<beans:beans xmlns="http://www.springframework.org/schema/security"
- xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans
+ xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
- <http pattern="/css/**" security="none" />
- <http pattern="/js/**" security="none" />
- <http pattern="/images/**" security="none" />
- <http pattern="/favicon.ico" security="none" />
- <http pattern="/controller/web/css/**" security="none" />
- <http pattern="/controller/web/js/**" security="none" />
- <http pattern="/controller/web/images/**" security="none" />
-
-
- <http auto-config="false" authentication-manager-ref="authenticationManager"
- security-context-repository-ref="securityContextRepo" entry-point-ref="loginUrlAuthenticationEntryPoint">
- <intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
- <intercept-url pattern="/logout*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-
-
- <intercept-url pattern="/**"
- access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN, ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
- <custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" />
- <custom-filter position="LOGOUT_FILTER" ref="logoutFilter" />
- <custom-filter position="LAST" ref="controllerFilter" />
- <remember-me services-ref="rememberMeServices" key="SDN" />
- </http>
-
- <beans:bean id="controllerFilter"
- class="org.opendaylight.controller.web.ControllerCustomFilter" />
-
- <authentication-manager id="authenticationManager">
- <authentication-provider ref="authenticationProviderWrapper" />
- </authentication-manager>
-
- <beans:bean id="authenticationFilter"
- class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
- <beans:property name="authenticationManager" ref="authenticationManager" />
- <beans:property name="authenticationFailureHandler"
- ref="authenticationFailureHandler" />
- <beans:property name="authenticationSuccessHandler">
- <beans:bean
- class="org.opendaylight.controller.web.ControllerAuthenticationSuccessHandler">
- <beans:property name="targetUrlParameter" value="x-page-url" />
- <beans:property name="defaultTargetUrl" value="/" />
- </beans:bean>
- </beans:property>
- <beans:property name="rememberMeServices" ref="rememberMeServices" />
- </beans:bean>
-
- <beans:bean id="securityContextRepo"
- class="org.opendaylight.controller.web.ControllerWebSecurityContextRepository" />
-
- <beans:bean id="authenticationFailureHandler"
- class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
- <beans:property name="useForward" value="false" />
- <beans:property name="defaultFailureUrl" value="/login" />
- </beans:bean>
-
- <beans:bean id="loginUrlAuthenticationEntryPoint"
- class="org.opendaylight.controller.web.ControllerLoginUrlAuthEntryPoint">
- <beans:property name="loginFormUrl" value="/login" />
- </beans:bean>
-
- <beans:bean id="authenticationProviderWrapper"
- class="org.opendaylight.controller.web.AuthenticationProviderWrapper" />
+ <http pattern="/css/**" security="none" />
+ <http pattern="/js/**" security="none" />
+ <http pattern="/img/**" security="none" />
+ <http pattern="/favicon.ico" security="none" />
+ <http pattern="/controller/web/css/**" security="none" />
+ <http pattern="/controller/web/js/**" security="none" />
+ <http pattern="/controller/web/img/**" security="none" />
+
+
+ <http auto-config="false" authentication-manager-ref="authenticationManager"
+ security-context-repository-ref="securityContextRepo" entry-point-ref="loginUrlAuthenticationEntryPoint">
+ <intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
+ <intercept-url pattern="/logout*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
+
+
+ <intercept-url pattern="/**"
+ access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN, ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
+ <custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" />
+ <custom-filter position="LOGOUT_FILTER" ref="logoutFilter" />
+ <custom-filter position="LAST" ref="controllerFilter" />
+ <remember-me services-ref="rememberMeServices" key="SDN" />
+ </http>
+
+ <beans:bean id="controllerFilter"
+ class="org.opendaylight.controller.web.ControllerCustomFilter" />
+
+
