jamwiki xml

1. <?xml version="1.0" encoding="UTF-8"?>
2.  
3. <b:beans xmlns="http://www.springframework.org/schema/security"
4.    xmlns:b="http://www.springframework.org/schema/beans"
5.    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
6.    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
7.                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
8.  
9.  
10.     <http auto-config="false" entry-point-ref="authenticationEntryPoint">
11.  
12.         <intercept-url pattern="/**/Special:Admin" access="ROLE_SYSADMIN" />
13.         <intercept-url pattern="/**/Special:Edit" access="ROLE_EDIT_EXISTING,ROLE_EDIT_NEW" />
14.         <intercept-url pattern="/**/Special:Import" access="ROLE_IMPORT" />
15.         <intercept-url pattern="/**/Special:Login" access="IS_AUTHENTICATED_ANONYMOUSLY" />
16.         <intercept-url pattern="/**/Special:Maintenance" access="ROLE_SYSADMIN" />
17.         <intercept-url pattern="/**/Special:Manage" access="ROLE_ADMIN" />
18.         <intercept-url pattern="/**/Special:Move" access="ROLE_MOVE" />
19.         <intercept-url pattern="/**/Special:RecentChangesFeed" filters="none" />
20.         <intercept-url pattern="/**/Special:Roles" access="ROLE_SYSADMIN" />
21.         <intercept-url pattern="/**/Special:Setup" filters="none" />
22.         <intercept-url pattern="/**/Special:Translation" access="ROLE_TRANSLATE" />
23.         <intercept-url pattern="/**/Special:Upload" access="ROLE_UPLOAD" />
24.         <intercept-url pattern="/**/Special:Upgrade" filters="none" />
25.         <intercept-url pattern="/**/Special:VirtualWiki" access="ROLE_SYSADMIN" />
26.         <intercept-url pattern="/**/*.jsp" filters="none" />
27.         <intercept-url pattern="/**/*.css" filters="none" />
28.         <intercept-url pattern="/images/**" filters="none" />
29.         <intercept-url pattern="/js/**" filters="none" />
30.         <intercept-url pattern="/upload/**" filters="none" />
31.         <intercept-url pattern="/**" access="ROLE_VIEW" />
32.         <access-denied-handler ref="jamwikiAccessDeniedHandler" />
33.         <remember-me key="jam35Wiki" services-alias="_rememberMeServices" />
34.         <anonymous key="jam35Wiki" />
35.         <!-- note that the JAMWiki LoginServlet will add the appropriate logout success URL to the request during logout -->
36.         <logout />
37.         <custom-filter position="FORM_LOGIN_FILTER" ref="authenticationProcessingFilter" />
38.         <custom-filter before="EXCEPTION_TRANSLATION_FILTER" ref="jamwikiPostAuthenticationFilter" />
39.     </http>
40.  
41.  
42.     <b:bean id="authenticationProcessingFilter" class="org.jamwiki.authentication.JAMWikiAuthenticationProcessingFilter">
43.         <b:property name="authenticationManager" ref="authenticationManager" />
44.         <b:property name="authenticationFailureHandler" ref="authenticationFailureHandler" />
45.          <!--do not include virtual wiki in the url, JAMWikiAuthenticationProcessingFilter adds it-->
46.         <b:property name="filterProcessesUrl" value="/j_spring_security_check" />
47.         <b:property name="rememberMeServices" ref="_rememberMeServices" />
48.     </b:bean>
49.  
50.     <b:bean id="jamWikiAuthenticationDao" class="org.jamwiki.authentication.JAMWikiDaoImpl" />
51.     <b:bean id="jamwikiPasswordEncoder" class="org.jamwiki.authentication.JAMWikiPasswordEncoder" />
52.     <b:bean id="authenticationFailureHandler" class="org.jamwiki.authentication.JAMWikiAuthenticationFailureHandler">
53.         <!-- do not include virtual wiki in the url, JAMWikiAuthenticationFailureHandler adds it -->
54.         <b:property name="authenticationFailureUrl" value="/Special:Login?message=error.login" />
55.     </b:bean>
56.  
