<?xml version="1.0" encoding="ISO-8859-1"?>
<beans:beans
xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=
"http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<beans:bean id="accessDeniedHandler" class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
<beans:property name="errorPage" value="/login.xhtml"/>
</beans:bean>
<beans:bean id="roleHierarchy" class="org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl">
<beans:property name="hierarchy">
<beans:value>
SYS_ADMIN > AUDITOR
AUDITOR > GERENTE
GERENTE > JEFE_PROYECTO
JEFE_PROYECTO > COLABORADOR
COLABORADOR > JEFE_ALMACEN
JEFE_ALMACEN > USUARIO
</beans:value>
</beans:property>
</beans:bean>
<beans:bean id="roleHierarchyVoter" class="org.springframework.security.access.vote.RoleHierarchyVoter">
<beans:constructor-arg ref="roleHierarchy" />
<beans:property name="rolePrefix" value="" />
</beans:bean>
<beans:bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
<beans:constructor-arg>
<beans:list>
<beans:ref bean="roleHierarchyVoter"/>
</beans:list>
</beans:constructor-arg>
</beans:bean>
<beans:bean id="securityMetadataSource" class="com.indra.contratos.application.security.InterceptorApplicationService"/>
<beans:bean class="com.indra.contratos.application.security.FilterInvocationSecurityMetadataSourcePostProcessor">
<beans:property name="securityMetadataSource">
<beans:bean class="com.indra.contratos.application.security.InterceptorApplicationService"/>
</beans:property>
</beans:bean>
<http pattern="/pages/accessDenied.xhtml" security="none"/>
<http pattern="/login.xhtml" security="none"/>
<http pattern="/l/" security="none"/>
<http pattern="/resources/**" security="none"/>
<http pattern="/javax.faces.resource/**" security="none"/>
<http auto-config="false"
entry-point-ref="authenticationEntryPoint"
access-decision-manager-ref="accessDecisionManager"
authentication-manager-ref="authenticationManager"
>
<custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter" />
<access-denied-handler ref="accessDeniedHandler"/>
<session-management session-authentication-strategy-ref="sas" />
</http>
<beans:bean id="authenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"
p:loginFormUrl="/login.xhtml" />
<beans:bean id="concurrencyFilter"
class="org.springframework.security.web.session.ConcurrentSessionFilter">
<beans:property name="sessionRegistry" ref="sessionRegistry" />
<beans:property name="expiredUrl" value="/login.xhtml" />
</beans:bean>
<beans:bean id="sas"
class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
<beans:constructor-arg name="sessionRegistry" ref="sessionRegistry" />
<beans:property name="maximumSessions" value="1" />
</beans:bean>
<beans:bean id="sessionRegistry"
class="org.springframework.security.core.session.SessionRegistryImpl" />
<beans:bean id="passwordEncoder"
class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" />
<authentication-manager id="authenticationManager" alias="authenticationManager" >
<authentication-provider>
<user-service>
<user name="admin" password="secret" authorities="SYS_ADMIN, USUARIO"/>
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>