SHARE
TWEET

deployerConfigContext.xml

a guest Jun 19th, 2017 16 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <beans xmlns="http://www.springframework.org/schema/beans"
  3.     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
  4.     xmlns:c="http://www.springframework.org/schema/c" xmlns:tx="http://www.springframework.org/schema/tx"
  5.     xmlns:util="http://www.springframework.org/schema/util" xmlns:sec="http://www.springframework.org/schema/security"
  6.     xsi:schemaLocation="http://www.springframework.org/schema/beans
  7.     http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
  8.            http://www.springframework.org/schema/tx
  9.     http://www.springframework.org/schema/tx/spring-tx-3.2.xsd
  10.            http://www.springframework.org/schema/security
  11.     http://www.springframework.org/schema/security/spring-security-3.2.xsd
  12.            http://www.springframework.org/schema/util
  13.     http://www.springframework.org/schema/util/spring-util.xsd">
  14.  
  15.     <bean id="authenticationManager"
  16.         class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
  17.         <constructor-arg>
  18.             <map>
  19.                 <entry key-ref="ldapAuthenticationHandler" value-ref="usernamePasswordCredentialsResolver" />
  20.             </map>
  21.         </constructor-arg>
  22.     </bean>
  23.  
  24.     <bean id="ldapAuthenticationHandler" class="org.jasig.cas.authentication.LdapAuthenticationHandler"
  25.         p:principalIdAttribute="uid">
  26.         <constructor-arg ref="authenticator" />
  27.         <property name="principalAttributeMap">
  28.             <map>
  29.                 <entry key="mail" value="mail" />
  30.                 <entry key="cn" value="cn" />
  31.             </map>
  32.         </property>
  33.     </bean>
  34.  
  35.     <bean id="authenticator" class="org.ldaptive.auth.Authenticator"
  36.         c:resolver-ref="pooledSearchDnResolver" c:handler-ref="pooledBindHandler" />
  37.        
  38.     <!-- <bean id="pooledSearchDnResolver" class="org.ldaptive.auth.PooledSearchDnResolver"
  39.         p:baseDn="dc=example,dc=com(CHANGE-TO-YOUR-PROPERTY)" p:subtreeSearch="true"
  40.         p:allowMultipleDns="false" p:connectionFactory-ref="pooledConnectionFactory"
  41.         p:userFilter="uid(CHANGE-TO-YOUR-PROPERTY)={user}" /> -->
  42.  
  43.     <bean id="pooledSearchDnResolver" class="org.ldaptive.auth.PooledSearchDnResolver"
  44.         p:baseDn="ou=users,ou=system,dc=example,dc=com" p:subtreeSearch="true"
  45.         p:allowMultipleDns="false" p:connectionFactory-ref="pooledConnectionFactory"
  46.         p:userFilter="uid={user}" />
  47.        
  48.     <bean id="pooledBindHandler" class="org.ldaptive.auth.PooledBindAuthenticationHandler"
  49.         p:connectionFactory-ref="pooledConnectionFactory" />
  50.        
  51.     <bean id="pooledConnectionFactory" class="org.ldaptive.pool.PooledConnectionFactory"
  52.         p:connectionPool-ref="connectionPool" />
  53.        
  54.     <bean id="connectionPool" class="org.ldaptive.pool.BlockingConnectionPool"
  55.         init-method="initialize" p:poolConfig-ref="ldapPoolConfig"
  56.         p:blockWaitTime="3000" p:validator-ref="searchValidator"
  57.         p:pruneStrategy-ref="pruneStrategy" p:connectionFactory-ref="connectionFactory" />
  58.        
  59.     <bean id="ldapPoolConfig" class="org.ldaptive.pool.PoolConfig"
  60.         p:minPoolSize="3" p:maxPoolSize="10" p:validateOnCheckOut="true"
  61.         p:validatePeriodically="false" p:validatePeriod="300" />
  62.        
  63.     <bean id="searchValidator" class="org.ldaptive.pool.SearchValidator" />
  64.    
  65.     <bean id="pruneStrategy" class="org.ldaptive.pool.IdlePruneStrategy"
  66.         p:prunePeriod="300" p:idleTime="600" />
  67.        
  68.     <bean id="connectionFactory" class="org.ldaptive.DefaultConnectionFactory"
  69.         p:connectionConfig-ref="connectionConfig" />
  70.        
  71.     <!-- <bean id="connectionConfig" class="org.ldaptive.ConnectionConfig"
  72.         p:ldapUrl="ldap://localhost(CHANGE-TO-YOUR-PROPERTY):10389(CHANGE-TO-YOUR-PROPERTY)"
  73.         p:connectTimeout="3000" p:useStartTLS="false"
  74.         p:connectionInitializer-ref="bindConnectionInitializer" /> -->
  75.        
  76.     <bean id="connectionConfig" class="org.ldaptive.ConnectionConfig"
  77.         p:ldapUrl="ldap://localhost:10389"
  78.         p:connectTimeout="3000" p:useStartTLS="false"
  79.         p:connectionInitializer-ref="bindConnectionInitializer" />
  80.  