57.    
58.     <authentication-manager alias="authenticationManager">
59.         <authentication-provider ref="ldapAuthProvider" user-service-ref="jamWikiAuthenticationDao" />
60.     </authentication-manager>
61.     <b:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
62.         <b:constructor-arg><b:ref bean="ldapAuthenticator"/></b:constructor-arg>
63.         <b:constructor-arg><b:ref bean="ldapAuthoritiesPopulator"/></b:constructor-arg>
64.     </b:bean>
65.     <b:bean id="ldapAuthenticator" class="org.springframework.security.ldap.authentication.BindAuthenticator">
66.         <b:constructor-arg><b:ref bean="ldapContextSource"/></b:constructor-arg>
67.         <b:property name="userSearch" ref="ldapUserSearch" />
68.     </b:bean>
69.     <b:bean id="ldapAuthoritiesPopulator" class="org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator">
70.         <b:constructor-arg><b:ref bean="jamWikiAuthenticationDao"/></b:constructor-arg>
71.     </b:bean>
72.     <b:bean id="ldapContextSource" class="org.springframework.ldap.core.support.LdapContextSource">
73.         <b:property name="url" value="ldap://127.0.0.1:389" />
74.         <b:property name="userDn" value="cn=Manager,dc=stickfish,dc=net" />
75.         <b:property name="password" value="*****" />
76.         <b:property name="referral" value="follow" />
77.     </b:bean>
78.     <b:bean id="ldapUserSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
79.         <b:constructor-arg><b:value>ou=users,dc=stickfish,dc=net</b:value></b:constructor-arg>
80.         <b:constructor-arg><b:value>cn={0}</b:value></b:constructor-arg>
81.         <b:constructor-arg><b:ref bean="ldapContextSource"/></b:constructor-arg>
82.     </b:bean>
83.    
84.  
85.     <b:bean id="jamwikiErrorMessageProvider" class="org.jamwiki.authentication.JAMWikiErrorMessageProvider">
86.         <b:property name="urlPatterns">
87.             <b:map>
88.                 <b:entry key="/**/Special:Admin" value="login.message.admin" />
89.                 <b:entry key="/**/Special:Edit" value="login.message.edit" />
90.                 <b:entry key="/**/Special:Maintenance" value="login.message.admin" />
91.                 <b:entry key="/**/Special:Manage" value="login.message.admin" />
92.                 <b:entry key="/**/Special:Move" value="login.message.move" />
93.                 <b:entry key="/**/Special:Roles" value="login.message.admin" />
94.                 <b:entry key="/**/Special:Translation" value="login.message.admin" />
95.                 <b:entry key="/**/Special:VirtualWiki" value="login.message.admin" />
96.                 <b:entry key="/**/*" value="login.message.default" />
97.             </b:map>
98.         </b:property>
99.     </b:bean>
100.  
101.  
102.     <b:bean id="jamwikiAccessDeniedHandler" class="org.jamwiki.authentication.JAMWikiAccessDeniedHandler">
103.         <b:property name="errorMessageProvider" ref="jamwikiErrorMessageProvider" />
104.     </b:bean>
105.  
106.  
107.     <b:bean id="authenticationEntryPoint" class="org.jamwiki.authentication.JAMWikiAuthenticationProcessingFilterEntryPoint">
108.         <!-- do not include virtual wiki in the url, JAMWikiAuthenticationProcessingFilterEntryPoint adds it -->
109.         <b:property name="loginFormUrl" value="/Special:Login" />
110.         <!-- a PortMapper has to be configured if this is true and we are not using default ports -->
111.         <b:property name="forceHttps" value="false" />
112.         <b:property name="errorMessageProvider" ref="jamwikiErrorMessageProvider" />
113.     </b:bean>
114.  
115.     <b:bean id="jamwikiPostAuthenticationFilter" class="org.jamwiki.authentication.JAMWikiPostAuthenticationFilter">
116.         <b:property name="key" value="jam35Wiki" />
117.         <b:property name="useJAMWikiAnonymousRoles" value="true" />
118.     </b:bean>
119.  
120.  
121. </b:beans>