MaxKey/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml

<?xml version="1.0" encoding="UTF-8" ?>
<beans 	xmlns="http://www.springframework.org/schema/beans"
		xmlns:context="http://www.springframework.org/schema/context"
		xmlns:mvc="http://www.springframework.org/schema/mvc"
		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
		xmlns:p="http://www.springframework.org/schema/p"
		xmlns:util="http://www.springframework.org/schema/util"
		xsi:schemaLocation="
	        http://www.springframework.org/schema/beans 
			http://www.springframework.org/schema/beans/spring-beans.xsd
			http://www.springframework.org/schema/context 
			http://www.springframework.org/schema/context/spring-context.xsd
	        http://www.springframework.org/schema/util     
	        http://www.springframework.org/schema/util/spring-util.xsd
	        http://www.springframework.org/schema/mvc 
			http://www.springframework.org/schema/mvc/spring-mvc.xsd">	
	
	<!-- enable autowire -->
    <context:annotation-config />
    
    <!-- language select must remove -->
	<mvc:annotation-driven />
  
	<!-- web Controller InterceptorAdapter  -->
	<mvc:interceptors>
		<!-- web Controller InterceptorAdapter for platform permission  -->
		<mvc:interceptor>
			<!-- for permission -->
			<mvc:mapping path="/index*/**" />
			<mvc:mapping path="/logs*/**" />
			<mvc:mapping path="/userinfo*/**" />
			<mvc:mapping path="/profile*/**" />
			<mvc:mapping path="/safe*/**" />
			<mvc:mapping path="/historys*/**" />
			<mvc:mapping path="/appList*/**" />
			<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
		</mvc:interceptor>	
		<!-- web Controller InterceptorAdapter for platform log  -->
		<mvc:interceptor>
			<mvc:mapping path="/users/*" /> 
			<mvc:mapping path="/userinfo/*" />
			<mvc:mapping path="/authInfo/*" />
			<mvc:mapping path="/retrievePassword/*"/>
			<bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
		</mvc:interceptor>
		<!-- web Controller sso Adapter -->
		<mvc:interceptor>
			<mvc:mapping path="/authz/basic/*" />
			<mvc:mapping path="/authz/ltpa/*" />
			<mvc:mapping path="/authz/desktop/*" />
			<mvc:mapping path="/authz/formbased/*" />
			<mvc:mapping path="/authz/tokenbased/*"/>
			<mvc:mapping path="/authz/saml20/idpinit/*"/>
			<mvc:mapping path="/authz/saml20/assertion"/>
			<mvc:mapping path="/authz/cas/login"/>
			<mvc:mapping path="/authz/cas/granting"/>
			<bean class="org.maxkey.web.interceptor.PreLoginAppAdapter" />
		</mvc:interceptor>
		<!-- web Controller sso Adapter -->
		<mvc:interceptor>
			<mvc:mapping path="/authz/basic/*" />
			<mvc:mapping path="/authz/ltpa/*" />
			<mvc:mapping path="/authz/desktop/*" />
			<mvc:mapping path="/authz/formbased/*" />
			<mvc:mapping path="/authz/tokenbased/*"/>
			<mvc:mapping path="/authz/saml20/idpinit/*"/>
			<mvc:mapping path="/authz/saml20/assertion"/>
			<mvc:mapping path="/authz/cas/granting"/>
			<bean class="org.maxkey.web.interceptor.HistoryLoginAppAdapter" />
		</mvc:interceptor>

		
		<ref bean="localeChangeInterceptor" />
	</mvc:interceptors>
	  
	<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.InMemoryRemeberMeService">
	</bean>
	 <!--
	<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.RedisRemeberMeService">
	   <property name="connectionFactory" ref="redisConnectionFactory"></property>
    </bean>
    -->
	<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
	</bean>
	<!-- 
	<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
	</bean>
	-->
	
	<!-- for Forgot Password -->
	<bean id="tfaMailOptAuthn" class="org.maxkey.crypto.password.opt.impl.MailOtpAuthn">
	</bean>
	
	<bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
	</bean>
	 
	<!-- Authentication Password Encoder Config -->
	<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>   
	
	<!-- LDAP Realm 
	<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
		<constructor-arg ref="jdbcTemplate"/>
		<property name="ldapServers">
			<list>
				<bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
					<property name="ldapUtils">
						<bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
							<property name="providerUrl" value="ldap://localhost:389"></property>
							<property name="principal" value="cn=root"></property>
							<property name="credentials" value="rootroot"></property>
							<property name="baseDN" value="dc=connsec,dc=com"></property>
						</bean>
					</property>
					<property name="filterAttribute" value="uid"></property>
				</bean>	
			</list>
		</property>
	</bean> -->
	
	<!-- Active Directory  Realm 
	<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
		<constructor-arg ref="jdbcTemplate"/>
		<property name="activeDirectoryServers">
			<list>
				<bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
					<property name="activeDirectoryUtils">
						<bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
							<property name="providerUrl" value="ldap://localhost:389"></property>
							<property name="principal" value="cn=root"></property>
							<property name="credentials" value="rootroot"></property>
							<property name="domain" value="connsec"></property>
						</bean>
					</property>
				</bean>	
			</list>
		</property>
	</bean> -->
	
	<!-- Default Realm-->
	<!-- realm use jdbc -->
	<bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
		<constructor-arg ref="jdbcTemplate"/>
	</bean>
   
	<mvc:annotation-driven />

	<mvc:default-servlet-handler />

</beans>