티스토리 툴바


Java 이야기2009/02/22 13:13
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
    xmlns:p="http://www.springframework.org/schema/p"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">

    <bean id="springSecurityFilterChain" class="org.springframework.security.util.FilterChainProxy">
        <security:filter-chain-map path-type="ant">
            <security:filter-chain pattern="/css/**" filters="none" />
            <security:filter-chain pattern="/images/**" filters="none" />
            <security:filter-chain pattern="/script/**" filters="none" />
            <security:filter-chain pattern="/admin/denied.action" filters="none" />
            <security:filter-chain pattern="/denied.action" filters="none" />
            <security:filter-chain pattern="/admin/**"
                filters="httpSessionContextIntegrationFilter, logoutFilter, adminAuthenticationProcessingFilter, basicProcessingFilter, securityContextHolderAwareRequestFilter, rememberMeProcessingFilter, anonymousProcessingFilter, adminExceptionTranslationFilter, sessionFixationProtectionFilter, adminFilterSecurityInterceptor" />
            <security:filter-chain pattern="/**"
                filters="httpSessionContextIntegrationFilter, logoutFilter, accessLogFilter, userAuthenticationProcessingFilter, basicProcessingFilter, securityContextHolderAwareRequestFilter, rememberMeProcessingFilter, anonymousProcessingFilter, userExceptionTranslationFilter, sessionFixationProtectionFilter, userFilterSecurityInterceptor" />
        </security:filter-chain-map>
    </bean>

    <!-- ======================== Security Filters ======================= -->
    <bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter">
        <property name="allowSessionCreation" value="true" />
        <property name="forceEagerSessionCreation" value="false" />
        <property name="contextClass" value="org.springframework.security.context.SecurityContextImpl" />
    </bean>

    <!--  Multi authenticationProcessingFilter -->
    <bean id="adminAuthenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
        <property name="rememberMeServices" ref="rememberMeServices" />
        <property name="invalidateSessionOnSuccessfulAuthentication" value="true" />
        <property name="authenticationManager" ref="authenticationManager" />
        <property name="authenticationFailureUrl" value="/admin/logon.action?login_error=1" />
        <property name="defaultTargetUrl" value="/admin/account!list.action?account.accountType=COMMON" />
        <property name="filterProcessesUrl" value="/admin/j_spring_security_check" />
    </bean>

    <bean id="userAuthenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
        <property name="rememberMeServices" ref="rememberMeServices" />
        <property name="invalidateSessionOnSuccessfulAuthentication" value="true" />
        <property name="authenticationManager" ref="authenticationManager" />
        <property name="authenticationFailureUrl" value="/account/logon.action?login_error=1" />
        <property name="defaultTargetUrl" value="/index.action" />
        <property name="filterProcessesUrl" value="/j_spring_security_check" />
    </bean>

    <bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter" />

    <bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
        <property name="authenticationManager" ref="authenticationManager" />
        <property name="authenticationEntryPoint" ref="basicProcessingFilterEntryPoint" />
        <property name="rememberMeServices" ref="rememberMeServices" />
    </bean>

    <bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
        <constructor-arg value="/index.action" />
        <constructor-arg>
            <list>
                <bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler" />
                <ref local="rememberMeServices" />
            </list>
        </constructor-arg>
        <property name="filterProcessesUrl" value="/j_spring_security_logout" />
    </bean>

    <bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter">
        <property name="authenticationManager" ref="authenticationManager" />
        <property name="rememberMeServices" ref="rememberMeServices" />
    </bean>

    <bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter">
        <property name="key" value="doesNotMatter" />
        <property name="userAttribute" value="roleAnonymous, ROLE_ANONYMOUS" />
    </bean>

    <!-- Multi exceptionTranslationFilter -->
    <bean id="adminExceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
        <property name="authenticationEntryPoint">
            <bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                <property name="loginFormUrl" value="/admin/logon.action" />
                <property name="forceHttps" value="false" />
            </bean>
        </property>
        <property name="accessDeniedHandler">
            <bean class="com.ef.delivery.handler.AccessDeniedHandlerImpl">
                <property name="deniedUrl" value="/admin/denied.action" />
            </bean>
        </property>
    </bean>

