
<user name="admin1" password="admin1Pass" authorities="ROLE_ADMIN" />
|
||
|
|
</user-service>
|
||
|
|
</authentication-provider>
|
||
|
|
</authentication-manager>
|
||
|
|
</beans:beans>
|