This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener). These URLs were unable to be fixed. Please review them to see if they can be manually resolved. * [ ] http://luke.taylor.openid.cn/ (200) with 1 occurrences could not be migrated: ([https](https://luke.taylor.openid.cn/) result SSLHandshakeException). These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended. * [ ] http://jetty.mortbay.org/configure.dtd (ConnectTimeoutException) with 1 occurrences migrated to: https://jetty.mortbay.org/configure.dtd ([https](https://jetty.mortbay.org/configure.dtd) result ConnectTimeoutException). * [ ] http://axschema.org/contact/email (UnknownHostException) with 2 occurrences migrated to: https://axschema.org/contact/email ([https](https://axschema.org/contact/email) result UnknownHostException). * [ ] http://axschema.org/namePerson (UnknownHostException) with 1 occurrences migrated to: https://axschema.org/namePerson ([https](https://axschema.org/namePerson) result UnknownHostException). * [ ] http://axschema.org/namePerson/first (UnknownHostException) with 1 occurrences migrated to: https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first) result UnknownHostException). * [ ] http://axschema.org/namePerson/last (UnknownHostException) with 1 occurrences migrated to: https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last) result UnknownHostException). * [ ] http://luke.taylor.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to: https://luke.taylor.myopenid.com/ ([https](https://luke.taylor.myopenid.com/) result UnknownHostException). * [ ] http://schema.openid.net/contact/email (UnknownHostException) with 1 occurrences migrated to: https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email) result UnknownHostException). * [ ] http://schema.openid.net/namePerson (UnknownHostException) with 1 occurrences migrated to: https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson) result UnknownHostException). * [ ] http://spring.security.test.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to: https://spring.security.test.myopenid.com/ ([https](https://spring.security.test.myopenid.com/) result UnknownHostException). * [ ] http://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng (404) with 1 occurrences migrated to: https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng ([https](https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng) result 404). * [ ] http://www.puppycrawl.com/dtds/configuration_1_3.dtd (404) with 1 occurrences migrated to: https://www.puppycrawl.com/dtds/configuration_1_3.dtd ([https](https://www.puppycrawl.com/dtds/configuration_1_3.dtd) result 404). * [ ] http://www.puppycrawl.com/dtds/suppressions_1_1.dtd (404) with 1 occurrences migrated to: https://www.puppycrawl.com/dtds/suppressions_1_1.dtd ([https](https://www.puppycrawl.com/dtds/suppressions_1_1.dtd) result 404). * [ ] http://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller (404) with 1 occurrences migrated to: https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller ([https](https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller) result 404). * [ ] http://www.springframework.org/schema/config/spring-config-2.5.xsd (404) with 1 occurrences migrated to: https://www.springframework.org/schema/config/spring-config-2.5.xsd ([https](https://www.springframework.org/schema/config/spring-config-2.5.xsd) result 404). * [ ] http://www.springframework.org/schema/webflow-config/spring-webflow-config-2.0.xsd (404) with 1 occurrences migrated to: https://www.springframework.org/schema/webflow-config/spring-webflow-config-2.0.xsd ([https](https://www.springframework.org/schema/webflow-config/spring-webflow-config-2.0.xsd) result 404). * [ ] http://www.springframework.org/schema/webflow/spring-webflow-2.0.xsd (404) with 1 occurrences migrated to: https://www.springframework.org/schema/webflow/spring-webflow-2.0.xsd ([https](https://www.springframework.org/schema/webflow/spring-webflow-2.0.xsd) result 404). These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended. * [ ] http://maven.apache.org/xsd/maven-4.0.0.xsd with 52 occurrences migrated to: https://maven.apache.org/xsd/maven-4.0.0.xsd ([https](https://maven.apache.org/xsd/maven-4.0.0.xsd) result 200). * [ ] http://raykrueger.blogspot.com/ with 1 occurrences migrated to: https://raykrueger.blogspot.com/ ([https](https://raykrueger.blogspot.com/) result 200). * [ ] http://www.infoq.com/presentations/code-organization-large-projects with 1 occurrences migrated to: https://www.infoq.com/presentations/code-organization-large-projects ([https](https://www.infoq.com/presentations/code-organization-large-projects) result 200). * [ ] http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd with 1 occurrences migrated to: https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd ([https](https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd) result 200). * [ ] http://www.springframework.org/dtd/spring-beans.dtd with 5 occurrences migrated to: https://www.springframework.org/dtd/spring-beans.dtd ([https](https://www.springframework.org/dtd/spring-beans.dtd) result 200). * [ ] http://www.springframework.org/schema/aop/spring-aop-3.0.xsd with 7 occurrences migrated to: https://www.springframework.org/schema/aop/spring-aop-3.0.