Permalink
Fetching contributors…
Cannot retrieve contributors at this time
144 lines (126 sloc) 7.6 KB
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd">
<!-- properties -->
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>file:src/main/app-dirs/x509dir/conf/etomcat.properties</value>
</list>
</property>
</bean>
<!-- ETomcat -->
<bean id="etomcat" class="ru.concerteza.springtomcat.etomcat6.EmbeddedTomcat" destroy-method="stop">
<property name="generalProps">
<bean class="ru.concerteza.springtomcat.etomcat6.config.GeneralProperties">
<property name="port" value="${etomcat.port}"/>
</bean>
</property>
<property name="sslProps">
<bean class="ru.concerteza.springtomcat.etomcat6.config.SslProperties">
<property name="sslEnabled" value="true"/>
<property name="keystoreFile" value="${etomcat.ssl.keystoreFile}"/>
<property name="keystorePass" value="${etomcat.ssl.keystorePass}"/>
<property name="keyAlias" value="${etomcat.ssl.keyAlias}"/>
<property name="clientAuth" value="true"/>
<property name="truststoreFile" value="${etomcat.ssl.truststoreFile}" />
<property name="truststorePass" value="${etomcat.ssl.truststorePass}" />
<property name="truststoreType" value="${etomcat.ssl.truststoreType}" />
</bean>
</property>
</bean>
<!--context annotations -->
<context:component-scan base-package="ru.concerteza.springtomcat.etomcat6.x509" use-default-filters="false">
<context:include-filter type="annotation" expression="org.springframework.stereotype.Service"/>
</context:component-scan>
<!-- security -->
<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
<security:filter-chain-map path-type="ant">
<security:filter-chain pattern="/**"
filters="concurrentSessionFilter,
securityContextPersistenceFilter,
x509AuthenticationFilter,
requestCacheAwareFilter,
securityContextHolderAwareRequestFilter,
sessionManagementFilter,
exceptionTranslationFilter,
filterSecurityInterceptor"/>
</security:filter-chain-map>
</bean>
<bean id="sessionRegistry" class="org.springframework.security.core.session.SessionRegistryImpl" />
<bean id="concurrentSessionFilter" class="org.springframework.security.web.session.ConcurrentSessionFilter">
<property name="sessionRegistry" ref="sessionRegistry" />
</bean>
<bean id="httpSessionSecurityContextRepository" class="org.springframework.security.web.context.HttpSessionSecurityContextRepository" />
<bean id="securityContextPersistenceFilter" class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
<property name="securityContextRepository" ref="httpSessionSecurityContextRepository" />
</bean>
<bean id="x509AuthenticationFilter" class="org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager"/>
</bean>
<bean id="requestCacheAwareFilter" class="org.springframework.security.web.savedrequest.RequestCacheAwareFilter" />
<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter" >
<property name="rolePrefix" value="" />
</bean>
<bean id="concurrentSessionControlStrategy" class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy" >
<constructor-arg index="0" ref="sessionRegistry"/>
</bean>
<bean id="sessionManagementFilter" class="org.springframework.security.web.session.SessionManagementFilter" >
<constructor-arg index="0" ref="httpSessionSecurityContextRepository" />
<property name="sessionAuthenticationStrategy" ref="concurrentSessionControlStrategy" />
</bean>
<bean id="authenticationEntryPoint"
class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
<property name="realmName" value="AppName Realm"/>
</bean>
<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<ref local="inMemoryAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="userDetailsByNameServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<property name="userDetailsService" ref="authUserDetailsService" />
</bean>
<bean id="inMemoryAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
<property name="preAuthenticatedUserDetailsService" ref="userDetailsByNameServiceWrapper"/>
</bean>
<bean id="exceptionTranslationFilter" class="org.springframework.security.web.access.ExceptionTranslationFilter">
<property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
<property name="accessDeniedHandler">
<bean class="org.springframework.security.web.access.AccessDeniedHandlerImpl"/>
</property>
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
<property name="decisionVoters">
<list>
<bean class="org.springframework.security.access.vote.RoleVoter"/>
<bean class="org.springframework.security.web.access.expression.WebExpressionVoter"/>
</list>
</property>
</bean>
<bean id="filterSecurityInterceptor"
class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
<property name="securityMetadataSource">
<security:filter-security-metadata-source use-expressions="true">
<!--<security:intercept-url pattern="/*.html" access="permitAll"/>-->
<!--<security:intercept-url pattern="/version" access="permitAll"/>-->
<!--<security:intercept-url pattern="/users/activate" access="permitAll"/>-->
<security:intercept-url pattern="/**" access="isAuthenticated()"/>
</security:filter-security-metadata-source>
</property>
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
</bean>
<security:global-method-security jsr250-annotations="enabled"/>
</beans>