-
Notifications
You must be signed in to change notification settings - Fork 414
/
mapfish-spring-security.xml
39 lines (35 loc) · 1.91 KB
/
mapfish-spring-security.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<http use-expressions="true">
<!-- in order to get a challenge (for capabilities for example) you need to use the print/sec/* urls -->
<intercept-url pattern="/sec/print/**" requires-channel="https" access="isAuthenticated()" />
<http-basic />
<anonymous />
</http>
<beans:bean name="bcryptEncoder"
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
<!--
This authentication manager is not really production quality. It will work if you don't have complex
needs but it is recommended to use ldap or database based authentication providers, etc..
See http://docs.spring.io/spring-security/site/docs/3.2.5.RELEASE/reference/htmlsingle/#ns-config for some
help
-->
<authentication-manager alias="authenticationManager">
<authentication-provider>
<password-encoder ref="bcryptEncoder" />
<user-service>
<!-- password is jimi -->
<user name="jimi" password="$2a$10$OeKmMfVmL2IbF/3skK8l2.Gl3EqvvGhb.Pxr/K0dN7.ttPRHsOzVW"
authorities="ROLE_USER, ROLE_ADMIN" />
<!-- password is bob -->
<user name="bob" password="$2a$10$D5gwUewQQSpjfZPTcj9rpuTTfmxAqNEyJ19pzC7Z9.fHSCl3jtDj."
authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>