Project

General

Profile

Statistics
| Branch: | Tag: | Revision:

cdmlib / cdmlib-services / src / main / resources / eu / etaxonomy / cdm / services_security_base.xml @ e830b16f

History | View | Annotate | Download (3.37 KB)

1
<?xml version="1.0" encoding="UTF-8"?>
2
<beans xmlns="http://www.springframework.org/schema/beans"
3
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4
  xmlns:context="http://www.springframework.org/schema/context"
5
  xmlns:security="http://www.springframework.org/schema/security"
6
  xsi:schemaLocation="
7
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
8
    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
9
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd
10
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd"
11
    >
12

    
13
    <!--
14
        ======================================================================
15
          security specific configuration
16
        ======================================================================
17
     -->
18
    <security:global-method-security pre-post-annotations="enabled" run-as-manager-ref="runAsManager" >
19
        <security:expression-handler ref="expressionHandler" />
20
    </security:global-method-security>
21

    
22
    <!--
23
        To use "hasPermission()" in the Spring EL method annotations like @PreAuthorize we explicitly configure the permissionEvaluator
24
        the cdmPermissionEvaluator is already defined in the persistence security context
25
    -->
26
    <bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
27
        <property name="permissionEvaluator" ref="cdmPermissionEvaluator" />
28
    </bean>
29

    
30
    <bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
31
        <property name="userDetailsService" ref="userService"/>
32
        <property name="saltSource" ref="saltSource"/>
33
        <property name="passwordEncoder" ref="passwordEncoder"/>
34
    </bean>
35

    
36
    <bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.Md5PasswordEncoder"/>
37

    
38
    <bean id="saltSource" class="org.springframework.security.authentication.dao.ReflectionSaltSource">
39
        <property name="userPropertyToUse" value="getUsername"/>
40
    </bean>
41
    
42
    <bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
43
        <constructor-arg>
44
            <list>
45
                <ref local="daoAuthenticationProvider"/>
46
            </list>
47
        </constructor-arg>
48
    </bean>
49

    
50
    <!--
51
        Run-As Authentication Replacement for system operations
52
        as e.g. performed by the eu.etaxonomy.cdm.api.application.FirstDataInserter
53

54
        the key must match FirstDataInserter.RUN_AS_KEY
55
     -->
56
    <bean id="runAsManager"
57
        class="org.springframework.security.access.intercept.RunAsManagerImpl">
58
      <property name="key" value="TtlCx3pgKC4l"/>
59
    </bean>
60

    
61
    <bean id="runAsAuthenticationProvider"
62
        class="org.springframework.security.access.intercept.RunAsImplAuthenticationProvider">
63
      <property name="key" value="TtlCx3pgKC4l"/>
64
    </bean>
65

    
66
    <!-- equips a new and empty database with the initial set of meta data and admin user   -->
67
    <bean id="firstDataInserter" class="eu.etaxonomy.cdm.api.application.FirstDataInserter">
68
        <property name="runAsAuthenticationProvider" ref="runAsAuthenticationProvider"/>
69
    </bean>
70

    
71
</beans>
Add picture from clipboard (Maximum size: 40 MB)