ZhouXY108/wisemapping-open-source
1
1
Fork 0
mirror of https://github.com/wisemapping/wisemapping-open-source.git synced 2025-04-12 18:04:31 +08:00
Code Issues Packages Projects Releases Wiki Activity
wisemapping-open-source/wise-webapp/src/main/webapp/WEB-INF/wisemapping-security.xml
Gustavo Fuhr 2592d338bb Google Authenticaition support
2022-12-13 02:36:58 +00:00

90 lines
4.7 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<bean id="custom-firewall" class="org.springframework.security.web.firewall.StrictHttpFirewall">
<property name="allowSemicolon" value="true"/>
</bean>
<sec:http-firewall ref="custom-firewall"/>
<sec:http pattern="/static/webapp/**" security="none"/>
<sec:http pattern="/static/mindplot/**" security="none"/>
<sec:http pattern="/css/**" security="none"/>
<sec:http pattern="/js/**" security="none"/>
<sec:http pattern="/images/**" security="none"/>
<sec:http pattern="/c/maps/*/embed" security="none"/>
<sec:http pattern="/c/maps/*/try" security="none"/>
<sec:http pattern="/c/maps/*/public" security="none"/>
<sec:http pattern="/c/restful/maps/*/document/xml-pub" security="none"/>
<sec:http pattern="/c/activation" security="none"/>
<!-- Admin related services that required admin role-->
<sec:http use-expressions="true" create-session="stateless" pattern="/service/**">
<sec:csrf disabled="true"/>
<sec:intercept-url pattern="/service/users" method="OPTIONS" access="permitAll"/>
<sec:intercept-url pattern="/service/users/resetPassword" method="OPTIONS" access="permitAll"/>
<sec:intercept-url pattern="/service/users/" method="POST" access="permitAll"/>
<sec:intercept-url pattern="/service/users/resetPassword" method="PUT" access="permitAll"/>
<sec:intercept-url pattern="/service/oauth2/googlecallback" method="POST" access="permitAll"/>
<sec:intercept-url pattern="/service/oauth2/confirmaccountsync" method="PUT" access="permitAll"/>
<sec:intercept-url pattern="/service/admin/users/**" access="isAuthenticated() and hasRole('ROLE_ADMIN')"/>
<sec:intercept-url pattern="/service/admin/database/**" access="isAuthenticated() and hasRole('ROLE_ADMIN')"/>
<sec:intercept-url pattern="/service/**" access="isAuthenticated() and hasRole('ROLE_USER')"/>
<sec:http-basic/>
</sec:http>
<sec:http use-expressions="true" pattern="/c/**/*">
<sec:csrf request-matcher-ref="requestMatcher"/>
<sec:intercept-url pattern="/c/login" access="permitAll"/>
<sec:intercept-url pattern="/c/registration" access="hasRole('ANONYMOUS')"/>
<sec:intercept-url pattern="/c/registration-success" access="hasRole('ANONYMOUS')"/>
<sec:intercept-url pattern="/c/registration-google" access="permitAll"/>
<sec:intercept-url pattern="/c/forgot-password" access="hasRole('ANONYMOUS')"/>
<sec:intercept-url pattern="/c/forgot-password-success" access="hasRole('ANONYMOUS')"/>
<sec:intercept-url pattern="/c/**/*" access="isAuthenticated() and hasRole('ROLE_USER')"/>
<sec:access-denied-handler error-page="/c/login"/>
<sec:form-login login-page="/c/login"
authentication-success-handler-ref="authenticationSuccessHandler"
always-use-default-target="false"
authentication-failure-url="/c/login?login_error=2"
login-processing-url="/c/perform-login"/>
<!-- Expire in 28 days -->
<sec:remember-me token-validity-seconds="2419200"
remember-me-parameter="remember-me"
authentication-success-handler-ref="authenticationSuccessHandler"/>
<sec:logout logout-url="/c/logout" invalidate-session="true" logout-success-url="/c/login"/>
</sec:http>
<!-- Extends CSFR match to get methods to have consistency in all errors. Otherwise, get requests are forward in some cases -->
<bean id="requestMatcher"
class="com.wisemapping.security.CSFRRequestMatcher">
<property name="prefix" value="/c/restful/"/>
</bean>
<import resource="wisemapping-security-${security.type}.xml"/>
<bean id="userDetailsService" class="com.wisemapping.security.UserDetailsService">
<property name="userService" ref="userService"/>
<property name="adminUser" value="${admin.user}"/>
</bean>
<bean id="authenticationSuccessHandler" class="com.wisemapping.security.AuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/c/maps/"/>
<property name="alwaysUseDefaultTargetUrl" value="false"/>
</bean>
</beans>
Reference in New Issue View Git Blame Copy Permalink