1
|
<?xml version="1.0" encoding="UTF-8"?>
|
2
|
<beans:beans xmlns:security="http://www.springframework.org/schema/security"
|
3
|
xmlns:beans="http://www.springframework.org/schema/beans"
|
4
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
5
|
xsi:schemaLocation="http://www.springframework.org/schema/beans
|
6
|
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
7
|
http://www.springframework.org/schema/security
|
8
|
http://www.springframework.org/schema/security/spring-security.xsd">
|
9
|
|
10
|
<!-- <security:debug /> -->
|
11
|
|
12
|
<!--<security:http create-session="stateless">-->
|
13
|
|
14
|
<!--<security:http-basic />-->
|
15
|
|
16
|
<!--<security:intercept-url-->
|
17
|
<!--pattern="/mvc/inspector/**" access="hasRole('ROLE_USER')"/>-->
|
18
|
<!--<security:intercept-url pattern="/mvc/oai/**"-->
|
19
|
<!--access="hasAnyRole('ROLE_ANONYMOUS', 'ROLE_USER')" />-->
|
20
|
<!--<security:intercept-url pattern="/mvc/ui/**"-->
|
21
|
<!--access="hasRole('ROLE_USER')"/>-->
|
22
|
<!--<security:intercept-url pattern="/monitoring/**"-->
|
23
|
<!--access="hasAnyRole('ROLE_ANONYMOUS', 'ROlE_USER')" />-->
|
24
|
|
25
|
<!--<security:anonymous username="guest"-->
|
26
|
<!--granted-authority="'ROLE_ANONYMOUS'" />-->
|
27
|
<!--<security:logout />-->
|
28
|
<!--</security:http>-->
|
29
|
|
30
|
<!-- security exclusion first -->
|
31
|
<security:http pattern="/mvc/ui/lightui*/**" security="none"/>
|
32
|
<security:http pattern="/mvc/ui/vocabularies.do/**" security="none"/>
|
33
|
|
34
|
<security:http>
|
35
|
<security:http-basic />
|
36
|
<!--<security:anonymous username="guest" granted-authority="'ROLE_ANONYMOUS'" />-->
|
37
|
<!--<security:intercept-url pattern="/monitoring/**" access="hasRole('ANONYMOUS')" />-->
|
38
|
<!--<security:intercept-url pattern="/mvc/oai/**" access="hasRole('ANONYMOUS')" />-->
|
39
|
<security:intercept-url pattern="/mvc/inspector/**" access="hasRole('ADMIN')" />
|
40
|
<security:intercept-url pattern="/mvc/ui/**" access="hasRole('ADMIN')" />
|
41
|
<security:csrf disabled="true"/>
|
42
|
<security:logout />
|
43
|
</security:http>
|
44
|
|
45
|
|
46
|
|
47
|
<security:authentication-manager alias="authManager">
|
48
|
<security:authentication-provider>
|
49
|
<security:password-encoder hash="md5" />
|
50
|
<security:user-service>
|
51
|
<security:user name="admin" password="${dnet.admin.password}"
|
52
|
authorities="ROLE_ADMIN" />
|
53
|
</security:user-service>
|
54
|
</security:authentication-provider>
|
55
|
</security:authentication-manager>
|
56
|
|
57
|
</beans:beans>
|