Project

General

Profile

Statistics
| Branch: | Tag: | Revision:

cdmlib / cdmlib-services / src / main / resources / eu / etaxonomy / cdm / services_security.xml @ ff33651f

History | View | Annotate | Download (4.39 KB)

1
<?xml version="1.0" encoding="UTF-8"?>
2
<beans xmlns="http://www.springframework.org/schema/beans"
3
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4
  xmlns:context="http://www.springframework.org/schema/context"
5
  xmlns:security="http://www.springframework.org/schema/security"
6
  xsi:schemaLocation="
7
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
8
    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
9
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
10
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"
11
    >
12

    
13
    <import resource="classpath:/eu/etaxonomy/cdm/persistence_security.xml"/>
14

    
15
    <!--
16
        ======================================================================
17
          default service configuration (same as in services.xml)
18
        ======================================================================
19
     -->
20
    <context:component-scan base-package="eu/etaxonomy/cdm/persistence">
21
      <context:exclude-filter type="regex" expression="eu\.etaxonomy\.cdm\.persistence\.dao\.hibernate\.taxon\.TaxonAlternativeSpellingSuggestionParser"/>
22
    </context:component-scan>
23

    
24
    <context:component-scan base-package="eu/etaxonomy/cdm/search" />
25

    
26
    <context:component-scan base-package="eu/etaxonomy/cdm/database"/>
27

    
28
    <!-- also find the implementation of ITaxonNodeComparator (otherwise it is not found by a component scan)  -->
29
    <bean name="taxonNodeByNameComparator" class="eu.etaxonomy.cdm.model.taxon.TaxonNodeByNameComparator">
30
    </bean>
31

    
32
    <!--
33
        ======================================================================
34
          security specific configuration
35
        ======================================================================
36
     -->
37
    <security:global-method-security pre-post-annotations="enabled" run-as-manager-ref="runAsManager" >
38
        <security:expression-handler ref="expressionHandler" />
39
    </security:global-method-security>
40

    
41
    <!--
42
        To use "hasPermission()" in the Spring EL method annotations like @PreAuthorize we explicitly configure the permissionEvaluator
43
        the cdmPermissionEvaluator is already defined in the persistence security context
44
    -->
45
    <bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
46
        <property name="permissionEvaluator" ref="cdmPermissionEvaluator" />
47
    </bean>
48

    
49
    <bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
50
        <property name="providers">
51
            <list>
52
                <ref local="daoAuthenticationProvider"/>
53
            </list>
54
        </property>
55
    </bean>
56

    
57
    <bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
58
        <property name="userDetailsService" ref="userService"/>
59
        <property name="saltSource" ref="saltSource"/>
60
        <property name="passwordEncoder" ref="passwordEncoder"/>
61
    </bean>
62

    
63
    <bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.Md5PasswordEncoder"/>
64

    
65
    <bean id="saltSource" class="org.springframework.security.authentication.dao.ReflectionSaltSource">
66
        <property name="userPropertyToUse" value="getUsername"/>
67
    </bean>
68

    
69
    <!--
70
        Run-As Authentication Replacement for system operations
71
        as e.g. performed by the eu.etaxonomy.cdm.api.application.FirstDataInserter
72

73
        the key must match FirstDataInserter.RUN_AS_KEY
74
     -->
75
    <bean id="runAsManager"
76
        class="org.springframework.security.access.intercept.RunAsManagerImpl">
77
      <property name="key" value="TtlCx3pgKC4l"/>
78
    </bean>
79

    
80
    <bean id="runAsAuthenticationProvider"
81
        class="org.springframework.security.access.intercept.RunAsImplAuthenticationProvider">
82
      <property name="key" value="TtlCx3pgKC4l"/>
83
    </bean>
84

    
85
    <!-- equips a new and empty database with the initial set of meta data and admin user   -->
86
    <bean id="firstDataInserter" class="eu.etaxonomy.cdm.api.application.FirstDataInserter">
87
        <property name="runAsAuthenticationProvider" ref="runAsAuthenticationProvider"/>
88
    </bean>
89

    
90
</beans>
Add picture from clipboard (Maximum size: 40 MB)