- corrected recursive autowiring
[taxeditor.git] / eu.etaxonomy.taxeditor.cdmlib / src / main / resources / eu / etaxonomy / cdm / remoting_services_security.xml
1 <?xml version="1.0" encoding="UTF-8"?>
2 <beans xmlns="http://www.springframework.org/schema/beans"
3 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4 xmlns:context="http://www.springframework.org/schema/context"
5 xmlns:security="http://www.springframework.org/schema/security"
6 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
7 http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd
8 http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd
9 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"
10 >
11
12 <import resource="classpath:/eu/etaxonomy/cdm/remoting_persistence_security.xml"/>
13 <!--
14 ======================================================================
15 security specific configuration
16 ======================================================================
17 -->
18 <!-- <security:global-method-security pre-post-annotations="enabled" run-as-manager-ref="runAsManager" > -->
19 <!-- <security:expression-handler ref="expressionHandler" /> -->
20 <!-- </security:global-method-security> -->
21
22 <!--
23 To use "hasPermission()" in the Spring EL method annotations like @PreAuthorize we explicitly configure the permissionEvaluator
24 the cdmPermissionEvaluator is already defined in the persistence security context
25 -->
26 <!-- <bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler"> -->
27 <!-- <property name="permissionEvaluator" ref="cdmPermissionEvaluator" /> -->
28 <!-- </bean> -->
29
30 <bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
31 <property name="providers">
32 <list>
33 <ref local="daoAuthenticationProvider"/>
34 </list>
35 </property>
36 </bean>
37
38 <bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
39 <property name="userDetailsService" ref="userService"/>
40 <property name="saltSource" ref="saltSource"/>
41 <property name="passwordEncoder" ref="passwordEncoder"/>
42 </bean>
43
44 <bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.Md5PasswordEncoder"/>
45
46 <bean id="saltSource" class="org.springframework.security.authentication.dao.ReflectionSaltSource">
47 <property name="userPropertyToUse" value="getUsername"/>
48 </bean>
49
50 <!--
51 Run-As Authentication Replacement for system operations
52 as e.g. performed by the eu.etaxonomy.cdm.api.application.FirstDataInserter
53
54 the key must match FirstDataInserter.RUN_AS_KEY
55 -->
56 <!-- <bean id="runAsManager" -->
57 <!-- class="org.springframework.security.access.intercept.RunAsManagerImpl"> -->
58 <!-- <property name="key" value="TtlCx3pgKC4l"/> -->
59 <!-- </bean> -->
60
61
62 </beans>