Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

Untitled

By: a guest on Mar 19th, 2013  |  syntax: XML  |  size: 4.23 KB  |  views: 24  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. <?xml version="1.0" encoding="ISO-8859-1"?>
  2.  
  3. <beans:beans
  4.         xmlns="http://www.springframework.org/schema/security"
  5.    xmlns:beans="http://www.springframework.org/schema/beans"
  6.    xmlns:util="http://www.springframework.org/schema/util"
  7.    xmlns:p="http://www.springframework.org/schema/p"  
  8.    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  9.    xsi:schemaLocation=
  10.         "http://www.springframework.org/schema/beans
  11.         http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
  12.                 http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd
  13.                 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
  14.  
  15.     <beans:bean id="accessDeniedHandler" class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
  16.                 <beans:property name="errorPage" value="/login.xhtml"/>
  17.         </beans:bean>
  18.        
  19.         <beans:bean id="roleHierarchy"  class="org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl">
  20.                 <beans:property name="hierarchy">
  21.                         <beans:value>
  22.                                 SYS_ADMIN > AUDITOR
  23.                                 AUDITOR > GERENTE
  24.                                 GERENTE > JEFE_PROYECTO
  25.                                 JEFE_PROYECTO > COLABORADOR
  26.                                 COLABORADOR > JEFE_ALMACEN
  27.                                 JEFE_ALMACEN > USUARIO
  28.                         </beans:value>
  29.                 </beans:property>
  30.         </beans:bean>
  31.        
  32.         <beans:bean id="roleHierarchyVoter" class="org.springframework.security.access.vote.RoleHierarchyVoter">
  33.                 <beans:constructor-arg ref="roleHierarchy" />
  34.                 <beans:property name="rolePrefix" value="" />
  35.     </beans:bean>
  36.  
  37.         <beans:bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
  38.        <beans:constructor-arg>
  39.            <beans:list>
  40.                 <beans:ref bean="roleHierarchyVoter"/>
  41.            </beans:list>
  42.        </beans:constructor-arg>
  43.     </beans:bean>
  44.  
  45.         <beans:bean id="securityMetadataSource" class="com.indra.contratos.application.security.InterceptorApplicationService"/>
  46.        
  47.         <beans:bean class="com.indra.contratos.application.security.FilterInvocationSecurityMetadataSourcePostProcessor">
  48.             <beans:property name="securityMetadataSource">
  49.                 <beans:bean class="com.indra.contratos.application.security.InterceptorApplicationService"/>
  50.             </beans:property>
  51.         </beans:bean>
  52.        
  53.         <http pattern="/pages/accessDenied.xhtml" security="none"/>
  54.         <http pattern="/login.xhtml" security="none"/>
  55.         <http pattern="/l/" security="none"/>
  56.         <http pattern="/resources/**" security="none"/>
  57.         <http pattern="/javax.faces.resource/**" security="none"/>
  58.        
  59.     <http auto-config="false"
  60.         entry-point-ref="authenticationEntryPoint"
  61.                 access-decision-manager-ref="accessDecisionManager"
  62.                 authentication-manager-ref="authenticationManager"
  63.         >
  64.        
  65.         <custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter" />
  66.  
  67.                 <access-denied-handler ref="accessDeniedHandler"/>
  68.                
  69.         <session-management session-authentication-strategy-ref="sas" />
  70.  
  71.     </http>
  72.    
  73.     <beans:bean id="authenticationEntryPoint"  
  74.        class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"
  75.        p:loginFormUrl="/login.xhtml" />
  76.    
  77.     <beans:bean id="concurrencyFilter"
  78.                 class="org.springframework.security.web.session.ConcurrentSessionFilter">
  79.                 <beans:property name="sessionRegistry" ref="sessionRegistry" />
  80.                 <beans:property name="expiredUrl" value="/login.xhtml" />
  81.         </beans:bean>
  82.    
  83.     <beans:bean id="sas"
  84.        class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
  85.                 <beans:constructor-arg name="sessionRegistry" ref="sessionRegistry" />
  86.                 <beans:property name="maximumSessions" value="1" />
  87.         </beans:bean>
  88.        
  89.         <beans:bean id="sessionRegistry"
  90.             class="org.springframework.security.core.session.SessionRegistryImpl" />
  91.  
  92.         <beans:bean id="passwordEncoder"
  93.             class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" />
  94.        
  95.     <authentication-manager id="authenticationManager" alias="authenticationManager" >
  96.         <authentication-provider>
  97.             <user-service>
  98.               <user  name="admin" password="secret" authorities="SYS_ADMIN, USUARIO"/>
  99.             </user-service>
  100.           </authentication-provider>
  101.     </authentication-manager>
  102. </beans:beans>