applicationContext-acegi-security.xml
<?
xml version="1.0" encoding="UTF-8"
?>
<!
DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"
>
<!--
- A simple "base bones" Acegi Security configuration.
-
- The sample includes the "popular" features that people tend to use.
- Specifically, form authentication, remember-me, and anonymous processing.
- Other features aren't setup, as these can be added later by inserting
- the relevant XML fragments as specified in the Reference Guide.
-
- To assist new users, the filters specified in the FilterChainProxy are
- declared in the application context in the same order. Collaborators
- required by those filters are placed at the end of the file.
-
- $Id: applicationContext-acegi-security.xml,v 1.2 2007/04/06 10:16:01 zhangxiaofeng Exp $
-->
<
beans
>
<
bean
id
="filterChainProxy"
class
="org.acegisecurity.util.FilterChainProxy"
>
<
property
name
="filterInvocationDefinitionSource"
>
<
value
>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</
value
>
</
property
>
</
bean
>
<
bean
id
="httpSessionContextIntegrationFilter"
class
="org.acegisecurity.context.HttpSessionContextIntegrationFilter"
/>
<
bean
id
="logoutFilter"
class
="org.acegisecurity.ui.logout.LogoutFilter"
>
<
constructor-arg
value
="https://10.100.2.12:8443/cas/logout"
/>
<!--
URL redirected to after logout
-->
<
constructor-arg
>
<
list
>
<
ref
bean
="rememberMeServices"
/>
<
bean
class
="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"
/>
</
list
>
</
constructor-arg
>
</
bean
>
<
bean
id
="authenticationProcessingFilter"
class
="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"
>
<
property
name
="authenticationManager"
>
<
ref
local
="authenticationManager"
/>
</
property
>
<
property
name
="authenticationFailureUrl"
>
<
value
>
/acegilogin.jsp?login_error=1
</
value
>
</
property
>
<
property
name
="defaultTargetUrl"
>
<
value
>
/
</
value
>
</
property
>
<
property
name
="filterProcessesUrl"
>
<
value
>
/j_acegi_security_check
</
value
>
</
property
>
</
bean
>
<
bean
id
="securityContextHolderAwareRequestFilter"
class
="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"
/>
<
bean
id
="rememberMeProcessingFilter"
class
="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter"
>
<
property
name
="authenticationManager"
ref
="authenticationManager"
/>
<
property
name
="rememberMeServices"
ref
="rememberMeServices"
/>
</
bean
>
<
bean
id
="anonymousProcessingFilter"
class
="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"
>
<
property
name
="key"
value
="changeThis"
/>
<
property
name
="userAttribute"
value
="anonymousUser,ROLE_ANONYMOUS"
/>
</
bean
>
<
bean
id
="exceptionTranslationFilter"
class
="org.acegisecurity.ui.ExceptionTranslationFilter"
>
<
property
name
="authenticationEntryPoint"
>
<
bean
id
="casProcessingFilterEntryPoint"
class
="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"
>
<
property
name
="loginFormUrl"
>
<
value
>
/index.jsp
</
value
>
</
property
>
</
bean
>
</
property
>
<
property
name
="accessDeniedHandler"
>
<
bean
class
="org.acegisecurity.ui.AccessDeniedHandlerImpl"
>
<
property
name
="errorPage"
value
="/index.jsp"
/>
</
bean
>
</
property
>
</
bean
>
<
bean
id
="filterInvocationInterceptor"
class
="org.acegisecurity.intercept.web.FilterSecurityInterceptor"
>
<
property
name
="authenticationManager"
ref
="authenticationManager"
/>
<
property
name
="accessDecisionManager"
>
<
bean
class
="org.acegisecurity.vote.AffirmativeBased"
>
<
property
name
="allowIfAllAbstainDecisions"
value
="false"
/>
<
property
name
="decisionVoters"
>
<
list
>
<
bean
class
="org.acegisecurity.vote.RoleVoter"
/>
<
bean
class
="org.acegisecurity.vote.AuthenticatedVoter"
/>
</
list
>
</
property
>
</
bean
>
</
property
>
<
property
name
="objectDefinitionSource"
>
<
value
>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/finance/index.jsp = ROLE_NORMAL
