LiRuochen_WorkFlow/MaxKey
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b1e194ca0c0fb30e260beb7fcae122a95ddfffac
MaxKey/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml

296 lines
12 KiB
XML
Raw Normal View History

init
2019-04-29 23:53:10 +08:00
<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd
http://www.springframework.org/schema/mvc
init spring
2019-05-25 23:39:07 +08:00
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
init
2019-04-29 23:53:10 +08:00
init spring
2019-05-25 23:39:07 +08:00
<!--
init
2019-04-29 23:53:10 +08:00
<sec:http pattern="/jquery/**" security="none" />
<sec:http pattern="/images/**" security="none" />
<sec:http pattern="/css/**" security="none" />
<sec:http pattern="/js/**" security="none" />
<sec:http pattern="/metadata/saml20/**" security="none" />
<sec:http pattern="/api/oauth/v20/me" security="none" />
<sec:http pattern="/api/connect/v10/userinfo" security="none" />
init spring
2019-05-25 23:39:07 +08:00
cas api
init
2019-04-29 23:53:10 +08:00
<sec:http pattern="/authz/cas/validate" security="none" />
<sec:http pattern="/authz/cas/serviceValidate" security="none" />
<sec:http pattern="/authz/cas/proxyValidate" security="none" />
<sec:http pattern="/authz/cas/proxy" security="none" />
<sec:http pattern="/authz/cas/p3/serviceValidate" security="none" />
<sec:http pattern="/authz/cas/p3/proxyValidate" security="none" />
init spring
2019-05-25 23:39:07 +08:00
-->
init
2019-04-29 23:53:10 +08:00
<!-- enable autowire -->
<context:annotation-config />
<!-- language select must remove -->
<mvc:annotation-driven />
init spring
2019-05-25 23:39:07 +08:00
init
2019-04-29 23:53:10 +08:00
<!-- web Controller InterceptorAdapter -->
<mvc:interceptors>
<!-- web Controller InterceptorAdapter for platform permission -->
<mvc:interceptor>
<!-- for index -->
<mvc:mapping path="/index/*" />
<!-- for System -->
<mvc:mapping path="/menus/*" />
<mvc:mapping path="/roles/*" />
<mvc:mapping path="/logs/*" />
<mvc:mapping path="/userinfo/*" />
<mvc:mapping path="/relyingparty/*" />
<mvc:mapping path="/sysconfig/*" />
<mvc:mapping path="/roles/*"/>
<mvc:mapping path="/applications/*"/>
<mvc:mapping path="/approles/*"/>
<mvc:mapping path="/users/*" />
<mvc:mapping path="/enterprises/*" />
<mvc:mapping path="/employees/*" />
<mvc:mapping path="/authInfo/*" />
<mvc:mapping path="/usercenter/*"/>
<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
</mvc:interceptor>
<!-- web Controller InterceptorAdapter for platform log -->
<mvc:interceptor>
<mvc:mapping path="/users/*" />
<mvc:mapping path="/userinfo/*" />
<mvc:mapping path="/enterprises/*" />
<mvc:mapping path="/employees/*" />
<mvc:mapping path="/authInfo/*" />
<mvc:mapping path="/usercenter/*"/>
<mvc:mapping path="/retrievePassword/*"/>
<mvc:mapping path="/roles/*"/>
<mvc:mapping path="/applications/*"/>
<mvc:mapping path="/approles/*"/>
<bean class="org.maxkey.web.interceptor.LogAdapter" />
</mvc:interceptor>
<!-- web Controller sso Adapter -->
<mvc:interceptor>
<mvc:mapping path="/authz/basic/*" />
<mvc:mapping path="/authz/ltpa/*" />
<mvc:mapping path="/authz/desktop/*" />
<mvc:mapping path="/authz/formbased/*" />
<mvc:mapping path="/authz/tokenbased/*"/>
<mvc:mapping path="/authz/saml20/idpinit/*"/>
<mvc:mapping path="/authz/cas/login"/>
<mvc:mapping path="/authz/cas/granting"/>
<bean class="org.maxkey.web.interceptor.PreLoginAppAdapter" />
</mvc:interceptor>
<!-- web Controller sso Adapter -->
<mvc:interceptor>
<mvc:mapping path="/authz/basic/*" />
<mvc:mapping path="/authz/ltpa/*" />
<mvc:mapping path="/authz/desktop/*" />
<mvc:mapping path="/authz/formbased/*" />
