git://source.jalview.org / proteocache.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add mode comments to the classes
[proteocache.git] / WEB-INF / spring-security.xml
1 <beans:beans xmlns="http://www.springframework.org/schema/security"
2         xmlns:beans="http://www.springframework.org/schema/beans"
3         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4         xmlns:mvc="http://www.springframework.org/schema/mvc"
5         xsi:schemaLocation="http://www.springframework.org/schema/beans
6         http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
7         http://www.springframework.org/schema/security
8         http://www.springframework.org/schema/security/spring-security-3.1.xsd
9         http://www.springframework.org/schema/mvc
10         http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd">
11
12         <http auto-config="true" pattern="/**" use-expressions="true" access-denied-page="/denied">
13                 <intercept-url pattern="/stat/**" access="hasAnyRole('ROLE_USER','ROLE_LDAP_USER','ROLE_ADMIN')" />
14                 <intercept-url pattern="/home**" access="hasAnyRole('ROLE_USER','ROLE_LDAP_USER','ROLE_ADMIN')" />
15                 <intercept-url pattern="/sequence/**" access="hasAnyRole('ROLE_USER','ROLE_LDAP_USER','ROLE_ADMIN')" />
16                 <intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" />
17                 <intercept-url pattern="/database/**" access="hasRole('ROLE_ADMIN')" />
18                 <intercept-url pattern="/public*" access="permitAll" />
19                 <intercept-url pattern="/login*" access="permitAll" />
20                 <intercept-url pattern="/ldaplogin*" access="permitAll" />
21                 <intercept-url pattern="/index*" access="permitAll" />
22                 <intercept-url pattern="/register*" access="permitAll" />
23                 <form-login login-page="/login" default-target-url="/home" authentication-failure-url="/loginfailed" />
24                 <logout invalidate-session="true" logout-success-url="/logout" />
25         </http>
26
27         <!-- Disabling Caching -->
28         <mvc:interceptors>
29                 <beans:bean id="webContentInterceptor"
30                         class="org.springframework.web.servlet.mvc.WebContentInterceptor">
31                         <beans:property name="cacheSeconds" value="0" />
32                         <beans:property name="useExpiresHeader" value="false" />
33                         <beans:property name="useCacheControlHeader" value="true" />
34                         <beans:property name="useCacheControlNoStore" value="true" />
35                 </beans:bean>
36         </mvc:interceptors>
37
38         <!-- enable  -->
39         <global-method-security secured-annotations="enabled"></global-method-security>
40
41         <authentication-manager alias="LDAP">
42                 <authentication-provider ref="ldapAuthProvider" />
43                 <authentication-provider>
44                         <user-service>
45                                 <user name="sherstnev" password="sasha" authorities="ROLE_USER" />
46                                 <user name="geoff" password="barton" authorities="ROLE_USER" />
47                                 <user name="jim" password="procter" authorities="ROLE_USER" />
48                                 <user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN" />
49                         </user-service>
50                 </authentication-provider>
51         </authentication-manager>
52
53         <!-- LDAP and other authentication managers -->
54         <beans:bean id="MyContextSource"
55                 class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
56                 <beans:constructor-arg value="ldap://ldap.lifesci.dundee.ac.uk:389" />
57                 <beans:property name="userDn" value="" />
58                 <beans:property name="password" value="password" />
59         </beans:bean>
60         <beans:bean id="MYgrantedAuthoritiesMapper" class="compbio.spring.security.LDAPAuthorityMapper">
61         </beans:bean>
62
63         <beans:bean id="ldapAuthProvider"
64                 class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
65                 <beans:constructor-arg>
66                         <beans:bean
67                                 class="org.springframework.security.ldap.authentication.BindAuthenticator">
68                                 <beans:constructor-arg ref="MyContextSource" />
69                                 <beans:property name="userDnPatterns">
70                                         <beans:list>
71                                                 <beans:value>cn={0},ou=edir,ou=people,ou=lifesci,o=dundee</beans:value>
72                                         </beans:list>
73                                 </beans:property>
74                         </beans:bean>
75                 </beans:constructor-arg>
76                 <beans:constructor-arg>
77                         <beans:bean
78                                 class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
79                                 <beans:constructor-arg ref="MyContextSource" />
80                                 <beans:constructor-arg value="cn=group-gjb,ou=groups,ou=lifesci,o=dundee" /> <!-- Barton group members can log in only... -->
81                                 <beans:property name="defaultRole" value="ROLE_LDAP_USER"/> <!-- temporary solution... Currently my AuthorityMapper is not working -->
82                         </beans:bean>
83                 </beans:constructor-arg>
84                 <!-- <beans:property name="authoritiesMapper" ref="MYgrantedAuthoritiesMapper" />--> <!-- should be used in the future -->
85         </beans:bean>
86
87 </beans:beans>