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.0.xsd) result 200). * [ ] http://www.springframework.org/schema/aop/spring-aop-3.2.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/aop/spring-aop-3.2.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.2.xsd) result 200). * [ ] http://www.springframework.org/schema/aop/spring-aop.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/aop/spring-aop.xsd ([https](https://www.springframework.org/schema/aop/spring-aop.xsd) result 200). * [ ] http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 46 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd) result 200). * [ ] http://www.springframework.org/schema/beans/spring-beans-3.1.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans-3.1.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.1.xsd) result 200). * [ ] http://www.springframework.org/schema/beans/spring-beans-3.2.xsd with 2 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans-3.2.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.2.xsd) result 200). * [ ] http://www.springframework.org/schema/beans/spring-beans-4.1.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans-4.1.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-4.1.xsd) result 200). * [ ] http://www.springframework.org/schema/beans/spring-beans.xsd with 9 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd) result 200). * [ ] http://www.springframework.org/schema/context/spring-context-3.0.xsd with 6 occurrences migrated to: https://www.springframework.org/schema/context/spring-context-3.0.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.0.xsd) result 200). * [ ] http://www.springframework.org/schema/context/spring-context-3.1.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/context/spring-context-3.1.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.1.xsd) result 200). * [ ] http://www.springframework.org/schema/context/spring-context-3.2.xsd with 2 occurrences migrated to: https://www.springframework.org/schema/context/spring-context-3.2.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.2.xsd) result 200). * [ ] http://www.springframework.org/schema/context/spring-context.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/context/spring-context.xsd ([https](https://www.springframework.org/schema/context/spring-context.xsd) result 200). * [ ] http://www.springframework.org/schema/data/jpa/spring-jpa.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/data/jpa/spring-jpa.xsd ([https](https://www.springframework.org/schema/data/jpa/spring-jpa.xsd) result 200). * [ ] http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd ([https](https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd) result 200). * [ ] http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd) result 200). * [ ] http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd with 2 occurrences migrated to: https://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd) result 200). * [ ] http://www.springframework.org/schema/security/spring-security-2.0.1.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/security/spring-security-2.0.1.xsd ([https](https://www.springframework.org/schema/security/spring-security-2.0.1.xsd) result 200). * [ ] http://www.springframework.org/schema/security/spring-security-2.0.2.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/security/spring-security-2.0.2.xsd ([https](https://www.springframework.org/schema/security/spring-security-2.0.2.xsd) result 200). * [ ] http://www.springframework.org/schema/security/spring-security-2.0.xsd with 5 occurrences migrated to: https://www.springframework.org/schema/security/spring-security-2.0.xsd ([https](https://www.springframework.org/schema/security/spring-security-2.0.xsd) result 200). * [ ] http://www.springframework.org/schema/security/spring-security-3.0.xsd with 2 occurrences migrated to: https://www.springframework.org/schema/security/spring-security-3.0.xsd ([https](https://www.springframework.org/schema/security/spring-security-3.0.xsd) result 200). * [ ] http://www.springframework.org/schema/security/spring-security-3.2.