argos/dmp-backend/src/main/webapp/WEB-INF/spring-security.xml


<beans:beans
   xmlns="http://www.springframework.org/schema/security"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns:beans="http://www.springframework.org/schema/beans"
   xmlns:sec="http://www.springframework.org/schema/security"
   xmlns:context="http://www.springframework.org/schema/context"
   xsi:schemaLocation="
      http://www.springframework.org/schema/security 
      http://www.springframework.org/schema/security/spring-security-4.2.xsd
      http://www.springframework.org/schema/context
 	  http://www.springframework.org/schema/context/spring-context-4.2.xsd
      http://www.springframework.org/schema/beans 
      http://www.springframework.org/schema/beans/spring-beans-4.2.xsd">
 
 	<context:component-scan base-package="security.*" />
 
	
	<http use-expressions="true" create-session="stateless" auto-config='true'>
	
		<!-- Default to Spring MVC's CORS configuration -->
		<cors />
		<!-- disable csrf checks -->
		<csrf disabled="true"/>
	
		<custom-filter after="BASIC_AUTH_FILTER" ref="tokenAuthenticationFilter" />
	     <intercept-url pattern="/**" access="true" />
	     <http-basic/>
 	</http>
	

	<authentication-manager>
		<authentication-provider ref="customAuthenticationProvider" />
	</authentication-manager>


	<beans:bean id="tokenFilter" class="security.TokenAuthenticationFilter"/>


</beans:beans>
Security is now completed... only token-based calls are now permitted. 2017-10-13 17:08:49 +02:00
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00			`<beans:beans`
			`xmlns="http://www.springframework.org/schema/security"`
			`xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"`
			`xmlns:beans="http://www.springframework.org/schema/beans"`
			`xmlns:sec="http://www.springframework.org/schema/security"`
			`xmlns:context="http://www.springframework.org/schema/context"`
			`xsi:schemaLocation="`
			`http://www.springframework.org/schema/security`
			`http://www.springframework.org/schema/security/spring-security-4.2.xsd`
			`http://www.springframework.org/schema/context`
			`http://www.springframework.org/schema/context/spring-context-4.2.xsd`
			`http://www.springframework.org/schema/beans`
			`http://www.springframework.org/schema/beans/spring-beans-4.2.xsd">`

			`<context:component-scan base-package="security.*" />`


			`<http use-expressions="true" create-session="stateless" auto-config='true'>`
Finalized security. Resolved all issues 2017-10-16 16:57:17 +02:00
			`<!-- Default to Spring MVC's CORS configuration -->`
			`<cors />`
cleared csrf 2017-10-16 18:30:29 +02:00			`<!-- disable csrf checks -->`
			`<csrf disabled="true"/>`
Finalized security. Resolved all issues 2017-10-16 16:57:17 +02:00
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00			`<custom-filter after="BASIC_AUTH_FILTER" ref="tokenAuthenticationFilter" />`
project dmps pagination 2017-12-14 18:07:09 +01:00			`<intercept-url pattern="/**" access="true" />`
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00			`<http-basic/>`
			`</http>`


			`<authentication-manager>`
			`<authentication-provider ref="customAuthenticationProvider" />`
			`</authentication-manager>`


			`<beans:bean id="tokenFilter" class="security.TokenAuthenticationFilter"/>`


Added native token generation and full session management. 2017-10-13 14:23:59 +02:00
Updated the rest interface, added many missing features. 2017-10-04 11:48:21 +02:00			`</beans:beans>`