  81.     <!-- <bean id="bindConnectionInitializer" class="org.ldaptive.BindConnectionInitializer"
  82.         p:bindDn="uid=admin,ou=system(CHANGE-TO-YOUR-PROPERTY)">
  83.         <property name="bindCredential">
  84.             <bean class="org.ldaptive.Credential" c:password="secret(CHANGE-TO-YOUR-PROPERTY)" />
  85.         </property>
  86.     </bean> -->
  87.    
  88.     <bean id="bindConnectionInitializer" class="org.ldaptive.BindConnectionInitializer"
  89.         p:bindDn="uid=admin,ou=system">
  90.         <property name="bindCredential">
  91.             <bean class="org.ldaptive.Credential" c:password="secret" />
  92.         </property>
  93.     </bean>
  94.  
  95.     <!-- | Credential-to-principal resolver beans -->
  96.     <bean id="usernamePasswordCredentialsResolver"
  97.         class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />
  98.  
  99.     <bean id="httpBasedCredentialsResolver"
  100.         class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />
  101.  
  102.     <!-- Required for proxy ticket mechanism. -->
  103.     <bean id="proxyAuthenticationHandler"
  104.         class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
  105.         p:httpClient-ref="httpClient" />
  106.  
  107.     <bean id="primaryAuthenticationHandler"
  108.         class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">
  109.         <property name="users">
  110.             <map>
  111.                 <entry key="casuser" value="Mellon" />
  112.             </map>
  113.         </property>
  114.     </bean>
  115.  
  116.     <!-- Required for proxy ticket mechanism -->
  117.     <bean id="proxyPrincipalResolver"
  118.         class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />
  119.  
  120.     <!-- | Resolves a principal from a credential using an attribute repository
  121.         that is configured to resolve | against a deployer-specific store (e.g. LDAP). -->
  122.     <bean id="primaryPrincipalResolver"
  123.         class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver">
  124.         <property name="attributeRepository" ref="attributeRepository" />
  125.     </bean>
  126.  
  127.     <!-- Bean that defines the attributes that a service may return. This example
  128.         uses the Stub/Mock version. A real implementation may go against a database
  129.         or LDAP server. The id should remain "attributeRepository" though. + -->
  130.     <bean id="attributeRepository"
  131.         class="org.jasig.services.persondir.support.StubPersonAttributeDao"
  132.         p:backingMap-ref="attrRepoBackingMap" />
  133.  
  134.     <util:map id="attrRepoBackingMap">
  135.         <entry key="uid" value="uid" />
  136.         <entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
  137.         <entry key="groupMembership" value="groupMembership" />
  138.     </util:map>
  139.  
  140.     <!-- Sample, in-memory data store for the ServiceRegistry. A real implementation
  141.         would probably want to replace this with the JPA-backed ServiceRegistry DAO
  142.         The name of this bean should remain "serviceRegistryDao". + -->
  143.     <bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"
  144.         p:registeredServices-ref="registeredServicesList" />
  145.  
  146.     <util:list id="registeredServicesList">
  147.         <bean class="org.jasig.cas.services.RegexRegisteredService" p:id="0"
  148.             p:name="HTTP and IMAP" p:description="Allows HTTP(S) and IMAP(S) protocols"
  149.             p:serviceId="^(https?|imaps?)://.*" p:evaluationOrder="10000001" />
  150.  
  151.         <!-- Use the following definition instead of the above to further restrict
  152.             access to services within your domain (including sub domains). Note that
  153.             example.com must be replaced with the domain you wish to permit. This example
  154.             also demonstrates the configuration of an attribute filter that only allows
  155.             for attributes whose length is 3. -->
  156.  
  157.         <!-- <bean class="org.jasig.cas.services.RegexRegisteredService"> <property
  158.             name="id" value="1" /> <property name="name" value="HTTP and IMAP on example.com"
  159.             /> <property name="description" value="Allows HTTP(S) and IMAP(S) protocols
  160.             on example.com" /> <property name="serviceId" value="^(https?|imaps?)://([A-Za-z0-9_-]+\.)*example\.com/.*"
  161.             /> <property name="evaluationOrder" value="0" /> <property name="attributeFilter">
  162.             <bean class="org.jasig.cas.services.support.RegisteredServiceRegexAttributeFilter"
  163.             c:regex="^\w{3}$" /> </property> </bean> -->
  164.  
  165.     </util:list>
  166.  
  167.     <bean id="auditTrailManager"
  168.         class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />
  169.  
  170.     <bean id="healthCheckMonitor" class="org.jasig.cas.monitor.HealthCheckMonitor"
  171.         p:monitors-ref="monitorsList" />
  172.  
  173.     <util:list id="monitorsList">
  174.         <bean class="org.jasig.cas.monitor.MemoryMonitor"
  175.             p:freeMemoryWarnThreshold="10" />
  176.  
  177.         <!-- NOTE The following ticket registries support SessionMonitor: * DefaultTicketRegistry
  178.             * JpaTicketRegistry Remove this monitor if you use an unsupported registry. -->
  179.         <bean class="org.jasig.cas.monitor.SessionMonitor"
  180.             p:ticketRegistry-ref="ticketRegistry"
  181.             p:serviceTicketCountWarnThreshold="5000" p:sessionCountWarnThreshold="100000" />
  182.     </util:list>
  183. </beans>
RAW Paste Data
Top