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/security/spring-security-3.2.xsd ([https](https://www.springframework.org/schema/security/spring-security-3.2.xsd) result 200). * [ ] http://www.springframework.org/schema/security/spring-security.xsd with 33 occurrences migrated to: https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd) result 200). * [ ] http://www.springframework.org/schema/tx/spring-tx-3.0.xsd with 3 occurrences migrated to: https://www.springframework.org/schema/tx/spring-tx-3.0.xsd ([https](https://www.springframework.org/schema/tx/spring-tx-3.0.xsd) result 200). * [ ] http://www.springframework.org/schema/tx/spring-tx-3.2.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/tx/spring-tx-3.2.xsd ([https](https://www.springframework.org/schema/tx/spring-tx-3.2.xsd) result 200). * [ ] http://www.springframework.org/schema/tx/spring-tx.xsd with 2 occurrences migrated to: https://www.springframework.org/schema/tx/spring-tx.xsd ([https](https://www.springframework.org/schema/tx/spring-tx.xsd) result 200). * [ ] http://www.springframework.org/schema/util/spring-util-2.5.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/util/spring-util-2.5.xsd ([https](https://www.springframework.org/schema/util/spring-util-2.5.xsd) result 200). * [ ] http://www.springframework.org/schema/util/spring-util-3.0.xsd with 6 occurrences migrated to: https://www.springframework.org/schema/util/spring-util-3.0.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.0.xsd) result 200). * [ ] http://www.springframework.org/schema/util/spring-util-3.1.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/util/spring-util-3.1.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.1.xsd) result 200). * [ ] http://www.springframework.org/schema/util/spring-util.xsd with 2 occurrences migrated to: https://www.springframework.org/schema/util/spring-util.xsd ([https](https://www.springframework.org/schema/util/spring-util.xsd) result 200). * [ ] http://www.headwaysoftware.com with 1 occurrences migrated to: https://www.headwaysoftware.com ([https](https://www.headwaysoftware.com) result 301). * [ ] http://java.sun.com/dtd/web-app_2_3.dtd with 2 occurrences migrated to: https://java.sun.com/dtd/web-app_2_3.dtd ([https](https://java.sun.com/dtd/web-app_2_3.dtd) result 302). * [ ] http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd with 2 occurrences migrated to: https://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd ([https](https://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd) result 302). * [ ] http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 10 occurrences migrated to: https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd) result 302). * [ ] http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to: https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd) result 302). * [ ] http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd with 1 occurrences migrated to: https://java.sun.com/xml/ns/persistence/persistence_1_0.xsd ([https](https://java.sun.com/xml/ns/persistence/persistence_1_0.xsd) result 302). These URLs were intentionally ignored. * http://appengine.google.com/ns/1.0 with 1 occurrences * http://docbook.org/ns/docbook with 1 occurrences * http://jakarta.apache.org/log4j/ with 1 occurrences * http://java.sun.com/xml/ns/j2ee with 4 occurrences * http://java.sun.com/xml/ns/javaee with 22 occurrences * http://java.sun.com/xml/ns/persistence with 2 occurrences * http://maven.apache.org/POM/4.0.0 with 104 occurrences * http://somehost/someUrl with 1 occurrences * http://www.springframework.org/schema/aop with 18 occurrences * http://www.springframework.org/schema/beans with 118 occurrences * http://www.springframework.org/schema/c with 6 occurrences * http://www.springframework.org/schema/config with 2 occurrences * http://www.springframework.org/schema/context with 20 occurrences * http://www.springframework.org/schema/data/jpa with 2 occurrences * http://www.springframework.org/schema/jdbc with 2 occurrences * http://www.springframework.org/schema/mvc with 6 occurrences * http://www.springframework.org/schema/p with 12 occurrences * http://www.springframework.org/schema/security with 86 occurrences * http://www.springframework.org/schema/tx with 14 occurrences * http://www.springframework.org/schema/util with 20 occurrences * http://www.springframework.org/schema/webflow with 2 occurrences * http://www.springframework.org/schema/webflow-config with 2 occurrences * http://www.w3.org/1999/xlink with 1 occurrences * http://www.w3.org/2001/XMLSchema-instance with 126 occurrences Fixes gh-6651
246 lines
11 KiB
XML
Executable File
246 lines
11 KiB
XML
Executable File
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<!--
|
|
- Application context representing the application WITH security services.
