206 lines
8.3 KiB
XML
206 lines
8.3 KiB
XML
<?xml version="1.0" encoding="UTF-8" ?>
|
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
xmlns:context="http://www.springframework.org/schema/context"
|
|
xmlns:mvc="http://www.springframework.org/schema/mvc"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xmlns:p="http://www.springframework.org/schema/p"
|
|
xmlns:util="http://www.springframework.org/schema/util"
|
|
xsi:schemaLocation="
|
|
http://www.springframework.org/schema/beans
|
|
http://www.springframework.org/schema/beans/spring-beans.xsd
|
|
http://www.springframework.org/schema/context
|
|
http://www.springframework.org/schema/context/spring-context.xsd
|
|
http://www.springframework.org/schema/util
|
|
http://www.springframework.org/schema/util/spring-util.xsd
|
|
http://www.springframework.org/schema/mvc
|
|
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
|
|
|
|
<!-- enable autowire -->
|
|
<context:annotation-config />
|
|
|
|
<!-- language select must remove -->
|
|
<mvc:annotation-driven />
|
|
|
|
<!-- web Controller InterceptorAdapter -->
|
|
<mvc:interceptors>
|
|
<!-- web Controller InterceptorAdapter for platform permission -->
|
|
<mvc:interceptor>
|
|
<!-- for permission -->
|
|
<mvc:mapping path="/index*/**" />
|
|
<mvc:mapping path="/logs*/**" />
|
|
<mvc:mapping path="/userinfo*/**" />
|
|
<mvc:mapping path="/profile*/**" />
|
|
<mvc:mapping path="/safe*/**" />
|
|
<mvc:mapping path="/historys*/**" />
|
|
<mvc:mapping path="/appList*/**" />
|
|
<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
|
|
</mvc:interceptor>
|
|
<!-- web Controller InterceptorAdapter for platform log -->
|
|
<mvc:interceptor>
|
|
<mvc:mapping path="/users/*" />
|
|
<mvc:mapping path="/userinfo/*" />
|
|
<mvc:mapping path="/authInfo/*" />
|
|
<mvc:mapping path="/retrievePassword/*"/>
|
|
<bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
|
|
</mvc:interceptor>
|
|
<!-- web Controller sso Adapter -->
|
|
<mvc:interceptor>
|
|
<mvc:mapping path="/authz/basic/*" />
|
|
<mvc:mapping path="/authz/ltpa/*" />
|
|
<mvc:mapping path="/authz/desktop/*" />
|
|
<mvc:mapping path="/authz/formbased/*" />
|
|
<mvc:mapping path="/authz/tokenbased/*"/>
|
|
<mvc:mapping path="/authz/saml20/idpinit/*"/>
|
|
<mvc:mapping path="/authz/saml20/assertion"/>
|
|
<mvc:mapping path="/authz/cas/login"/>
|
|
<mvc:mapping path="/authz/cas/granting"/>
|
|
<bean class="org.maxkey.web.interceptor.PreLoginAppAdapter" />
|
|
</mvc:interceptor>
|
|
<!-- web Controller sso Adapter -->
|
|
<mvc:interceptor>
|
|
<mvc:mapping path="/authz/basic/*" />
|
|
<mvc:mapping path="/authz/ltpa/*" />
|
|
<mvc:mapping path="/authz/desktop/*" />
|
|
<mvc:mapping path="/authz/formbased/*" />
|
|
<mvc:mapping path="/authz/tokenbased/*"/>
|
|
<mvc:mapping path="/authz/saml20/idpinit/*"/>
|
|
<mvc:mapping path="/authz/saml20/assertion"/>
|
|
<mvc:mapping path="/authz/cas/granting"/>
|
|
<bean class="org.maxkey.web.interceptor.HistoryLoginAppAdapter" />
|
|
</mvc:interceptor>
|
|
|
|
|
|
<ref bean="localeChangeInterceptor" />
|
|
</mvc:interceptors>
|
|
|
|
<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
|
|
<constructor-arg ref="jdbcTemplate"/>
|
|
<property name="validity" value="${config.login.remeberme.validity}"/>
|
|
</bean>
|
|
|
|
<bean id="keyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
|
|
<property name="type" value="totp" />
|
|
<property name="digits" value="6" />
|
|
<property name="issuer" value="MaxKey" />
|
|
<property name="domain" value="MaxKey.org" />
|
|
<property name="period" value="30" />
|
|
|
|
</bean>
|
|
|
|
<bean id="tfaOTPAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOTPAuthn">
|
|
<constructor-arg ref="jdbcTemplate" />
|
|
</bean>
|
|
|
|
<!-- Authentication Password Encoder Config -->
|
|
<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>
|
|
|
|
