1 <beans:beans xmlns="http://www.springframework.org/schema/security"
2 xmlns:beans="http://www.springframework.org/schema/beans"
3 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4 xmlns:mvc="http://www.springframework.org/schema/mvc"
5 xsi:schemaLocation="http://www.springframework.org/schema/beans
6 http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
7 http://www.springframework.org/schema/security
8 http://www.springframework.org/schema/security/spring-security-3.1.xsd
9 http://www.springframework.org/schema/mvc
10 http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd">
12 <http auto-config="true" pattern="/**" use-expressions="true" access-denied-page="/denied">
13 <intercept-url pattern="/stat/**" access="hasAnyRole('ROLE_USER','ROLE_LDAP_USER','ROLE_ADMIN')" />
14 <intercept-url pattern="/home**" access="hasAnyRole('ROLE_USER','ROLE_LDAP_USER','ROLE_ADMIN')" />
15 <intercept-url pattern="/sequence/**" access="hasAnyRole('ROLE_USER','ROLE_LDAP_USER','ROLE_ADMIN')" />
16 <intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" />
17 <intercept-url pattern="/database/**" access="hasRole('ROLE_ADMIN')" />
18 <intercept-url pattern="/public*" access="permitAll" />
19 <intercept-url pattern="/login*" access="permitAll" />
20 <intercept-url pattern="/ldaplogin*" access="permitAll" />
21 <intercept-url pattern="/index*" access="permitAll" />
22 <intercept-url pattern="/register*" access="permitAll" />
23 <form-login login-page="/login" default-target-url="/home" authentication-failure-url="/loginfailed" />
24 <logout invalidate-session="true" logout-success-url="/logout" />
27 <!-- Disabling Caching -->
29 <beans:bean id="webContentInterceptor"
30 class="org.springframework.web.servlet.mvc.WebContentInterceptor">
31 <beans:property name="cacheSeconds" value="0" />
32 <beans:property name="useExpiresHeader" value="false" />
33 <beans:property name="useCacheControlHeader" value="true" />
34 <beans:property name="useCacheControlNoStore" value="true" />
39 <global-method-security secured-annotations="enabled"></global-method-security>
41 <authentication-manager alias="LDAP">
42 <authentication-provider ref="ldapAuthProvider" />
43 <authentication-provider>
45 <user name="sherstnev" password="sasha" authorities="ROLE_USER" />
46 <user name="geoff" password="barton" authorities="ROLE_USER" />
47 <user name="jim" password="procter" authorities="ROLE_USER" />
48 <user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN" />
50 </authentication-provider>
51 </authentication-manager>
53 <!-- LDAP and other authentication managers -->
54 <beans:bean id="MyContextSource"
55 class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
56 <beans:constructor-arg value="ldap://ldap.lifesci.dundee.ac.uk:389" />
57 <beans:property name="userDn" value="" />
58 <beans:property name="password" value="password" />
60 <beans:bean id="MYgrantedAuthoritiesMapper" class="compbio.spring.security.LDAPAuthorityMapper">
63 <beans:bean id="ldapAuthProvider"
64 class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
65 <beans:constructor-arg>
67 class="org.springframework.security.ldap.authentication.BindAuthenticator">
68 <beans:constructor-arg ref="MyContextSource" />
69 <beans:property name="userDnPatterns">
71 <beans:value>cn={0},ou=edir,ou=people,ou=lifesci,o=dundee</beans:value>
75 </beans:constructor-arg>
76 <beans:constructor-arg>
78 class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
79 <beans:constructor-arg ref="MyContextSource" />
80 <beans:constructor-arg value="cn=group-gjb,ou=groups,ou=lifesci,o=dundee" /> <!-- Barton group members can log in only... -->
81 <beans:property name="defaultRole" value="ROLE_LDAP_USER"/> <!-- temporary solution... Currently my AuthorityMapper is not working -->
83 </beans:constructor-arg>
84 <!-- <beans:property name="authoritiesMapper" ref="MYgrantedAuthoritiesMapper" />--> <!-- should be used in the future -->