2012-02-12 06:55:42 +01:00
|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
|
|
|
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
|
|
xmlns:sec="http://www.springframework.org/schema/security"
|
|
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
|
|
xsi:schemaLocation="http://www.springframework.org/schema/beans
|
|
|
|
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
|
|
|
|
http://www.springframework.org/schema/security
|
|
|
|
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
|
|
|
|
|
|
|
|
<bean id="encoder"
|
|
|
|
class="com.wisemapping.security.CustomPasswordEncoder"/>
|
|
|
|
|
|
|
|
<sec:http pattern="/css/*" security="none"/>
|
|
|
|
<sec:http pattern="/js/*" security="none"/>
|
|
|
|
<sec:http pattern="/images/*" security="none"/>
|
|
|
|
<sec:http pattern="/favicon.ico" security="none"/>
|
|
|
|
<sec:http pattern="/c/login*" security="none"/>
|
|
|
|
<sec:http pattern="/c/userregistration.htm" security="none"/>
|
|
|
|
<sec:http pattern="/c/activation.htm" security="none"/>
|
|
|
|
<sec:http pattern="/c/forgotpassword.htm" security="none"/>
|
|
|
|
<sec:http pattern="/c/home.htm" security="none"/>
|
|
|
|
<sec:http pattern="/c/try.htm" security="none"/>
|
|
|
|
<sec:http pattern="/c/search.htm" security="none"/>
|
|
|
|
<sec:http pattern="/c/keyboard.htm" security="none"/>
|
|
|
|
<sec:http pattern="/c/embeddedview*" security="none"/>
|
|
|
|
<sec:http pattern="/c/export.htm" security="none"/>
|
|
|
|
<sec:http pattern="/c/publicview.htm" security="none"/>
|
|
|
|
<sec:http pattern="/dwr/engine.js" security="none"/>
|
|
|
|
|
|
|
|
<sec:http pattern="/dwr/interface/loggerservice.js" security="none"/>
|
|
|
|
<sec:http pattern="/dwr/call/plaincall/loggerservice.logerror.dwr" security="none"/>
|
|
|
|
|
|
|
|
<sec:http use-expressions="true" >
|
|
|
|
|
|
|
|
<sec:intercept-url pattern="/**/*" access="isFullyAuthenticated()"/>
|
|
|
|
<sec:form-login login-page="/c/login.htm" default-target-url='/c/mymaps.htm'
|
|
|
|
always-use-default-target='true' authentication-failure-url="/c/login.htm?login_error=2"
|
|
|
|
login-processing-url="/j_spring_security_check"/>
|
|
|
|
<sec:remember-me key="rememberMeKey" user-service-ref="userDetailsService"/>
|
|
|
|
<!--<sec:session-management session-fixation-protection="newSession">-->
|
|
|
|
<!--<sec:concurrency-control error-if-maximum-exceeded="true" max-sessions="1"/>-->
|
|
|
|
<!--</sec:session-management>-->
|
|
|
|
<sec:logout logout-url="/c/logout.htm" invalidate-session="true" logout-success-url="/c/login.htm"/>
|
|
|
|
</sec:http>
|
|
|
|
|
|
|
|
<sec:authentication-manager alias="authenticationManager" >
|
|
|
|
<sec:authentication-provider ref="dbAuthenticationProvider"/>
|
|
|
|
<sec:authentication-provider user-service-ref="userDetailsService"/>
|
|
|
|
</sec:authentication-manager>
|
|
|
|
|
|
|
|
<bean id="dbAuthenticationProvider" class="com.wisemapping.security.AuthenticationProvider">
|
|
|
|
<property name="userManager" ref="userManager"/>
|
|
|
|
<property name="encoder" ref="encoder"/>
|
|
|
|
</bean>
|
|
|
|
|
|
|
|
<bean id="userDetailsService" class="com.wisemapping.security.DatabaseUserDetailService">
|
|
|
|
<property name="userManager" ref="userManager"/>
|
|
|
|
</bean>
|
|
|
|
|
|
|
|
</beans>
|