[parancoe] push by enricogi...@gmail.com - issue-14 on 2012-07-24 01:37 GMT

[para...@googlecode.com]

Revision: bebbfbfdff1f
Author: enricogiurin <enrico...@gmail.com>
Date: Mon Jul 23 18:36:34 2012
Log: issue-14
http://code.google.com/p/parancoe/source/detail?r=bebbfbfdff1f

Added:

/plugins/parancoe-plugin-springsecurity-evolution/src/main/resources/applicationContext-plugin.explicit.xml

=======================================
--- /dev/null
+++
/plugins/parancoe-plugin-springsecurity-evolution/src/main/resources/applicationContext-plugin.explicit.xml
Mon Jul 23 18:36:34 2012
@@ -0,0 +1,147 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Copyright (C) 2006-2012 The Parancoe Team <in...@parancoe.org>
+
+ This file is part of Parancoe Plugin Spring Security Evolution.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:security="http://www.springframework.org/schema/security"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+ http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
+ http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
+ http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
+ ">
+
+
+
+
+
+ <!-- note the commas are required in the filter-chain "filters"
attribute! -->
+ <bean id="springSecurityFilterChain"
class="org.springframework.security.web.FilterChainProxy">
+ <security:filter-chain-map path-type="ant">
+ <security:filter-chain pattern="/**" filters="
+ securityContextPersistenceFilter,
+ logoutFilter,
+ usernamePasswordProcessingFilter,
+ rememberMeProcessingFilter,
+ anonymousProcessingFilter,
+ exceptionTranslationFilter,
+ filterSecurityInterceptor" />
+ </security:filter-chain-map>
+ </bean>
+
+ <bean id="securityContextPersistenceFilter"
class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
+
+ <bean id="logoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter">
+ <!-- the post-logout destination -->
+ <constructor-arg value="/"/>
+
+ <constructor-arg>
+ <array>
+ <ref local="logoutHandler"/>
+ <ref local="rememberMeServices"/>
+ </array>
+ </constructor-arg>
+ <property name="filterProcessesUrl" value="/logout"/>
+ </bean>
+
+ <bean id="usernamePasswordProcessingFilter"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
+<!-- <property name="filterProcessesUrl"
value="/j_spring_security_check"/>
+ <property name="usernameParameter" value="login_username"/>
+ <property name="passwordParameter" value="login_password"/> -->
+ <property name="authenticationManager" ref="authenticationManager"/>
+ <property name="rememberMeServices" ref="rememberMeServices"/>
+ <property name="authenticationFailureHandler"
ref="authenticationFailureHandler"/>
+ </bean>
+
+ <security:authentication-manager id="authenticationManager"
+ alias="authenticationManager">
+ <security:authentication-provider
+ user-service-ref="userDetailsService">
+ <security:password-encoder ref="passwordEncoder">
+ <security:salt-source ref="saltSource" />
+ </security:password-encoder>
+ </security:authentication-provider>
+ </security:authentication-manager>
+
+
+ <bean id="authenticationFailureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
+ <property name="defaultFailureUrl" value="/login.do"/>
+ </bean>
+ <bean id="exceptionTranslationFilter"
class="org.springframework.security.web.access.ExceptionTranslationFilter">
+ <property name="authenticationEntryPoint"
ref="authenticationEntryPoint"/>
+ <property name="accessDeniedHandler" ref="accessDeniedHandler"/>
+ </bean>
+ <bean id="anonymousProcessingFilter"
class="org.springframework.security.web.authentication.AnonymousAuthenticationFilter">
+ <!-- Both of these are required -->
+ <!-- username, default role -->
+ <property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
+ <!-- randomly generated key -->
+ <property name="key" value="BF93JFJ091N00Q7HF"/>
+ </bean>
+ <!-- Note the construction of the logout filter differs from most others
-->
+
+
+ <bean id="logoutHandler"
class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
+
+ <bean id="authenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
+ <property name="loginFormUrl" value="/login.do"/>
+ </bean>
+
+ <bean id="accessDeniedHandler"
class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
+ <property name="errorPage" value="/accessDenied.do"/>
+ </bean>
+
+ <bean id="filterSecurityInterceptor"
class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
+ <property name="authenticationManager"
ref="customAuthenticationManager"/>
+ <property name="accessDecisionManager" ref="affirmativeBased"/>
+ <property name="securityMetadataSource">
+ <!-- SEC-1256 -->
+ <security:filter-security-metadata-source use-expressions="true">
+ <security:intercept-url pattern="/login.do" access="permitAll"/>
+ <security:intercept-url pattern="/home.do" access="permitAll and
evenMinute"/>
+ <security:intercept-url pattern="/account/*.do"
access="hasRole('ROLE_USER') and fullyAuthenticated"/>
+ <security:intercept-url pattern="/*" access="hasRole('ROLE_USER')"/>
+ </security:filter-security-metadata-source>
+
+ </property>
+ </bean>
+
+ <bean id="rememberMeProcessingFilter"
class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
+ <property name="rememberMeServices" ref="rememberMeServices"/>
+ <property name="authenticationManager" ref="authenticationManager" />
+ </bean>
+ <bean id="rememberMeServices"
class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices">
+ <property name="key" value="jbcpPetStore"/>
+ <property name="tokenValiditySeconds" value="3600"/>
+ <property name="tokenRepository" ref="jdbcRememberMeTokenRepository"/>
+ <property name="userDetailsService" ref="jdbcUserServiceCustom"/>
+ </bean>
+ <bean id="rememberMeAuthenticationProvider"
class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
+ <property name="key" value="jbcpPetStore"/>
+ </bean>
+ <bean id="jdbcRememberMeTokenRepository"
class="org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl">
+ <property name="dataSource" ref="dataSource"/>
+ </bean>
+
+
+
+
+</beans>