Revision 51525
Added by Panagiotis Kanakakis over 6 years ago
aai-security.xml | ||
---|---|---|
36 | 36 |
|
37 | 37 |
<bean id="openIdConnectAuthenticationProvider" class="org.mitre.openid.connect.client.OIDCAuthenticationProvider"> |
38 | 38 |
<property name="authoritiesMapper"> |
39 |
<bean class="org.mitre.openid.connect.client.NamedAdminAuthoritiesMapper">
|
|
40 |
<property name="admins" ref="namedAdmins" />
|
|
39 |
<bean class="eu.dnetlib.repo.manager.service.config.OpenAireProviderAuthoritiesMapper">
|
|
40 |
<constructor-arg name="userRoles" ref="userRoles"/>
|
|
41 | 41 |
</bean> |
42 | 42 |
</property> |
43 | 43 |
</bean> |
44 | 44 |
|
45 |
<util:set id="namedAdmins" value-type="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority"> |
|
46 |
<!-- |
|
47 |
This is an example of how to set up a user as an administrator: they'll be given ROLE_ADMIN in addition to ROLE_USER. |
|
48 |
Note that having an administrator role on the IdP doesn't grant administrator access on this client. |
|
45 |
<util:map id="userRoles"> |
|
46 |
<entry key="urn:geant:openaire.eu:group:Super+Administrator" value="ROLE_ADMIN"/> |
|
47 |
</util:map> |
|
49 | 48 |
|
50 |
These are values from the demo "openid-connect-server-webapp" project of MITREid Connect. |
|
51 |
--> |
|
52 |
<bean class="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority"> |
|
53 |
<constructor-arg name="subject" value="subject_value" /> |
|
54 |
<constructor-arg name="issuer" value="${oidc.issuer}" /> |
|
55 |
</bean> |
|
56 |
</util:set> |
|
57 | 49 |
|
58 |
|
|
59 | 50 |
<bean class="eu.dnetlib.repo.manager.service.config.FrontEndLinkURIAuthenticationSuccessHandler" id="frontEndRedirect"> |
60 | 51 |
<property name="frontEndURI" value="${webapp.dev.front}"/> |
61 | 52 |
</bean> |
Also available in: Unified diff
1. Add roles for aai
2. Changes on converter file for new interface object
3. Move emailUtils to avoid bug on bean definitions
4. Add openaire provider authorities mapper class
5. Bug fixes on controllers