/
sec-system.xml
93 lines (79 loc) · 3.23 KB
/
sec-system.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# $Id$
#
# Copyright 2008 Glencoe Software, Inc.. All rights reserved.
# Use is subject to license terms supplied in LICENSE.txt
#
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Written by: Josh Moore, josh at glencoesoftware.com
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-->
<beans>
<description>
sec-system.xml defines the interceptors for all methods which need
authentication and authorization as well as the core security system
classes.
</description>
<!-- Disabled the security system holder for the moment -->
<alias name="basicSecuritySystem" alias="securitySystem"/>
<bean id="securitySystemHolder" class="ome.security.SecuritySystemHolder">
<constructor-arg ref="basicSecuritySystem"/>
<constructor-arg ref="sharingSecuritySystem"/>
</bean>
<bean id="sharingSecuritySystem" class="ome.security.sharing.SharingSecuritySystem">
<constructor-arg ref="basicSecuritySystem"/>
</bean>
<bean id="basicSecuritySystem" class="ome.security.basic.BasicSecuritySystem">
<constructor-arg ref="omeroInterceptor"/>
<constructor-arg ref="systemTypes"/>
<constructor-arg ref="currentDetails"/>
<constructor-arg ref="sessionManager"/>
<constructor-arg ref="roles"/>
<constructor-arg ref="internalServiceFactory"/>
<constructor-arg ref="tokenHolder"/>
<constructor-arg ref="securityFilterHolder"/>
<constructor-arg ref="policyService"/>
</bean>
<bean id="securityWiring" class="ome.security.basic.BasicSecurityWiring"
lazy-init="true">
<property name="principalHolder" ref="principalHolder"/>
<property name="methodSecurity" ref="methodSecurity"/>
</bean>
<bean id="eventHandler" class="ome.security.basic.EventHandler">
<description>
Scope: private
</description>
<constructor-arg ref="simpleSqlAction"/>
<constructor-arg ref="basicSecuritySystem"/>
<constructor-arg ref="omeroSessionFactory"/>
<constructor-arg ref="transactionAttributeSource"/>
<constructor-arg value="${omero.cluster.read_only}"/>
</bean>
<!-- These might should be moved to a third security tier -->
<bean id="eventListeners" class="ome.security.basic.EventListenersFactoryBean">
<description>
Used by hibernate.xml during the creation of SessionFactory.
</description>
<constructor-arg ref="aclVoter"/>
<constructor-arg ref="currentDetails"/>
<constructor-arg ref="tokenHolder"/>
<constructor-arg ref="omeroInterceptor"/>
<property name="debugAll" value="false"/>
</bean>
<bean id="omeroInterceptor" class="ome.security.basic.OmeroInterceptor">
<description>
Scope: private
</description>
<constructor-arg ref="roles"/>
<constructor-arg ref="systemTypes"/>
<constructor-arg ref="currentDetails"/>
<constructor-arg ref="tokenHolder"/>
<constructor-arg ref="extendedMetadata"/>
<constructor-arg ref="delegatingStats"/>
</bean>
</beans>