software.commander.1.0-RC32.source-code.applicationContext.xml Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of commander Show documentation
Show all versions of commander Show documentation
Commander is an ANSI RBAC compliant administrative Web UI
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2013, JoshuaTree Software. All rights reserved.
-->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!-- Housekeeping -->
<bean id="baseURL" class="java.lang.String">
<constructor-arg value="${scheme}://${host}:${port}${rootPath}"/>
</bean>
<bean id="site" class="java.lang.String">
<constructor-arg value="${project.parent.url}"/>
</bean>
<bean id="license" class="java.lang.String">
<constructor-arg value="${licenseUrl}"/>
</bean>
<bean id="HOME" class="java.lang.String">
<constructor-arg value="HOME"/>
</bean>
<!-- These Fortress Manager beans are used as api for RBAC/IAM domain model -->
<bean id="reviewMgr" class="us.jts.fortress.ReviewMgrFactory" scope="prototype"
factory-method="createInstance">
<constructor-arg value="HOME"/>
</bean>
<bean id="adminMgr" class="us.jts.fortress.AdminMgrFactory" scope="prototype"
factory-method="createInstance">
<constructor-arg value="HOME"/>
</bean>
<bean id="accessMgr" class="us.jts.fortress.AccessMgrFactory" scope="prototype"
factory-method="createInstance">
<constructor-arg value="HOME"/>
</bean>
<bean id="delReviewMgr" class="us.jts.fortress.DelReviewMgrFactory" scope="prototype"
factory-method="createInstance">
<constructor-arg value="HOME"/>
</bean>
<bean id="delAdminMgr" class="us.jts.fortress.DelAdminMgrFactory" scope="prototype"
factory-method="createInstance">
<constructor-arg value="HOME"/>
</bean>
<bean id="delAccessMgr" class="us.jts.fortress.DelAccessMgrFactory" scope="prototype"
factory-method="createInstance">
<constructor-arg value="HOME"/>
</bean>
<bean id="auditMgr" class="us.jts.fortress.AuditMgrFactory" scope="prototype"
factory-method="createInstance">
<constructor-arg value="HOME"/>
</bean>
<bean id="pwPolicyMgr" class="us.jts.fortress.PwPolicyMgrFactory" scope="prototype"
factory-method="createInstance">
<constructor-arg value="HOME"/>
</bean>
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetObject">
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetClass" value="java.lang.System"/>
<property name="targetMethod" value="getProperties"/>
</bean>
</property>
<property name="targetMethod" value="putAll"/>
<property name="arguments">
<util:properties>
<prop key="version">1.0-RC32</prop>
</util:properties>
</property>
</bean>
<!-- Inject spring context into wicket pages -->
<bean id="wicketApplication" class="us.jts.commander.ApplicationContext"></bean>
<!-- setup spring security using preauthenticated (java ee) strategy -->
<bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
<sec:filter-chain-map path-type="ant">
<sec:filter-chain pattern="/**" filters="sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>
</sec:filter-chain-map>
</bean>
<bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref='preAuthenticatedAuthenticationProvider'/>
</sec:authentication-manager>
<bean id="preAuthenticatedAuthenticationProvider"
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
<property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService"/>
</bean>
<bean id="preAuthenticatedUserDetailsService"
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService"/>
<bean id="j2eePreAuthFilter"
class="org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="authenticationDetailsSource">
<bean class="org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource">
<property name="mappableRolesRetriever">
<bean class="org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever"/>
</property>
<property name="userRoles2GrantedAuthoritiesMapper">
<bean class="org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper">
<property name="convertAttributeToUpperCase" value="true"/>
</bean>
</property>
</bean>
</property>
</bean>
<bean id="preAuthenticatedProcessingFilterEntryPoint"
class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"/>
<bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
<constructor-arg value="/"/>
<constructor-arg>
<list>
<bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
</list>
</constructor-arg>
</bean>
<bean id="servletContext" class="org.springframework.web.context.support.ServletContextFactoryBean"/>
<bean id="etf" class="org.springframework.security.web.access.ExceptionTranslationFilter">
<property name="authenticationEntryPoint" ref="preAuthenticatedProcessingFilterEntryPoint"/>
</bean>
<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions" value="false"/>
<property name="decisionVoters">
<list>
<ref bean="roleVoter"/>
</list>
</property>
</bean>
<bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/>
<property name="securityMetadataSource">
<sec:filter-invocation-definition-source>
<!-- before spring interceptor recognizes these roles, the j2ee preauthentication filter requires prior declaration in web.xml -->
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.userpage"
access="ROLE_RBAC_ADMIN,ROLE_USERS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.rolepage"
access="ROLE_RBAC_ADMIN,ROLE_ROLES"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.permpage"
access="ROLE_RBAC_ADMIN,ROLE_PERMS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.sdstaticpage"
access="ROLE_RBAC_ADMIN,ROLE_SSDS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.sddynamicpage"
access="ROLE_RBAC_ADMIN,ROLE_DSDS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.pwpolicypage"
access="ROLE_RBAC_ADMIN,ROLE_POLICIES"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.objectpage"
access="ROLE_RBAC_ADMIN,ROLE_PERMOBJS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.ouuserpage"
access="ROLE_RBAC_ADMIN,ROLE_USEROUS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.oupermpage"
access="ROLE_RBAC_ADMIN,ROLE_PERMOUS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.roleadminpage"
access="ROLE_RBAC_ADMIN,ROLE_ADMINROLES"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.objectadminpage"
access="ROLE_RBAC_ADMIN,ROLE_ADMINOBJS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.permadminpage"
access="ROLE_RBAC_ADMIN,ROLE_ADMINPERMS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.auditauthzpage"
access="ROLE_RBAC_ADMIN,ROLE_AUDIT_AUTHZS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.auditmodpage"
access="ROLE_RBAC_ADMIN,ROLE_AUDIT_MODS"/>
<sec:intercept-url pattern="/wicket/bookmarkable/us.jts.commander.auditbindpage"
access="ROLE_RBAC_ADMIN,ROLE_AUDIT_BINDS"/>
</sec:filter-invocation-definition-source>
</property>
</bean>
<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter"/>
<bean id="securityContextHolderAwareRequestFilter"
class="org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter"/>
</beans>