<bean id="passwordReciprocal" class="org.maxkey.crypto.password.PasswordReciprocal"></bean>
|
|
|
|
|
|
<bean id="cacheFactory" class="org.maxkey.cache.CacheFactory">
|
|
<property name="cache">
|
|
<list>
|
|
<bean class="org.maxkey.web.filter.ipaddress.IpAddressCache">
|
|
<property name="jdbcIpAddressService">
|
|
<bean class="org.maxkey.web.filter.ipaddress.JdbcIpAddressService">
|
|
<constructor-arg ref="jdbcTemplate"/>
|
|
</bean>
|
|
</property>
|
|
<property name="interval" value="1200" />
|
|
</bean>
|
|
</list>
|
|
</property>
|
|
</bean>
|
|
|
|
<!-- Captcha Producer Config -->
|
|
<bean id="captchaProducer" class="com.google.code.kaptcha.impl.DefaultKaptcha">
|
|
<property name="config">
|
|
<bean class="com.google.code.kaptcha.util.Config">
|
|
<constructor-arg type="java.util.Properties">
|
|
<props>
|
|
<prop key="kaptcha.image.width">70</prop>
|
|
<prop key="kaptcha.image.height">25</prop>
|
|
<prop key="kaptcha.border">no</prop>
|
|
<prop key="kaptcha.obscurificator.impl">com.google.code.kaptcha.impl.ShadowGimpy</prop>
|
|
<prop key="kaptcha.textproducer.font.size">23</prop>
|
|
<prop key="kaptcha.textproducer.char.string">0123456789</prop>
|
|
<prop key="kaptcha.textproducer.char.length">4</prop>
|
|
<prop key="kaptcha.noise.impl">com.google.code.kaptcha.impl.NoNoise</prop>
|
|
<!-- <prop key="kaptcha.noise.color">white</prop>
|
|
-->
|
|
</props>
|
|
</constructor-arg>
|
|
</bean>
|
|
</property>
|
|
</bean>
|
|
|
|
<bean id="savedRequestSuccessHandler" class="org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler"> </bean>
|
|
|
|
<!-- LDAP Realm
|
|
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
|
|
<constructor-arg ref="jdbcTemplate"/>
|
|
<property name="ldapServers">
|
|
<list>
|
|
<bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
|
|
<property name="ldapUtils">
|
|
<bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
|
|
<property name="providerUrl" value="ldap://localhost:389"></property>
|
|
<property name="principal" value="cn=root"></property>
|
|
<property name="credentials" value="rootroot"></property>
|
|
<property name="baseDN" value="dc=connsec,dc=com"></property>
|
|
</bean>
|
|
</property>
|
|
<property name="filterAttribute" value="uid"></property>
|
|
</bean>
|
|
</list>
|
|
</property>
|
|
</bean> -->
|
|
|
|
<!-- Active Directory Realm
|
|
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
|
|
<constructor-arg ref="jdbcTemplate"/>
|
|
<property name="activeDirectoryServers">
|
|
<list>
|
|
<bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
|
|
<property name="activeDirectoryUtils">
|
|
<bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
|
|
<property name="providerUrl" value="ldap://localhost:389"></property>
|
|
<property name="principal" value="cn=root"></property>
|
|
<property name="credentials" value="rootroot"></property>
|
|
<property name="domain" value="connsec"></property>
|
|
</bean>
|
|
</property>
|
|
</bean>
|
|
</list>
|
|
</property>
|
|
</bean> -->
|
|
|
|
<!-- Radius Server Realm
|
|
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.radius.RadiusServerAuthenticationRealm">
|
|
<constructor-arg ref="jdbcTemplate"/>
|
|
<property name="jradiusServers">
|
|
<list>
|
|
<bean id="radiusServer1" class="org.maxkey.web.authentication.realm.radius.RadiusServer">
|
|
<property name="inetAddress" value="localhost"/>
|
|
<property name="secret" value="test1234"/>
|
|
</bean>
|
|
</list>
|
|
</property>
|
|
</bean>-->
|
|
|
|
<!-- Default Realm-->
|
|
<!-- realm use jdbc -->
|
|
<bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
|
|
<constructor-arg ref="jdbcTemplate"/>
|
|
</bean>
|
|
|
|
|
|
<!-- Authentication providers -->
|
|
<bean id="authenticationProvider" class="org.maxkey.authn.RealmAuthenticationProvider" >
|
|
</bean>
|
|
|
|
<mvc:annotation-driven />
|
|
|
|
<mvc:default-servlet-handler />
|
|
|
|
</beans> |