</
value
>
</
property
>
</
bean
>
<
bean
id
="rememberMeServices"
class
="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices"
>
<
property
name
="userDetailsService"
ref
="inMemoryDaoImpl"
/>
<
property
name
="key"
value
="changeThis"
/>
</
bean
>
<
bean
id
="authenticationManager"
class
="org.acegisecurity.providers.ProviderManager"
>
<
property
name
="providers"
>
<
list
>
<
ref
local
="daoAuthenticationProvider"
/>
</
list
>
</
property
>
</
bean
>
<
bean
id
="daoAuthenticationProvider"
class
="org.acegisecurity.providers.dao.DaoAuthenticationProvider"
>
<
property
name
="userDetailsService"
><
ref
bean
="inMemoryDaoImpl"
/></
property
>
</
bean
>
<
bean
id
="inMemoryDaoImpl"
class
="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"
>
<
property
name
="userMap"
>
<
value
>
admin=1234,ROLE_NORMAL
dianne=emu,ROLES_IGNORED_BY_CAS
scott=wombat,ROLES_IGNORED_BY_CAS
peter=opal,disabled,ROLES_IGNORED_BY_CAS
</
value
>
</
property
>
</
bean
>
<!--
This bean is optional; it isn't used by any other bean as it only listens and logs
-->
<
bean
id
="loggerListener"
class
="org.acegisecurity.event.authentication.LoggerListener"
/>
</
beans
>
<
context-param
>
<
param-name
>
contextConfigLocation
</
param-name
>
<
param-value
>
/WEB-INF/classes/applicationContext.xml,/WEB-INF/classes/applicationContext-finance.xml,/WEB-INF/classes/applicationContext-acegi-security.xml
</
param-value
>
</
context-param
>
<
filter
>
<
filter-name
>
Acegi Filter Chain Proxy
</
filter-name
>
<
filter-class
>
org.acegisecurity.util.FilterToBeanProxy
</
filter-class
>
<
init-param
>
<
param-name
>
targetClass
</
param-name
>
<
param-value
>
org.acegisecurity.util.FilterChainProxy
</
param-value
>
</
init-param
>
</
filter
>
<
filter-mapping
>
<
filter-name
>
Acegi Filter Chain Proxy
</
filter-name
>
<
url-pattern
>
/*
</
url-pattern
>
</
filter-mapping
>
<?
xml version="1.0" encoding="UTF-8"
?>
<!
DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"
>
<!--
- A simple "base bones" Acegi Security configuration. - - The sample includes the "popular" features that people tend to use. - Specifically, form authentication, remember-me, and anonymous processing. - Other features aren't setup, as these can be added later by inserting - the relevant XML fragments as specified in the Reference Guide. - - To assist new users, the filters specified in the FilterChainProxy are - declared in the application context in the same order. Collaborators - required by those filters are placed at the end of the file. - - $Id: applicationContext-acegi-security.xml,v 1.2 2007/04/06 10:16:01 zhangxiaofeng Exp $
-->
<
beans
>
<
bean
id
="filterChainProxy"
class
="org.acegisecurity.util.FilterChainProxy"
>
<
property
name
="filterInvocationDefinitionSource"
>
<
value
>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</
value
>
</
property
>
</
bean
>
<
bean
id
="httpSessionContextIntegrationFilter"
class
="org.acegisecurity.context.HttpSessionContextIntegrationFilter"
/>
<
bean
id
="logoutFilter"
class
="org.acegisecurity.ui.logout.LogoutFilter"
>
<
constructor-arg
value
="https://10.100.2.12:8443/cas/logout"
/>
<!--
URL redirected to after logout
-->
<
constructor-arg
>
<
list
>
<
ref
bean
="rememberMeServices"
/>
<
bean
class
="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"
/>
</
list
>
</
constructor-arg
>
</
bean
>
<
bean
id
="authenticationProcessingFilter"
class
="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"
>
<
property
name
="authenticationManager"
>
<
ref
local
="authenticationManager"
/>
</
property
>
<
property
name
="authenticationFailureUrl"
>
<
value
>
/acegilogin.jsp?login_error=1
</
value
>
</
property
>
<
property
name
="defaultTargetUrl"
>
<
value
>
/
</
value
>
</
property
>
<
property
name
="filterProcessesUrl"
>
<
value
>