    <bean id="userExceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
        <property name="authenticationEntryPoint">
            <bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                <property name="loginFormUrl" value="/account/logon.action" />
                <property name="forceHttps" value="false" />
            </bean>
        </property>
        <property name="accessDeniedHandler">
            <bean class="org.springframework.security.ui.AccessDeniedHandlerImpl">
                <property name="errorPage" value="/denied.jsp" />
            </bean>
        </property>
    </bean>

    <bean id="sessionFixationProtectionFilter" class="org.springframework.security.ui.SessionFixationProtectionFilter" />

    <bean id="accessLogFilter" class="com.ef.delivery.filters.AccessLogFilter"></bean>

    <!-- ======================== Interceptor ======================= -->
    <bean id="adminFilterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
        <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager" />
        <property name="authenticationManager" ref="authenticationManager" />
        <property name="objectDefinitionSource">
            <security:filter-invocation-definition-source>
                <security:intercept-url pattern="/admin/logon.action" access="ROLE_ANONYMOUS" />
                <security:intercept-url pattern="/admin/*" access="ROLE_SUPERVISOR" />
            </security:filter-invocation-definition-source>
        </property>
    </bean>

    <bean id="userFilterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
        <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager" />
        <property name="authenticationManager" ref="authenticationManager" />
        <property name="objectDefinitionSource">
            <security:filter-invocation-definition-source>
                <security:intercept-url pattern="/account/shopRegister*" access="ROLE_SHOP, ROLE_SUPERVISOR" />
                <security:intercept-url pattern="/myzone/*.action" access="ROLE_USER" />
                <security:intercept-url pattern="/community/*!create.action" access="ROLE_USER" />
                <security:intercept-url pattern="/shop/*!create.action" access="ROLE_USER" />
                <security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
            </security:filter-invocation-definition-source>
        </property>
    </bean>

    <!-- ======================== Dao Service ======================= -->
    <bean id="securityDataSource" class="com.ef.delivery.persistence.ibatis.SecurityDaoSqlMap" />

    <!-- ======================== Manager ======================= -->
    <bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
        <property name="allowIfAllAbstainDecisions" value="false" />
        <property name="decisionVoters">
            <list>
                <bean class="org.springframework.security.vote.RoleVoter" />
                <bean class="org.springframework.security.vote.AuthenticatedVoter" />
            </list>
        </property>
    </bean>

    <bean id="authenticationManager" class="org.springframework.security.config.NamespaceAuthenticationManager">
        <property name="providerBeanNames">
            <list>
                <value>anonymousAuthenticationProvider</value>
                <value>rememberMeAuthenticationProvider</value>
                <value>authenticationProvider</value>
            </list>
        </property>
    </bean>

    <!-- ======================== Entry Point ======================= -->
    <bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint">
        <property name="realmName" value="Spring Security Application" />
    </bean>

    <!-- ======================== Service ======================= -->
    <bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices">
        <property name="userDetailsService" ref="securityDataSource" />
        <property name="tokenValiditySeconds" value="1800"></property>
        <property name="key" value="SpringSecured" />
    </bean>

    <!-- ======================== Provider ================================== -->
    <bean id="anonymousAuthenticationProvider" class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
        <property name="key" value="doesNotMatter" />
    </bean>

    <bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
        <property name="key" value="SpringSecured" />
    </bean>

    <bean id="authenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
        <property name="hideUserNotFoundExceptions" value="false" />
        <property name="userDetailsService" ref="securityDataSource" />
        <property name="passwordEncoder">
            <bean class="org.springframework.security.providers.encoding.PlaintextPasswordEncoder" />
        </property>
    </bean>

    <!-- ======================== Message Source ================================== -->
    <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
        <property name="basenames">
            <list>
                <value>org.springframework.security.messages</value>
            </list>
        </property>
    </bean>
</beans>

Posted by 소리아