38 lines
1.7 KiB
XML
38 lines
1.7 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
|
|
xsi:schemaLocation="
|
|
http://www.springframework.org/schema/security
|
|
http://www.springframework.org/schema/security/spring-security.xsd
|
|
http://www.springframework.org/schema/beans
|
|
http://www.springframework.org/schema/beans/spring-beans.xsd"
|
|
>
|
|
|
|
<http create-session="always" use-expressions="true" disable-url-rewriting="true">
|
|
<intercept-url pattern="/anonymous*" access="isAnonymous()"/>
|
|
<intercept-url pattern="/login*" access="permitAll"/>
|
|
<intercept-url pattern="/**" access="isAuthenticated()"/>
|
|
|
|
<csrf disabled="true"/>
|
|
|
|
<form-login login-page='/login.html' authentication-success-handler-ref="myAuthenticationSuccessHandler" authentication-failure-url="/login.html?error=true"/>
|
|
|
|
<logout delete-cookies="JSESSIONID"/>
|
|
<remember-me key="uniqueAndSecret" token-validity-seconds="86400"/>
|
|
|
|
<session-management invalid-session-url="/invalidSession.html">
|
|
<concurrency-control max-sessions="2" expired-url="/sessionExpired.html"/>
|
|
</session-management>
|
|
</http>
|
|
|
|
<beans:bean id="myAuthenticationSuccessHandler" class="com.baeldung.security.MySimpleUrlAuthenticationSuccessHandler"/>
|
|
|
|
<authentication-manager>
|
|
<authentication-provider>
|
|
<user-service>
|
|
<user name="user1" password="user1Pass" authorities="ROLE_USER"/>
|
|
<user name="admin1" password="admin1Pass" authorities="ROLE_ADMIN"/>
|
|
</user-service>
|
|
</authentication-provider>
|
|
</authentication-manager>
|
|
|
|
</beans:beans> |