/j_acegi_security_check
</
value
>
</
property
>
</
bean
>
<
bean
id
="securityContextHolderAwareRequestFilter"
class
="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"
/>
<
bean
id
="rememberMeProcessingFilter"
class
="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter"
>
<
property
name
="authenticationManager"
ref
="authenticationManager"
/>
<
property
name
="rememberMeServices"
ref
="rememberMeServices"
/>
</
bean
>
<
bean
id
="anonymousProcessingFilter"
class
="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"
>
<
property
name
="key"
value
="changeThis"
/>
<
property
name
="userAttribute"
value
="anonymousUser,ROLE_ANONYMOUS"
/>
</
bean
>
<
bean
id
="exceptionTranslationFilter"
class
="org.acegisecurity.ui.ExceptionTranslationFilter"
>
<
property
name
="authenticationEntryPoint"
>
<
bean
id
="casProcessingFilterEntryPoint"
class
="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"
>
<
property
name
="loginFormUrl"
>
<
value
>
/index.jsp
</
value
>
</
property
>
</
bean
>
</
property
>
<
property
name
="accessDeniedHandler"
>
<
bean
class
="org.acegisecurity.ui.AccessDeniedHandlerImpl"
>
<
property
name
="errorPage"
value
="/index.jsp"
/>
</
bean
>
</
property
>
</
bean
>
<
bean
id
="filterInvocationInterceptor"
class
="org.acegisecurity.intercept.web.FilterSecurityInterceptor"
>
<
property
name
="authenticationManager"
ref
="authenticationManager"
/>
<
property
name
="accessDecisionManager"
>
<
bean
class
="org.acegisecurity.vote.AffirmativeBased"
>
<
property
name
="allowIfAllAbstainDecisions"
value
="false"
/>
<
property
name
="decisionVoters"
>
<
list
>
<
bean
class
="org.acegisecurity.vote.RoleVoter"
/>
<
bean
class
="org.acegisecurity.vote.AuthenticatedVoter"
/>
</
list
>
</
property
>
</
bean
>
</
property
>
<
property
name
="objectDefinitionSource"
>
<
value
>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /finance/index.jsp = ROLE_NORMAL
</
value
>
</
property
>
</
bean
>
<
bean
id
="rememberMeServices"
class
="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices"
>
<
property
name
="userDetailsService"
ref
="inMemoryDaoImpl"
/>
<
property
name
="key"
value
="changeThis"
/>
</
bean
>
<
bean
id
="authenticationManager"
class
="org.acegisecurity.providers.ProviderManager"
>
<
property
name
="providers"
>
<
list
>
<
ref
local
="daoAuthenticationProvider"
/>
</
list
>
</
property
>
</
bean
>
<
bean
id
="daoAuthenticationProvider"
class
="org.acegisecurity.providers.dao.DaoAuthenticationProvider"
>
<
property
name
="userDetailsService"
><
ref
bean
="inMemoryDaoImpl"
/></
property
>
</
bean
>
<
bean
id
="inMemoryDaoImpl"
class
="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"
>
<
property
name
="userMap"
>
<
value
>
admin=1234,ROLE_NORMAL dianne=emu,ROLES_IGNORED_BY_CAS scott=wombat,ROLES_IGNORED_BY_CAS peter=opal,disabled,ROLES_IGNORED_BY_CAS
</
value
>
</
property
>
</
bean
>
<!--
This bean is optional; it isn't used by any other bean as it only listens and logs
-->
<
bean
id
="loggerListener"
class
="org.acegisecurity.event.authentication.LoggerListener"
/>
</
beans
>
web.xml
<
context-param
>
<
param-name
>
contextConfigLocation
</
param-name
>
<
param-value
>
/WEB-INF/classes/applicationContext.xml,/WEB-INF/classes/applicationContext-finance.xml,/WEB-INF/classes/applicationContext-acegi-security.xml
</
param-value
>
</
context-param
>
<
filter
>
<
filter-name
>
Acegi Filter Chain Proxy
</
filter-name
>
<
filter-class
>
org.acegisecurity.util.FilterToBeanProxy
</
filter-class
>
<
init-param
>
<
param-name
>
targetClass
</
param-name
>
<
param-value
>
org.acegisecurity.util.FilterChainProxy
</
param-value
>
</
init-param
>
</
filter
>
<
filter-mapping
>
<
filter-name
>
Acegi Filter Chain Proxy
</
filter-name
>
<
url-pattern
>
/*
</
url-pattern
>
</
filter-mapping
>
506
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