<mvc:mapping path="/authz/tokenbased/*"/>
<mvc:mapping path="/authz/saml20/idpinit/*"/>
<mvc:mapping path="/authz/cas/granting"/>
<bean class="org.maxkey.web.interceptor.LoginAppHistoryAdapter" />
</mvc:interceptor>
<ref bean="localeChangeInterceptor" />
</mvc:interceptors>
init spring
2019-05-25 23:39:07 +08:00
<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
<constructor-arg ref="jdbcTemplate"/>
<property name="validity" value="${config.login.remeberme.validity}"/>
</bean>
<bean id="timeBasedKeyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
<property name="type" value="totp" />
<property name="digits" value="6" />
<property name="issuer" value="ConnSec" />
<property name="domain" value="connsec.com" />
<property name="period" value="30" />
</bean>
<bean id="counterBasedKeyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
<property name="type" value="hotp" />
<property name="digits" value="6" />
<property name="issuer" value="maxkey" />
<property name="domain" value="maxkey.org" />
<property name="counter" value="0" />
</bean>
init
2019-04-29 23:53:10 +08:00
init spring
2019-05-25 23:39:07 +08:00
<bean id="hotpKeyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
<property name="type" value="hotp" />
<property name="digits" value="6" />
<property name="issuer" value="maxkey" />
<property name="domain" value="maxkey.org" />
<property name="counter" value="0" />
</bean>
<bean id="tfaOTPAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOTPAuthn">
<constructor-arg ref="jdbcTemplate" />
</bean>
protocl fix
2019-06-02 08:43:34 +08:00
<!-- Authentication Password Encoder Config -->
<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>
init spring
2019-05-25 23:39:07 +08:00
<bean id="passwordReciprocal" class="org.maxkey.crypto.password.PasswordReciprocal"></bean>
<bean id="cacheFactory" class="org.maxkey.cache.CacheFactory">
<property name="cache">
<list>
<bean class="org.maxkey.web.filter.ipaddress.IpAddressCache">
<property name="jdbcIpAddressService">
<bean class="org.maxkey.web.filter.ipaddress.JdbcIpAddressService">
<constructor-arg ref="jdbcTemplate"/>
</bean>
</property>
<property name="interval" value="1200" />
</bean>
</list>
</property>
</bean>
<!-- Captcha Producer Config -->
<bean id="captchaProducer" class="com.google.code.kaptcha.impl.DefaultKaptcha">
<property name="config">
<bean class="com.google.code.kaptcha.util.Config">
<constructor-arg type="java.util.Properties">
<props>
<prop key="kaptcha.image.width">70</prop>
<prop key="kaptcha.image.height">25</prop>
<prop key="kaptcha.border">no</prop>
<prop key="kaptcha.obscurificator.impl">com.google.code.kaptcha.impl.ShadowGimpy</prop>
<prop key="kaptcha.textproducer.font.size">23</prop>
<prop key="kaptcha.textproducer.char.string">0123456789</prop>
<prop key="kaptcha.textproducer.char.length">4</prop>
<prop key="kaptcha.noise.impl">com.google.code.kaptcha.impl.NoNoise</prop>
<!-- <prop key="kaptcha.noise.color">white</prop>
-->
</props>
</constructor-arg>
</bean>
</property>
</bean>
init
2019-04-29 23:53:10 +08:00
<!-- Follow is config for Spring security -->
init spring
2019-05-25 23:39:07 +08:00
<!--<csrf disabled="true"/>-->
<!-- Login
init
2019-04-29 23:53:10 +08:00
<http use-expressions="false" disable-url-rewriting="false" xmlns="http://www.springframework.org/schema/security" >
init spring
2019-05-25 23:39:07 +08:00
init
2019-04-29 23:53:10 +08:00
<headers>
<frame-options policy="SAMEORIGIN" />
</headers>
<access-denied-handler error-page="/login"/>
<intercept-url pattern="/index" access="ROLE_USER" />
<intercept-url pattern="/forwardindex" access="ROLE_USER" />