|
|
-
|
|
-->
|
|
|
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
xmlns:s="http://www.springframework.org/schema/security"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
|
http://www.springframework.org/schema/security https://www.springframework.org/schema/security/spring-security.xsd">
|
|
|
|
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
|
|
<property name="dataSource" ref="dataSource"/>
|
|
</bean>
|
|
|
|
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
|
|
<property name="driverClassName" value="org.hsqldb.jdbcDriver"/>
|
|
<property name="url" value="jdbc:hsqldb:mem:securedms"/>
|
|
<property name="username" value="sa"/>
|
|
<property name="password" value=""/>
|
|
</bean>
|
|
|
|
<bean id="transactionInterceptor" class="org.springframework.transaction.interceptor.TransactionInterceptor">
|
|
<property name="transactionAttributeSource">
|
|
<value>
|
|
sample.dms.secured.SecureDocumentDao.*=PROPAGATION_REQUIRED
|
|
sample.dms.DocumentDao.*=PROPAGATION_REQUIRED
|
|
org.springframework.security.acls.model.AclService.*=PROPAGATION_REQUIRED
|
|
org.springframework.security.acls.model.MutableAclService.*=PROPAGATION_REQUIRED
|
|
org.springframework.security.acls.jdbc.JdbcMutableAclService.*=PROPAGATION_REQUIRED
|
|
org.springframework.security.acls.jdbc.JdbcAclService.*=PROPAGATION_REQUIRED
|
|
</value>
|
|
</property>
|
|
<property name="transactionManager" ref="transactionManager" />
|
|
</bean>
|
|
|
|
<bean id="documentDao" class="sample.dms.secured.SecureDocumentDaoImpl">
|
|
<constructor-arg ref="aclService"/>
|
|
<property name="dataSource" ref="dataSource"/>
|
|
</bean>
|
|
|
|
<bean id="dataSourcePopulator" class="sample.dms.secured.SecureDataSourcePopulator">
|
|
<constructor-arg ref="dataSource"/>
|
|
<constructor-arg ref="documentDao"/>
|
|
<constructor-arg ref="aclService"/>
|
|
</bean>
|
|
|
|
<!-- =================================== SECURITY DEFINITION BEANS ======================================== -->
|
|
|
|
<!-- ======================== AUTHENTICATION (note there is no UI and this is for integration tests only) ======================= -->
|
|
|
|
<s:authentication-manager alias="authenticationManager">
|
|
<s:authentication-provider ref="daoAuthenticationProvider"/>
|
|
</s:authentication-manager>
|
|
|
|
|
|
<bean id="jdbcDaoImpl" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
|
|
<property name="dataSource" ref="dataSource"/>
|
|
</bean>
|
|
|
|
<bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
|
|
<property name="userDetailsService" ref="jdbcDaoImpl"/>
|
|
<property name="userCache" ref="userCache"/>
|
|
<property name="passwordEncoder">
|
|
<bean class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
|
|
</property>
|
|
</bean>
|
|
|
|
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
|
|
|
|
<bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
|
|
<property name="cacheManager" ref="cacheManager"/>
|
|
<property name="cacheName" value="userCache"/>
|
|
</bean>
|
|
|
|
<bean id="userCache" class="org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache">
|
|
<property name="cache" ref="userCacheBackend"/>
|
|
</bean>
|
|
|
|
<!-- Automatically receives AuthenticationEvent messages -->
|
|
<bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/>
|
|
|
|
<!-- ========================= "BEFORE INVOCATION" AUTHORIZATION DEFINITIONS ============================== -->
|
|
|
|
<!-- ACL permission masks used by this application -->
|
|
