![(please configure the [header_logo] section in trac.ini)](/trac/chrome/site/trac_banner.jpg)
Changeset 3663 in main for branches/2.1/src/main/webapps/ibisph-view/WEB-INF/config/spring/security.xml
- Timestamp:
- 03/27/12 09:00:40 (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.1/src/main/webapps/ibisph-view/WEB-INF/config/spring/security.xml
r3548 r3663 64 64 <constructor-arg> 65 65 <list> 66 <value>/user/authenticate</value> 67 <value>/user/logout</value> 68 <value>/user/profile/*</value> 69 <value>/user/MyQueries.html</value> 70 <value>/query/definition/**</value> 71 <value>/query/criteria/**</value> 66 <value>/authenticate</value> 67 <value>/logout</value> 68 <value>/edit/user/profile</value> 69 <value>/save/user/profile</value> 70 <value>/delete/user/profile</value> 71 <value>/user/selection/List.html</value> 72 73 <value>/save/query/result</value> 74 <value>/save/query/definition</value> 75 <value>/query/definition/List.html</value> 76 <value>/run/query/definition/**</value> 77 <value>/edit/query/definition/**</value> 78 <value>/apply/query/definition/**</value> 79 <value>/delete/query/definition/**</value> 72 80 </list> 73 81 </constructor-arg> … … 106 114 107 115 <bean class="org.ibisph.web.filter.AntPatternSecurityFilterChain"> 116 <description> 117 Entries needed to check that publish requests are originating 118 from a specified IP address. The address is specified either 119 in the spring bean config file or in a property file and should 120 be set to the IP address of the computer that the admin app 121 lives on. If the direct XML file publishing or a bundled 122 deployment mechanism is used then these are not needed - but do 123 no harm in being left as a default configuration - the URLs are 124 simply never hit. 125 </description> 108 126 <constructor-arg> 109 127 <list> … … 180 198 </list> 181 199 </constructor-arg> 182 <property name="filterProcessesUrl" value="/ user/logout"/>200 <property name="filterProcessesUrl" value="/logout"/> 183 201 </bean> 184 202 … … 221 239 <!-- form based login filter --> 222 240 <bean id="Security.Authentication.Page.ProcessingFilter" class="org.ibisph.user.springsecurity.LogUserAuthenticationProcessingFilter"> 223 <property name="filterProcessesUrl" value="/ user/authenticate"/>241 <property name="filterProcessesUrl" value="/authenticate"/> 224 242 <property name="usernameParameter" value="username"/> 225 243 <property name="passwordParameter" value="password"/> … … 292 310 293 311 <bean id="Security.Authorization.MetadataSource" class="org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource"> 312 <description> 313 This definition is where the specific authorities and authorizations are 314 are specified. For the view app all of the secure requests simply need 315 the user to be authenticated. Also only the URL/resource mappings that 316 are specified in the secure filter mappings are processed so a simple 317 global request matchers is all that is needed. 318 </description> 294 319 <constructor-arg> 295 320 <map> 296 321 <entry> 297 322 <key><bean class="org.springframework.security.web.util.AntPathRequestMatcher"> 298 <constructor-arg value="/query/definition/**"/> 299 </bean></key> 300 <list> 301 <bean class="org.springframework.security.access.SecurityConfig"> 302 <constructor-arg value="IS_AUTHENTICATED_FULLY"/> 303 </bean> 304 </list> 305 </entry> 306 <entry> 307 <key><bean class="org.springframework.security.web.util.AntPathRequestMatcher"> 308 <constructor-arg value="/user/**"/> 323 <constructor-arg value="/**"/> 309 324 </bean></key> 310 325 <list>
Note: See TracChangeset
for help on using the changeset viewer.
