mirror of
https://bitbucket.org/wisemapping/wisemapping-open-source.git
synced 2024-11-22 06:07:57 +01:00
Complete security filter
This commit is contained in:
parent
f2c15d100d
commit
6aadb5a363
@ -13,8 +13,6 @@
|
|||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<sec:http-firewall ref="custom-firewall"/>
|
<sec:http-firewall ref="custom-firewall"/>
|
||||||
|
|
||||||
|
|
||||||
<sec:http pattern="/static/webapp/**" security="none"/>
|
<sec:http pattern="/static/webapp/**" security="none"/>
|
||||||
<sec:http pattern="/static/mindplot/**" security="none"/>
|
<sec:http pattern="/static/mindplot/**" security="none"/>
|
||||||
<sec:http pattern="/css/**" security="none"/>
|
<sec:http pattern="/css/**" security="none"/>
|
||||||
@ -29,8 +27,6 @@
|
|||||||
<sec:http pattern="/c/maps/*/public" security="none"/>
|
<sec:http pattern="/c/maps/*/public" security="none"/>
|
||||||
<sec:http pattern="/c/restful/maps/*/document/xml-pub" security="none"/>
|
<sec:http pattern="/c/restful/maps/*/document/xml-pub" security="none"/>
|
||||||
|
|
||||||
<sec:http pattern="/c/publicview.htm" security="none"/>
|
|
||||||
<sec:http pattern="/c/embeddedview.htm" security="none"/>
|
|
||||||
<sec:http pattern="/c/termsOfUse" security="none"/>
|
<sec:http pattern="/c/termsOfUse" security="none"/>
|
||||||
<sec:http pattern="/c/activation" security="none"/>
|
<sec:http pattern="/c/activation" security="none"/>
|
||||||
|
|
||||||
@ -54,8 +50,8 @@
|
|||||||
</sec:http>
|
</sec:http>
|
||||||
|
|
||||||
<sec:http use-expressions="true" pattern="/c/**/*">
|
<sec:http use-expressions="true" pattern="/c/**/*">
|
||||||
|
<sec:csrf request-matcher-ref="requestMatcher"/>
|
||||||
<sec:intercept-url pattern="/c/login" access="hasRole('ANONYMOUS')"/>
|
<sec:intercept-url pattern="/c/login" access="hasRole('ANONYMOUS')"/>
|
||||||
<sec:intercept-url pattern="/c/logout" access="hasRole('ANONYMOUS')"/>
|
|
||||||
<sec:intercept-url pattern="/c/registration" access="hasRole('ANONYMOUS')"/>
|
<sec:intercept-url pattern="/c/registration" access="hasRole('ANONYMOUS')"/>
|
||||||
<sec:intercept-url pattern="/c/registration-success" access="hasRole('ANONYMOUS')"/>
|
<sec:intercept-url pattern="/c/registration-success" access="hasRole('ANONYMOUS')"/>
|
||||||
<sec:intercept-url pattern="/c/forgot-password" access="hasRole('ANONYMOUS')"/>
|
<sec:intercept-url pattern="/c/forgot-password" access="hasRole('ANONYMOUS')"/>
|
||||||
@ -72,10 +68,9 @@
|
|||||||
<!-- Expire in 28 days -->
|
<!-- Expire in 28 days -->
|
||||||
<sec:remember-me token-validity-seconds="2419200" remember-me-parameter="remember-me"/>
|
<sec:remember-me token-validity-seconds="2419200" remember-me-parameter="remember-me"/>
|
||||||
<sec:logout logout-url="/c/logout" invalidate-session="true" logout-success-url="/c/login"/>
|
<sec:logout logout-url="/c/logout" invalidate-session="true" logout-success-url="/c/login"/>
|
||||||
<sec:csrf request-matcher-ref="requestMatcher"/>
|
|
||||||
</sec:http>
|
</sec:http>
|
||||||
|
|
||||||
<!-- Extends CFSR check to get methods to have consistency in all errors. Otherwise, request is forward in some cases -->
|
<!-- Extends CSFR match to get methods to have consistency in all errors. Otherwise, get requests are forward in some cases -->
|
||||||
<bean id="requestMatcher"
|
<bean id="requestMatcher"
|
||||||
class="com.wisemapping.security.CSFRRequestMatcher">
|
class="com.wisemapping.security.CSFRRequestMatcher">
|
||||||
<property name="prefix" value="/c/restful/"/>
|
<property name="prefix" value="/c/restful/"/>
|
||||||
|
Loading…
Reference in New Issue
Block a user