SEC-2915: XML spaces->tabs
This commit is contained in:
@@ -6,85 +6,85 @@
|
||||
-->
|
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:sec="http://www.springframework.org/schema/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
|
||||
xmlns:sec="http://www.springframework.org/schema/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
|
||||
|
||||
<bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
|
||||
<sec:filter-chain-map request-matcher="ant">
|
||||
<sec:filter-chain pattern="/**" filters="sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>
|
||||
</sec:filter-chain-map>
|
||||
</bean>
|
||||
<bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
|
||||
<sec:filter-chain-map request-matcher="ant">
|
||||
<sec:filter-chain pattern="/**" filters="sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>
|
||||
</sec:filter-chain-map>
|
||||
</bean>
|
||||
|
||||
<bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
|
||||
<bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
|
||||
|
||||
<sec:authentication-manager alias="authenticationManager">
|
||||
<sec:authentication-provider ref='preAuthenticatedAuthenticationProvider'/>
|
||||
</sec:authentication-manager>
|
||||
<sec:authentication-manager alias="authenticationManager">
|
||||
<sec:authentication-provider ref='preAuthenticatedAuthenticationProvider'/>
|
||||
</sec:authentication-manager>
|
||||
|
||||
<bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
|
||||
<property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService"/>
|
||||
</bean>
|
||||
<bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
|
||||
<property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService"/>
|
||||
</bean>
|
||||
|
||||
<bean id="preAuthenticatedUserDetailsService"
|
||||
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService"/>
|
||||
<bean id="preAuthenticatedUserDetailsService"
|
||||
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService"/>
|
||||
|
||||
<bean id="j2eePreAuthFilter" class="org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">
|
||||
<property name="authenticationManager" ref="authenticationManager"/>
|
||||
<property name="authenticationDetailsSource">
|
||||
<bean class="org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource">
|
||||
<property name="mappableRolesRetriever">
|
||||
<bean class="org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever" />
|
||||
</property>
|
||||
<property name="userRoles2GrantedAuthoritiesMapper">
|
||||
<bean class="org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper">
|
||||
<property name="convertAttributeToUpperCase" value="true"/>
|
||||
</bean>
|
||||
</property>
|
||||
</bean>
|
||||
</property>
|
||||
</bean>
|
||||
<bean id="j2eePreAuthFilter" class="org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">
|
||||
<property name="authenticationManager" ref="authenticationManager"/>
|
||||
<property name="authenticationDetailsSource">
|
||||
<bean class="org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource">
|
||||
<property name="mappableRolesRetriever">
|
||||
<bean class="org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever" />
|
||||
</property>
|
||||
<property name="userRoles2GrantedAuthoritiesMapper">
|
||||
<bean class="org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper">
|
||||
<property name="convertAttributeToUpperCase" value="true"/>
|
||||
</bean>
|
||||
</property>
|
||||
</bean>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<bean id="preAuthenticatedProcessingFilterEntryPoint"
|
||||
class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"/>
|
||||
<bean id="preAuthenticatedProcessingFilterEntryPoint"
|
||||
class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"/>
|
||||
|
||||
<bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
|
||||
<constructor-arg value="/"/>
|
||||
<constructor-arg>
|
||||
<list>
|
||||
<bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
|
||||
</list>
|
||||
</constructor-arg>
|
||||
</bean>
|
||||
<bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
|
||||
<constructor-arg value="/"/>
|
||||
<constructor-arg>
|
||||
<list>
|
||||
<bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
|
||||
</list>
|
||||
</constructor-arg>
|
||||
</bean>
|
||||
|
||||
<bean id="etf" class="org.springframework.security.web.access.ExceptionTranslationFilter">
|
||||
<constructor-arg ref="preAuthenticatedProcessingFilterEntryPoint"/>
|
||||
</bean>
|
||||
<bean id="etf" class="org.springframework.security.web.access.ExceptionTranslationFilter">
|
||||
<constructor-arg ref="preAuthenticatedProcessingFilterEntryPoint"/>
|
||||
</bean>
|
||||
|
||||
<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
|
||||
<constructor-arg>
|
||||
<list>
|
||||
<ref bean="roleVoter"/>
|
||||
</list>
|
||||
</constructor-arg>
