1
|
<?xml version="1.0" encoding="UTF-8"?>
|
2
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
3
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
|
4
|
xmlns:context="http://www.springframework.org/schema/context"
|
5
|
xmlns:security="http://www.springframework.org/schema/security"
|
6
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
|
7
|
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
|
8
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
|
9
|
|
10
|
<!-- <security:debug /> -->
|
11
|
|
12
|
<security:http create-session="stateless">
|
13
|
|
14
|
<security:http-basic />
|
15
|
|
16
|
<security:intercept-url
|
17
|
pattern="/mvc/inspector/index.do/**/Security**/**/show" access="ROLE_USER" />
|
18
|
<security:intercept-url pattern="/mvc/inspector/index.do/**/User**/**/show"
|
19
|
access="ROLE_USER" />
|
20
|
<security:intercept-url
|
21
|
pattern="/mvc/inspector/index.do/**/Security**/**/list" access="ROLE_USER" />
|
22
|
<security:intercept-url pattern="/mvc/inspector/index.do/**/User**/**/list"
|
23
|
access="ROLE_USER" />
|
24
|
<security:intercept-url pattern="/mvc/inspector/index.do/**/show"
|
25
|
access="ROLE_ANONYMOUS, ROLE_USER" />
|
26
|
<security:intercept-url pattern="/mvc/inspector/index.do/**/list"
|
27
|
access="ROLE_ANONYMOUS, ROLE_USER" />
|
28
|
<security:intercept-url pattern="/mvc/inspector/msroProcessImage.do/**"
|
29
|
access="ROLE_ANONYMOUS, ROLE_USER" />
|
30
|
<security:intercept-url pattern="/mvc/inspector/backup.do/**"
|
31
|
access="ROLE_ANONYMOUS, ROLE_USER" />
|
32
|
<security:intercept-url pattern="/mvc/inspector/static.do/**"
|
33
|
access="ROLE_ANONYMOUS, ROLE_USER" />
|
34
|
<security:intercept-url pattern="/mvc/oai/**"
|
35
|
access="ROLE_ANONYMOUS, ROLE_USER" />
|
36
|
<security:intercept-url pattern="/mvc/api/**" access="ROLE_ANONYMOUS" />
|
37
|
<security:intercept-url pattern="/mvc/inspector/**"
|
38
|
access="ROLE_USER" />
|
39
|
<security:intercept-url pattern="/mvc/ui/**"
|
40
|
access="ROLE_USER" />
|
41
|
<security:intercept-url pattern="/monitoring/**"
|
42
|
access="ROLE_MONITOR" />
|
43
|
|
44
|
<security:anonymous username="guest"
|
45
|
granted-authority="ROLE_ANONYMOUS" />
|
46
|
</security:http>
|
47
|
|
48
|
<security:authentication-manager>
|
49
|
<security:authentication-provider>
|
50
|
<security:password-encoder hash="md5" />
|
51
|
<security:user-service>
|
52
|
<security:user name="admin" password="${inspector.admin.password}"
|
53
|
authorities="ROLE_USER" />
|
54
|
<security:user name="monitor" password="${inspector.monitor.password}"
|
55
|
authorities="ROLE_MONITOR" />
|
56
|
</security:user-service>
|
57
|
</security:authentication-provider>
|
58
|
</security:authentication-manager>
|
59
|
|
60
|
</beans>
|