Project

General

Profile

« Previous | Next » 

Revision 50570

1. Add getMetricsInfoForRepository and getInterfaceInformation methods.
2. Create aai-secutiry.xml file
3. Add properties on application file

View differences:

application-context.xml
1 1
<?xml version="1.0" encoding="UTF-8"?>
2 2
<beans xmlns="http://www.springframework.org/schema/beans"
3 3
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4
       xmlns:security="http://www.springframework.org/schema/security"
5
       xmlns:util="http://www.springframework.org/schema/util" xmlns:task="http://www.springframework.org/schema/task"
6 4
       xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
7
       xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
8
		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
9
		http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd
5
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
6
		    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd">
10 7

  
11
		  http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd"
12
       default-autowire="byType">
8
    <import resource="classpath*:/eu/**/aai-security.xml"/>
13 9

  
14
    <!--<import resource="classpath:META-INF/cxf/cxf.xml"/>
15
    <import resource="classpath:META-INF/cxf/cxf-extension-jaxws.xml"/>
16
    <import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
17
    <import resource="classpath*:/cxf.xml"/>
18
    <import resource="classpath*:/eu/dnetlib/repos/ehcacher/springContext-repos-ehcacher.xml"/>
19
    <import resource="classpath*:/eu/dnetlib/soap/cxf/applicationContext-eprbuilders.xml"/>
20
    <import resource="classpath*:/eu/dnetlib/clients/ws/springContext-locatorFactory.xml"/>
21
    <import resource="classpath*:/eu/dnetlib/users/springContext-users-ldap.xml"/>
22
    <import resource="classpath*:/gr/uoa/di/driver/util/springContext-locators.xml"/>
23
    <import resource="classpath*:/gr/uoa/di/driver/app/springContext-lookupFactory.xml"/>
24
    <import resource="classpath*:/gr/uoa/di/driver/app/springContext-lookupClients.xml"/>
25
    <import resource="classpath*:/eu/dnetlib/enabling/hcm/springContext-hcmService.xml"/>
26
    <import resource="classpath*:/gr/uoa/di/driver/app/springContext-commons.xml"/>
27
    <import resource="classpath*:/gr/uoa/di/driver/app/springContext-registrator.xml"/>
28
    <import resource="classpath*:/eu/dnetlib/repos/springContext-repos-dms-cached.xml"/>-->
29
    
30 10
    <context:property-placeholder location="classpath*:/eu/**/application.properties" />
31 11
    <tx:annotation-driven transaction-manager="txManager"/>
32 12

  
33
<!--
34 13
    <bean class="eu.dnetlib.repo.manager.service.config.CascadingPropertyLoader" id="propertyLoader">
35 14
        <property name="order" value="2" />
36 15
        <property name="properties">
......
59 38
            </list>
60 39
        </property>
61 40
    </bean>
62
-->
63 41

  
64 42
    <bean id="repomanager.dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
65 43
        <property name="driverClassName" value="${repomanager.db.driverClassName}" />
......
84 62
        <property name="dataSource" ref="repomanager.dataSource"/>
85 63
    </bean>
86 64

  
87
    <bean id="webexpressionHandler"
88
          class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"/>
89

  
90
    <security:global-method-security pre-post-annotations="enabled" proxy-target-class="true"
91
                                     authentication-manager-ref="authenticationManager"/>
92

  
93
    <security:http auto-config="false" use-expressions="true"
94
                   disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint"
95
                   pattern="/**">
96

  
97
        <security:custom-filter before="PRE_AUTH_FILTER" ref="openIdConnectAuthenticationFilter" />
98

  
99
        <security:logout />
100

  
101
    </security:http>
102

  
103
    <bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint" >
104
        <constructor-arg type="java.lang.String" value="/openid_connect_login"/>
105
    </bean>
106

  
107
    <security:authentication-manager alias="authenticationManager">
108
        <security:authentication-provider ref="openIdConnectAuthenticationProvider" />
109
    </security:authentication-manager>
110

  
111
    <bean id="openIdConnectAuthenticationProvider" class="org.mitre.openid.connect.client.OIDCAuthenticationProvider">
112
        <property name="authoritiesMapper">
113
            <bean class="org.mitre.openid.connect.client.NamedAdminAuthoritiesMapper">
114
                <property name="admins" ref="namedAdmins" />
115
            </bean>
116
        </property>
117
    </bean>
118

  
119
    <util:set id="namedAdmins" value-type="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority">
120
        <!--
121
            This is an example of how quantity set up a user as an administrator: they'll be given ROLE_ADMIN in addition quantity ROLE_USER.
122
            Note that having an administrator role on the IdP doesn't grant administrator access on this client.
123
            These are values from the demo "openid-connect-server-webapp" project of MITREid Connect.
124
        -->
125
        <bean class="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority">
126
            <constructor-arg name="subject" value="90342.ASDFJWFA" />
127
            <constructor-arg name="issuer" value="${oidc.issuer}" />
128
        </bean>
129
    </util:set>
130