|
||||
<property name="allowIfAllAbstainDecisions" value="false"/>
|
||||
</bean>
|
||||
<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
|
||||
<constructor-arg>
|
||||
<list>
|
||||
<ref bean="roleVoter"/>
|
||||
</list>
|
||||
</constructor-arg>
|
||||
<property name="allowIfAllAbstainDecisions" value="false"/>
|
||||
</bean>
|
||||
|
||||
<bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
|
||||
<property name="authenticationManager" ref="authenticationManager"/>
|
||||
<property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/>
|
||||
<property name="securityMetadataSource">
|
||||
<sec:filter-security-metadata-source>
|
||||
<sec:intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
|
||||
<sec:intercept-url pattern="/secure/**" access="ROLE_USER"/>
|
||||
<sec:intercept-url pattern="/**" access="ROLE_USER"/>
|
||||
</sec:filter-security-metadata-source>
|
||||
</property>
|
||||
</bean>
|
||||
<bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
|
||||
<property name="authenticationManager" ref="authenticationManager"/>
|
||||
<property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/>
|
||||
<property name="securityMetadataSource">
|
||||
<sec:filter-security-metadata-source>
|
||||
<sec:intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
|
||||
<sec:intercept-url pattern="/secure/**" access="ROLE_USER"/>
|
||||
<sec:intercept-url pattern="/**" access="ROLE_USER"/>
|
||||
</sec:filter-security-metadata-source>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter"/>
|
||||
<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter"/>
|
||||
|
||||
<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter"/>
|
||||
<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter"/>
|
||||
|
||||
</beans>
|
||||
|
||||
@@ -1,60 +1,60 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
||||
|
||||
<display-name>Spring Security Preauthentication Demo Application</display-name>
|
||||
<display-name>Spring Security Preauthentication Demo Application</display-name>
|
||||
|
||||
<!--
|
||||
- Location of the XML file that defines the root application context
|
||||
- Applied by ContextLoaderListener.
|
||||
-->
|
||||
<context-param>
|
||||
<param-name>contextConfigLocation</param-name>
|
||||
<param-value>
|
||||
/WEB-INF/applicationContext-security.xml
|
||||
</param-value>
|
||||
</context-param>
|
||||
<!--
|
||||
- Location of the XML file that defines the root application context
|
||||
- Applied by ContextLoaderListener.
|
||||
-->
|
||||
<context-param>
|
||||
<param-name>contextConfigLocation</param-name>
|
||||
<param-value>
|
||||
/WEB-INF/applicationContext-security.xml
|
||||
</param-value>
|
||||
</context-param>
|
||||
|
||||
<filter>
|
||||
<filter-name>filterChainProxy</filter-name>
|
||||
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
|
||||
</filter>
|
||||
<filter>
|
||||
<filter-name>filterChainProxy</filter-name>
|
||||
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>filterChainProxy</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
<filter-mapping>
|
||||
<filter-name>filterChainProxy</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<!--
|
||||
- Loads the root application context of this web app at startup.
|
||||
- The application context is then available via
|
||||
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
|
||||
-->
|
||||
<listener>
|
||||
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
|
||||
</listener>
|
||||
<!--
|
||||
- Loads the root application context of this web app at startup.
|
||||
- The application context is then available via
|
||||
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
|
||||
-->
|
||||
<listener>
|
||||
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
|
||||
</listener>
|
||||
|
||||
<login-config>
|
||||
<auth-method>BASIC</auth-method>
|
||||
<realm-name>Preauth Realm</realm-name>
|
||||
</login-config>
|
||||
<login-config>
|
||||
<auth-method>BASIC</auth-method>
|
||||
<realm-name>Preauth Realm</realm-name>
|
||||
</login-config>
|
||||
|
||||
<security-role>
|
||||
<role-name>ROLE_USER</role-name>
|
||||
</security-role>
|
||||
<security-role>
|
||||
<role-name>ROLE_SUPERVISOR</role-name>
|
||||
</security-role>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>All areas</web-resource-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>ROLE_USER</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-role>
|
||||
<role-name>ROLE_USER</role-name>
|
||||
</security-role>
|
||||
<security-role>
|
||||
<role-name>ROLE_SUPERVISOR</role-name>
|
||||
</security-role>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>All areas</web-resource-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>ROLE_USER</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
|
||||
</web-app>
|
||||
|
||||
Reference in New Issue
Block a user