antenor-caixaki-application-context-security-xml

1. <?xml version="1.0" encoding="UTF-8" ?>
2. <b:beans xmlns="http://www.springframework.org/schema/security"
3.     xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4.     xsi:schemaLocation="http://www.springframework.org/schema/beans
5. http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
6. http://www.springframework.org/schema/security
7. http://www.springframework.org/schema/security/spring-security-3.1.xsd">
8.    
9.     <global-method-security secured-annotations="enabled" />
10.    
11.     <http auto-config="true"
12.             access-denied-page="/error/acessoNegado.xhtml"
13.             use-expressions="true">
14.        
15.         <intercept-url pattern="/cadastro/cad_permissao.jsf"
16.             access="hasAnyRole('ADMIN')" method="POST" />
17.            
18.         <intercept-url pattern="/resources/componentes/**"
19.             access="isAuthenticated() and hasAnyRole('USER')" />
20.            
21.         <intercept-url pattern="/resources/**"
22.             access="isAuthenticated() and hasAnyRole('USER')" />
23.            
24.         <intercept-url pattern="/restrito/**"
25.             access="isAuthenticated() and hasAnyRole('USER')" />
26.            
27.         <intercept-url pattern="/error/**"
28.             access="isAnonymous() or isAuthenticated() or !isAuthenticated()" />   
29.            
30.         <intercept-url pattern="/templates/**"
31.             access="isAuthenticated() and hasAnyRole('USER')" />
32.            
33.         <intercept-url pattern="/cadastro/**"
34.             access="isAuthenticated() and hasAnyRole('USER')" />
35.            
36.         <intercept-url pattern="/publico/**"
37.             access="permitAll" />
38.            
39.         <form-login login-page="/publico/login.jsf"
40.             always-use-default-target="true" default-target-url="/restrito/principal.jsf"
41.             authentication-failure-url="/publico/login.jsf?login_error=1" />
42.            
43.         <logout invalidate-session="true" logout-success-url="/publico/login.jsf"
44.             logout-url="/j_spring_security_logout" delete-cookies="JSESSIONID" />
45.            
46.         <remember-me token-validity-seconds="1209600" />
47.        
48.         <session-management invalid-session-url="/publico/login.jsf"
49.             session-fixation-protection="migrateSession" >
50.                 <concurrency-control max-sessions="1"
51.                     expired-url="/publico/login.jsf"
52.                     error-if-maximum-exceeded="true" />
53.         </session-management>
54.        
55.     </http>
56.    
57.     <authentication-manager>
58.         <authentication-provider>
59.             <password-encoder hash="plaintext" />          
60.             <jdbc-user-service data-source-ref="springDataSource"
61.            
62.             users-by-username-query="select ent_login as username,
63.                                         ent_senha as password,
64.                                         'true' as enable
65.                                         from entidade
66.                                         where ent_inativo = false
67.                                         and upper(ent_login) = upper(?)"
68.            
69.             authorities-by-username-query="select u.ent_login as username,
70.                                         p.esa_codigo as authority
71.                                         from entidade u
72.                                         join entidadeacesso p
73.                                         on u.ent_codigo = p.ent_codigo
74.                                         where u.ent_inativo = false
75.                                         and upper (u.ent_login) = upper(?)" />
76.         </authentication-provider>
77.     </authentication-manager>
78.    
79. </b:beans>