57 lines
2.4 KiB
XML
57 lines
2.4 KiB
XML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<beans:beans xmlns:security="http://www.springframework.org/schema/security"
|
||
|
xmlns:beans="http://www.springframework.org/schema/beans"
|
||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||
|
xsi:schemaLocation="http://www.springframework.org/schema/beans
|
||
|
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
||
|
http://www.springframework.org/schema/security
|
||
|
http://www.springframework.org/schema/security/spring-security.xsd">
|
||
|
|
||
|
<!-- <security:debug /> -->
|
||
|
|
||
|
<!--<security:http create-session="stateless">-->
|
||
|
|
||
|
<!--<security:http-basic />-->
|
||
|
|
||
|
<!--<security:intercept-url-->
|
||
|
<!--pattern="/mvc/inspector/**" access="hasRole('ROLE_USER')"/>-->
|
||
|
<!--<security:intercept-url pattern="/mvc/oai/**"-->
|
||
|
<!--access="hasAnyRole('ROLE_ANONYMOUS', 'ROLE_USER')" />-->
|
||
|
<!--<security:intercept-url pattern="/mvc/ui/**"-->
|
||
|
<!--access="hasRole('ROLE_USER')"/>-->
|
||
|
<!--<security:intercept-url pattern="/monitoring/**"-->
|
||
|
<!--access="hasAnyRole('ROLE_ANONYMOUS', 'ROlE_USER')" />-->
|
||
|
|
||
|
<!--<security:anonymous username="guest"-->
|
||
|
<!--granted-authority="'ROLE_ANONYMOUS'" />-->
|
||
|
<!--<security:logout />-->
|
||
|
<!--</security:http>-->
|
||
|
|
||
|
<!-- security exclusion first -->
|
||
|
<security:http pattern="/mvc/ui/lightui*/**" security="none"/>
|
||
|
<security:http pattern="/mvc/ui/vocabularies.do/**" security="none"/>
|
||
|
|
||
|
<security:http>
|
||
|
<security:http-basic />
|
||
|
<!--<security:anonymous username="guest" granted-authority="'ROLE_ANONYMOUS'" />-->
|
||
|
<!--<security:intercept-url pattern="/monitoring/**" access="hasRole('ANONYMOUS')" />-->
|
||
|
<!--<security:intercept-url pattern="/mvc/oai/**" access="hasRole('ANONYMOUS')" />-->
|
||
|
<security:intercept-url pattern="/mvc/inspector/**" access="hasRole('ADMIN')" />
|
||
|
<security:intercept-url pattern="/mvc/ui/**" access="hasRole('ADMIN')" />
|
||
|
<security:csrf disabled="true"/>
|
||
|
<security:logout />
|
||
|
</security:http>
|
||
|
|
||
|
|
||
|
|
||
|
<security:authentication-manager alias="authManager">
|
||
|
<security:authentication-provider>
|
||
|
<security:password-encoder hash="md5" />
|
||
|
<security:user-service>
|
||
|
<security:user name="admin" password="${dnet.admin.password}"
|
||
|
authorities="ROLE_ADMIN" />
|
||
|
</security:user-service>
|
||
|
</security:authentication-provider>
|
||
|
</security:authentication-manager>
|
||
|
|
||
|
</beans:beans>
|