65 lines
2.7 KiB
XML
65 lines
2.7 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<!--
|
|
- Sample namespace-based configuration
|
|
-
|
|
-->
|
|
|
|
<beans:beans xmlns="http://www.springframework.org/schema/security"
|
|
xmlns:beans="http://www.springframework.org/schema/beans"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
|
|
|
|
<debug />
|
|
|
|
<global-method-security pre-post-annotations="enabled" />
|
|
|
|
<http pattern="/static/**" security="none"/>
|
|
<http pattern="/loggedout.jsp" security="none"/>
|
|
|
|
<http use-expressions="true">
|
|
<intercept-url pattern="/secure/extreme/**" access="hasRole('supervisor')"/>
|
|
<intercept-url pattern="/secure/**" access="isAuthenticated()" />
|
|
<!--
|
|
Allow all other requests. In a real application you should
|
|
adopt a whitelisting approach where access is not allowed by default
|
|
-->
|
|
<intercept-url pattern="/**" access="permitAll" />
|
|
<form-login />
|
|
<logout logout-success-url="/loggedout.jsp" delete-cookies="JSESSIONID"/>
|
|
<remember-me />
|
|
<!--
|
|
Uncomment to enable X509 client authentication support
|
|
<x509 />
|
|
-->
|
|
<!-- Uncomment to limit the number of sessions a user can have -->
|
|
<session-management invalid-session-url="/timeout.jsp">
|
|
<concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
|
|
</session-management>
|
|
|
|
</http>
|
|
|
|
<!--
|
|
Usernames/Passwords are
|
|
rod/koala
|
|
dianne/emu
|
|
scott/wombat
|
|
peter/opal
|
|
-->
|
|
<beans:bean id="encoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder"/>
|
|
|
|
<authentication-manager>
|
|
<authentication-provider>
|
|
<password-encoder ref="encoder"/>
|
|
<user-service>
|
|
<user name="rod" password="4efe081594ce25ee4efd9f7067f7f678a347bccf2de201f3adf2a3eb544850b465b4e51cdc3fcdde" authorities="supervisor, user, teller" />
|
|
<user name="dianne" password="957ea522524a41cbfb649a3e293d56268f840fd5b661b499b07858bc020d6d223f912e3ab303b00f" authorities="user,teller" />
|
|
<user name="scott" password="fb1f9e48058d30dc21c35ab4cf895e2a80f2f03fac549b51be637196dfb6b2b7276a89c65e38b7a1" authorities="user" />
|
|
<user name="peter" password="e175750688deee19d7179d444bfaf92129f4eea8b4503d83eb8f92a7dd9cda5fbae73638c913e420" authorities="user" />
|
|
</user-service>
|
|
</authentication-provider>
|
|
</authentication-manager>
|
|
|
|
</beans:beans>
|