<authentication-manager id="authenticationManager">
+
<authentication-provider ref="authenticationProviderWrapper" />
+ </authentication-manager>
+
+ <beans:bean id="authenticationFilter"
+ class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
+ <beans:property name="authenticationManager" ref="authenticationManager" />
+ <beans:property name="authenticationFailureHandler"
+ ref="authenticationFailureHandler" />
+ <beans:property name="authenticationSuccessHandler">
+ <beans:bean
+ class="org.opendaylight.controller.web.ControllerAuthenticationSuccessHandler">
+ <beans:property name="targetUrlParameter" value="x-page-url" />
+ <beans:property name="defaultTargetUrl" value="/" />
+ </beans:bean>
+ </beans:property>
+ <beans:property name="rememberMeServices" ref="rememberMeServices" />
+ </beans:bean>
+
+ <beans:bean id="securityContextRepo"
+ class="org.opendaylight.controller.web.ControllerWebSecurityContextRepository" />
+
+ <beans:bean id="authenticationFailureHandler"
+ class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
+ <beans:property name="useForward" value="false" />
+ <beans:property name="defaultFailureUrl" value="/login" />
+ </beans:bean>
+
+ <beans:bean id="loginUrlAuthenticationEntryPoint"
+ class="org.opendaylight.controller.web.ControllerLoginUrlAuthEntryPoint">
+ <beans:property name="loginFormUrl" value="/login" />
+ </beans:bean>
+
+ <beans:bean id="authenticationProviderWrapper"
+ class="org.opendaylight.controller.web.AuthenticationProviderWrapper" />
<!-- logout related -->
-
+
<beans:bean id="logoutHandler"
class="org.opendaylight.controller.web.ControllerLogoutHandler" />
-
+
<beans:bean id="securityContextLogoutHandler"
- class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
-
-
+ class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
+
+
<beans:bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
<!-- if logout succeed then this is the URL -->
<beans:constructor-arg value="/login" />
</beans:list>
</beans:constructor-arg>
<beans:property name="filterProcessesUrl" value="/logout" />
- </beans:bean>
-
+ </beans:bean>
+
+
+ <!-- remember me related -->
+ <beans:bean id="rememberMeFilter"
+ class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
+ <beans:property name="rememberMeServices" ref="rememberMeServices" />
+ <beans:property name="authenticationManager" ref="authenticationManager" />
+ </beans:bean>
- <!-- remember me related -->
- <beans:bean id="rememberMeFilter"
- class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
- <beans:property name="rememberMeServices" ref="rememberMeServices" />
- <beans:property name="authenticationManager" ref="authenticationManager" />
- </beans:bean>
+ <beans:bean id="rememberMeServices"
+ class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
+ <beans:property name="userDetailsService" ref="userDetailsServiceRef" />
+ <beans:property name="key" value="SDN" />
+ <beans:property name="alwaysRemember" value="true"></beans:property>
+ <beans:property name="tokenValiditySeconds" value="3600" />
+ <beans:property name="cookieName" value="SDN-Controller" />
+ </beans:bean>
- <beans:bean id="rememberMeServices"
- class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
- <beans:property name="userDetailsService" ref="userDetailsServiceRef" />
- <beans:property name="key" value="SDN" />
- <beans:property name="alwaysRemember" value="true"></beans:property>
- <beans:property name="tokenValiditySeconds" value="3600" />
- <beans:property name="cookieName" value="SDN-Controller" />
- </beans:bean>
+ <beans:bean id="userDetailsServiceRef" class="org.opendaylight.controller.web.ControllerUserDetailsService" />
- <beans:bean id="userDetailsServiceRef" class="org.opendaylight.controller.web.ControllerUserDetailsService" />
+ <beans:bean id="rememberMeAuthenticationProvider"
+ class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
+ <beans:property name="key" value="SDN" />
+ </beans:bean>
- <beans:bean id="rememberMeAuthenticationProvider"
- class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
- <beans:property name="key" value="SDN" />
- </beans:bean>
-
</beans:beans>
Code Review / controller.git / blobdiff