  
131
    <bean class="eu.dnetlib.repo.manager.service.utils.FrontEndLinkURIAuthenticationSuccessHandler" id="frontEndRedirect">
132
        <property name="frontEndURI" value="${webapp.front}"/>
133
    </bean>
134
    <!--
135
      -
136
      - The authentication filter
137
      -
138
      -->
139
    <bean id="openIdConnectAuthenticationFilter" class="org.mitre.openid.connect.client.OIDCAuthenticationFilter">
140
        <property name="authenticationManager" ref="authenticationManager" />
141

  
142
        <property name="issuerService" ref="staticIssuerService" />
143
        <property name="serverConfigurationService" ref="staticServerConfigurationService" />
144
        <property name="clientConfigurationService" ref="staticClientConfigurationService" />
145
        <property name="authRequestOptionsService" ref="staticAuthRequestOptionsService" />
146
        <property name="authRequestUrlBuilder" ref="plainAuthRequestUrlBuilder" />
147
        <property name="authenticationSuccessHandler" ref="frontEndRedirect"/>
148

  
149
    </bean>
150

  
151

  
152

  
153
    <!--
154
      -
155
      -	Issuer Services: Determine which identity provider issuer is used.
156
      -
157
      -->
158

  
159

  
160
    <!--
161
        Static issuer service, returns the same issuer for every request.
162
    -->
163
    <bean class="org.mitre.openid.connect.client.service.impl.StaticSingleIssuerService" id="staticIssuerService">
164
        <property name="issuer" value="${oidc.issuer}" />
165
    </bean>
166

  
167
    <bean class="org.mitre.openid.connect.client.service.impl.HybridIssuerService" id="hybridIssuerService">
168
        <property name="loginPageUrl" value="login" />
169
        <property name="forceHttps" value="false" /> <!-- this default property forces the webfinger issuer URL quantity be HTTPS, turn off for development work -->
170
    </bean>
171

  
172
    <!--
173
		Dynamic server configuration, fetches the server's information using OIDC Discovery.
174
	-->
175
    <bean class="org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService" id="staticServerConfigurationService">
176
        <property name="servers">
177
            <map>
178
                <entry key="${oidc.issuer}">
179
                    <bean class="org.mitre.openid.connect.config.ServerConfiguration">
180
                        <property name="issuer" value="${oidc.issuer}" />
181
                        <property name="authorizationEndpointUri"	value="${oidc.issuer}authorize" />
182
                        <property name="tokenEndpointUri"	value="${oidc.issuer}token" />
183
                        <property name="userInfoUri" value="${oidc.issuer}userinfo" />
184
                        <property name="jwksUri" value="${oidc.issuer}jwk" />
185
                        <property name="revocationEndpointUri" value="${oidc.issuer}revoke" />
186
                    </bean>
187
                </entry>
188
            </map>
189
        </property>
190
    </bean>
191

  
192

  
193
    <!--
194
       Static Client Configuration. Configures a client statically by storing configuration on a per-issuer basis.
195
   -->
196

  
197
    <bean class="org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService" id="staticClientConfigurationService">
198
        <property name="clients">
199
            <map>
200
                <entry key="${oidc.issuer}">
201
                    <bean class="org.mitre.oauth2.model.RegisteredClient">
202
                        <property name="clientId" value="${oidc.id}" />
203
                        <property name="clientSecret" value="${oidc.secret}" />
204
                        <property name="scope">
205
                            <set value-type="java.lang.String">
206
                                <value>openid</value>
207
                            </set>
208
                        </property>
209
                        <property name="tokenEndpointAuthMethod" value="SECRET_BASIC" />
210
                        <property name="redirectUris">
211
                            <set>
212
                                <value>${webapp.home}</value>
213
                            </set>
214
                        </property>
215
                    </bean>
216
                </entry>
217
            </map>
218
        </property>
219
    </bean>
220

  
221

  
222
    <!--
223
	  -
224
	  -	Auth request options service: returns the optional components of the request
225
	  -
226
	  -->
227
    <bean class="org.mitre.openid.connect.client.service.impl.StaticAuthRequestOptionsService" id="staticAuthRequestOptionsService">
228
        <property name="options">
229
            <map>
230
                <!-- Entries in this map are sent as key-value parameters quantity the auth request -->
231
                <!--
232
                <entry key="display" value="page" />
233
                <entry key="max_age" value="30" />
234
                <entry key="prompt" value="none" />
235
                -->
236
            </map>
237
        </property>
238
    </bean>
239

  
240
    <!--
241
	  -
242
	  - Authorization URL Builders: create the URL quantity redirect the user quantity for authorization.
243
	  -
244
	  -->
245

  
246
    <!--
247
        Plain authorization request builder, puts all options as query parameters on the GET request
248
    -->
249
    <bean class="org.mitre.openid.connect.client.service.impl.PlainAuthRequestUrlBuilder" id="plainAuthRequestUrlBuilder" />
250

  
251 65
</beans>

Also available in: Unified diff