<bean id="org.springframework.security.acls.domain.BasePermission.ADMINISTRATION" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
|
|
<property name="staticField" value="org.springframework.security.acls.domain.BasePermission.ADMINISTRATION"/>
|
|
</bean>
|
|
<bean id="org.springframework.security.acls.domain.BasePermission.READ" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
|
|
<property name="staticField" value="org.springframework.security.acls.domain.BasePermission.READ"/>
|
|
</bean>
|
|
<bean id="org.springframework.security.acls.domain.BasePermission.WRITE" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
|
|
<property name="staticField" value="org.springframework.security.acls.domain.BasePermission.WRITE"/>
|
|
</bean>
|
|
|
|
|
|
<!-- An access decision voter that reads ROLE_* configuration settings -->
|
|
<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter"/>
|
|
|
|
<!-- An access decision voter that reads ACL_ABSTRACT_ELEMENT_WRITE_PARENT configuration settings -->
|
|
<bean id="aclAbstractElementWriteParentVoter" class="org.springframework.security.acls.AclEntryVoter">
|
|
<constructor-arg ref="aclService"/>
|
|
<constructor-arg value="ACL_ABSTRACT_ELEMENT_WRITE_PARENT"/>
|
|
<constructor-arg>
|
|
<list>
|
|
<ref bean="org.springframework.security.acls.domain.BasePermission.ADMINISTRATION"/>
|
|
<ref bean="org.springframework.security.acls.domain.BasePermission.WRITE"/>
|
|
</list>
|
|
</constructor-arg>
|
|
<property name="processDomainObjectClass" value="sample.dms.AbstractElement"/>
|
|
<property name="internalMethod" value="getParent"/>
|
|
</bean>
|
|
|
|
<!-- An access decision voter that reads ACL_ABSTRACT_ELEMENT_WRITE configuration settings -->
|
|
<bean id="aclAbstractElementWriteVoter" class="org.springframework.security.acls.AclEntryVoter">
|
|
<constructor-arg ref="aclService"/>
|
|
<constructor-arg value="ACL_ABSTRACT_ELEMENT_WRITE"/>
|
|
<constructor-arg>
|
|
<list>
|
|
<ref bean="org.springframework.security.acls.domain.BasePermission.ADMINISTRATION"/>
|
|
<ref bean="org.springframework.security.acls.domain.BasePermission.WRITE"/>
|
|
</list>
|
|
</constructor-arg>
|
|
<property name="processDomainObjectClass" value="sample.dms.AbstractElement"/>
|
|
</bean>
|
|
|
|
<!-- An access decision manager used by the business objects -->
|
|
<bean id="businessAccessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
|
|
<constructor-arg>
|
|
<list>
|
|
<ref bean="roleVoter"/>
|
|
<ref bean="aclAbstractElementWriteParentVoter"/>
|
|
<ref bean="aclAbstractElementWriteVoter"/>
|
|
</list>
|
|
</constructor-arg>
|
|
<property name="allowIfAllAbstainDecisions" value="true"/>
|
|
</bean>
|
|
|
|
<!-- ========= ACCESS CONTROL LIST LOOKUP MANAGER DEFINITIONS ========= -->
|
|
|
|
<bean id="aclCache" class="org.springframework.security.acls.domain.EhCacheBasedAclCache">
|
|
<constructor-arg>
|
|
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
|
|
<property name="cacheManager" ref="cacheManager"/>
|
|
<property name="cacheName" value="aclCache"/>
|
|
</bean>
|
|
</constructor-arg>
|
|
<constructor-arg>
|
|
<bean class="org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy">
|
|
<constructor-arg>
|
|
<bean class="org.springframework.security.acls.domain.ConsoleAuditLogger"/>
|
|
</constructor-arg>
|
|
</bean>
|
|
</constructor-arg>
|
|
<constructor-arg>
|
|
<bean class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
|
|
<constructor-arg>
|
|
<list>
|
|
<bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
