git://source.jalview.org / proteocache.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
partly working security: registration form, authorization, simple authentification
[proteocache.git] / WEB-INF / spring-security.xml
diff --git a/WEB-INF/spring-security.xml b/WEB-INF/spring-security.xml
index b5f0040..4e8b52c 100644 (file)
--- a/WEB-INF/spring-security.xml
+++ b/WEB-INF/spring-security.xml
@@ -1,4 +1,5 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
+<beans:beans 
+       xmlns="http://www.springframework.org/schema/security"
        xmlns:beans="http://www.springframework.org/schema/beans" 
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.springframework.org/schema/beans
@@ -6,17 +7,46 @@
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security-3.1.xsd">
 
-       <http auto-config="true">
-               <intercept-url pattern="/home/*" access="ROLE_USER" />
-               <form-login login-page="/login" default-target-url="/welcome"
-                       authentication-failure-url="/loginfailed" />
+       <http auto-config="true" use-expressions="true" access-denied-page="/denied">
+               <intercept-url pattern="/stat/**" access="hasRole('ROLE_USER')" />
+               <intercept-url pattern="/sequence/**" access="hasRole('ROLE_USER')" />
+               <intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" />
+               <intercept-url pattern="/database/**" access="hasRole('ROLE_ADMIN')" />
+               <intercept-url pattern="/public*" access="permitAll"/>
+               <intercept-url pattern="/login*" access="permitAll"/>
+               <intercept-url pattern="/index*" access="permitAll"/>
+               <intercept-url pattern="/register*" access="permitAll"/>
+               <form-login 
+                       login-page="/login"
+                       default-target-url="/home"
+                       authentication-failure-url="/loginfailed"
+               />
                <logout logout-success-url="/logout" />
        </http>
 
+       <global-method-security secured-annotations="enabled">
+       </global-method-security>       
+
+<!-- 
+       <http access-denied-page="/denied.xhtml"  auto-config="true" use-expressions="false" >
+               <form-login 
+                       login-page="/login.xhtml"
+                       default-target-url="/"
+                       authentication-failure-url="/denied.xhtml"
+               login-processing-url="/static/j_spring_security_check"
+               />
+               <intercept-url pattern="/PANEL/**" access="ROLE_GENERALT"></intercept-url>
+               <logout invalidate-session="true" logout-url="/index.xhtml"/>
+       </http>
+
+       <global-method-security secured-annotations="enabled" jsr250-annotations="enabled"></global-method-security>
+-->
+
        <authentication-manager>
                <authentication-provider>
                        <user-service>
-                               <user name="sherstnev" password="sasha12345" authorities="ROLE_USER" />
+                               <user name="sherstnev" password="sasha" authorities="ROLE_USER" />
+                               <user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN" />
                        </user-service>
                </authentication-provider>
        </authentication-manager>