<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jdbc="http://www.springframework.org/schema/jdbc"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd
">
<security:global-method-security pre-post-annotations="enabled">
<security:expression-handler ref="securityExpressionHandler"/>
</security:global-method-security>
<!-- Configure SpEL expressions handler for security annotations -->
<bean id="securityExpressionHandler"
class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
<!-- Set role hierarchy to use -->
<!-- <property name="roleHierarchy" ref="roleHierarchy" /> -->
<!-- Enable SpEL hasPermission expression evaluation -->
<property name="permissionEvaluator" ref="aclPermissionEvaluator" />
</bean>
<!-- Evaluates hasPermission expression -->
<bean id="aclPermissionEvaluator" class="org.springframework.security.acls.AclPermissionEvaluator">
<!-- Link to actual ACL Service -->
<constructor-arg ref="aclService" />
</bean>
<!-- Retrieves, modifies and strores access control lists -->
<bean id="aclService" class="org.springframework.security.acls.jdbc.JdbcAclService">
<constructor-arg ref="dataSource" />
<constructor-arg ref="lookupStrategy" />
</bean>
<!-- Responsible for efficient retrieval of ACLs from database -->
<bean id="lookupStrategy" class="org.springframework.security.acls.jdbc.BasicLookupStrategy">
<constructor-arg ref="dataSource" />
<constructor-arg ref="aclCache" />
<constructor-arg ref="aclAuthorizationStrategy" />
<constructor-arg ref="aclAuditLogger" />
</bean>
<!-- ACL permission factory -->
<bean id="permissionFactory" class="org.springframework.security.acls.domain.DefaultPermissionFactory" />
<!-- Caching support for ACLs -->
<bean id="aclCache" class="com.tielev.acltest.security.NullAclCache" />
<!-- ACL Audit Logger -->
<bean class="org.springframework.security.acls.domain.ConsoleAuditLogger" id="aclAuditLogger"/>
<!-- Authorization for ACLs administration setup -->
<bean id="aclAuthorizationStrategy" class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
<constructor-arg>
<list>
<bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMIN" />
</bean>
<bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMIN" />
</bean>
<bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMIN" />
</bean>
</list>
</constructor-arg>
</bean>
<jdbc:embedded-database id="dataSource">
<jdbc:script location="classpath:acl-schema.sql"/>
</jdbc:embedded-database>
</beans>