|
|
<constructor-arg value="ROLE_ACL_ADMIN"/>
|
|
</bean>
|
|
</list>
|
|
</constructor-arg>
|
|
</bean>
|
|
</constructor-arg>
|
|
</bean>
|
|
|
|
<bean id="lookupStrategy" class="org.springframework.security.acls.jdbc.BasicLookupStrategy">
|
|
<constructor-arg ref="dataSource"/>
|
|
<constructor-arg ref="aclCache"/>
|
|
<constructor-arg ref="aclAuthorizationStrategy"/>
|
|
<constructor-arg>
|
|
<bean class="org.springframework.security.acls.domain.ConsoleAuditLogger"/>
|
|
</constructor-arg>
|
|
</bean>
|
|
|
|
<bean id="aclAuthorizationStrategy" class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
|
|
<constructor-arg>
|
|
<list>
|
|
<bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
|
|
<constructor-arg value="ROLE_ADMINISTRATOR"/>
|
|
</bean>
|
|
<bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
|
|
<constructor-arg value="ROLE_ADMINISTRATOR"/>
|
|
</bean>
|
|
<bean class="org.springframework.security.core.authority.SimpleGrantedAuthority">
|
|
<constructor-arg value="ROLE_ADMINISTRATOR"/>
|
|
</bean>
|
|
</list>
|
|
</constructor-arg>
|
|
</bean>
|
|
|
|
<bean id="aclService" class="org.springframework.security.acls.jdbc.JdbcMutableAclService">
|
|
<constructor-arg ref="dataSource"/>
|
|
<constructor-arg ref="lookupStrategy"/>
|
|
<constructor-arg ref="aclCache"/>
|
|
</bean>
|
|
|
|
<!-- ============== "AFTER INTERCEPTION" AUTHORIZATION DEFINITIONS =========== -->
|
|
|
|
<bean id="afterInvocationManager" class="org.springframework.security.access.intercept.AfterInvocationProviderManager">
|
|
<property name="providers">
|
|
<list>
|
|
<ref bean="afterAclCollectionRead"/>
|
|
</list>
|
|
</property>
|
|
</bean>
|
|
|
|
<!-- Processes AFTER_ACL_COLLECTION_READ configuration settings -->
|
|
<bean id="afterAclCollectionRead" class="org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider">
|
|
<constructor-arg ref="aclService"/>
|
|
<constructor-arg>
|
|
<list>
|
|
<ref bean="org.springframework.security.acls.domain.BasePermission.ADMINISTRATION"/>
|
|
<ref bean="org.springframework.security.acls.domain.BasePermission.READ"/>
|
|
</list>
|
|
</constructor-arg>
|
|
</bean>
|
|
|
|
<!-- ================= METHOD INVOCATION AUTHORIZATION ==================== -->
|
|
|
|
<bean id="methodSecurityAdvisor" class="org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor">
|
|
<constructor-arg value="methodSecurityInterceptor" />
|
|
<constructor-arg ref="msmds" />
|
|
<constructor-arg value="msmds" />
|
|
</bean>
|
|
|
|
<bean id="methodSecurityInterceptor" class="org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor">
|
|
<property name="authenticationManager" ref="authenticationManager"/>
|
|
<property name="accessDecisionManager" ref="businessAccessDecisionManager"/>
|
|
<property name="afterInvocationManager" ref="afterInvocationManager"/>
|
|
<property name="securityMetadataSource" ref="msmds" />
|
|
</bean>
|
|
|
|
<s:method-security-metadata-source id="msmds">
|
|
<s:protect method="sample.dms.DocumentDao.create" access="ACL_ABSTRACT_ELEMENT_WRITE_PARENT" />
|
|
<s:protect method="sample.dms.DocumentDao.delete" access="ACL_ABSTRACT_ELEMENT_WRITE" />
|
|
<s:protect method="sample.dms.DocumentDao.update" access="ACL_ABSTRACT_ELEMENT_WRITE" />
|
|
<s:protect method="sample.dms.DocumentDao.findElements" access="AFTER_ACL_COLLECTION_READ" />
|
|
<s:protect method="sample.dms.secured.SecureDocumentDao.getUsers" access="ROLE_USER" />
|
|
</s:method-security-metadata-source>
|
|
|
|
</beans>
|