<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER" />
<form-login authentication-failure-url="/login"
default-target-url="/forwardindex"
login-page="/login"
login-processing-url="/logon.do"
username-parameter="j_username"
password-parameter="j_password"
authentication-success-handler-ref="savedRequestSuccessHandler"/>
<logout logout-url="/logout.do" logout-success-url="/logout" invalidate-session="true" delete-cookies="JSESSIONID" />
<session-management invalid-session-url="/login" />
<anonymous />
</http>
init spring
2019-05-25 23:39:07 +08:00
-->
init
2019-04-29 23:53:10 +08:00
init spring
2019-05-25 23:39:07 +08:00
<bean id="savedRequestSuccessHandler" class="org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler"> </bean>
init
2019-04-29 23:53:10 +08:00
init spring
2019-05-25 23:39:07 +08:00
<!-- spring authentication provider
init
2019-04-29 23:53:10 +08:00
<authentication-manager alias="authenticationProvider" xmlns="http://www.springframework.org/schema/security"/>
init spring
2019-05-25 23:39:07 +08:00
-->
init
2019-04-29 23:53:10 +08:00
<!-- LDAP Realm
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
<constructor-arg ref="jdbcTemplate"/>
<property name="ldapServers">
<list>
<bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
<property name="ldapUtils">
<bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
<property name="providerUrl" value="ldap://localhost:389"></property>
<property name="principal" value="cn=root"></property>
<property name="credentials" value="rootroot"></property>
<property name="baseDN" value="dc=connsec,dc=com"></property>
</bean>
</property>
<property name="filterAttribute" value="uid"></property>
</bean>
</list>
</property>
</bean> -->
<!-- Active Directory Realm
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
<constructor-arg ref="jdbcTemplate"/>
<property name="activeDirectoryServers">
<list>
<bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
<property name="activeDirectoryUtils">
<bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
<property name="providerUrl" value="ldap://localhost:389"></property>
<property name="principal" value="cn=root"></property>
<property name="credentials" value="rootroot"></property>
<property name="domain" value="connsec"></property>
</bean>
</property>
</bean>
</list>
</property>
</bean> -->
<!-- Radius Server Realm
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.radius.RadiusServerAuthenticationRealm">
<constructor-arg ref="jdbcTemplate"/>
<property name="jradiusServers">
<list>
<bean id="radiusServer1" class="org.maxkey.web.authentication.realm.radius.RadiusServer">
<property name="inetAddress" value="localhost"/>
<property name="secret" value="test1234"/>
</bean>
</list>
</property>
</bean>-->
<!-- Default Realm-->
<!-- realm use jdbc -->
init spring
2019-05-25 23:39:07 +08:00
<bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
init
2019-04-29 23:53:10 +08:00
<constructor-arg ref="jdbcTemplate"/>
</bean>
<!-- Authentication providers -->
init spring
2019-05-25 23:39:07 +08:00
<bean id="authenticationProvider" class="org.maxkey.authn.RealmAuthenticationProvider" >
init
2019-04-29 23:53:10 +08:00
</bean>
init spring
2019-05-25 23:39:07 +08:00
<!--
init
2019-04-29 23:53:10 +08:00
<authentication-manager alias="authenticationManager" xmlns="http://www.springframework.org/schema/security">
<authentication-provider ref= "realmAuthenticationProvider"/>
</authentication-manager>
init spring
2019-05-25 23:39:07 +08:00
-->
init
2019-04-29 23:53:10 +08:00
<mvc:annotation-driven />
<mvc:default-servlet-handler />
</beans>
Reference in New Issue Copy Permalink