Fixes to sample app context files
This commit is contained in:
@@ -12,13 +12,13 @@
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
|
||||
|
||||
<global-method-security prepost-annotations="enabled">
|
||||
<global-method-security pre-post-annotations="enabled">
|
||||
<!-- AspectJ pointcut expression that locates our "post" method and applies security that way
|
||||
<protect-pointcut expression="execution(* bigbank.*Service.post*(..))" access="ROLE_TELLER"/>
|
||||
-->
|
||||
</global-method-security>
|
||||
|
||||
<http auto-config="true" use-expressions="true">
|
||||
<http use-expressions="true">
|
||||
<intercept-url pattern="/secure/extreme/**" access="hasRole('ROLE_SUPERVISOR')"/>
|
||||
<intercept-url pattern="/secure/**" access="isAuthenticated()" />
|
||||
<!-- Disable web URI authorization, as we're using <global-method-security> and have @Secured the services layer instead
|
||||
@@ -26,19 +26,13 @@
|
||||
<intercept-url pattern="/post.html" access="ROLE_TELLER" />
|
||||
-->
|
||||
<intercept-url pattern="/**" access="permitAll" />
|
||||
<form-login />
|
||||
<logout />
|
||||
<remember-me />
|
||||
<!--
|
||||
Uncomment to enable X509 client authentication support
|
||||
<x509 />
|
||||
-->
|
||||
|
||||
<!-- All of this is unnecessary if auto-config="true"
|
||||
<form-login />
|
||||
<anonymous />
|
||||
<http-basic />
|
||||
<logout />
|
||||
-->
|
||||
|
||||
<!-- Uncomment to limit the number of sessions a user can have
|
||||
<concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true"/>
|
||||
-->
|
||||
|
||||
Reference in New Issue
Block a user