Documente Academic
Documente Profesional
Documente Cultură
>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.1.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.1.xsd">
<http use-expressions="true">
<headers>
<frame-options policy="SAMEORIGIN" />
</headers>
<csrf disabled="true" />
<intercept-url pattern="/projectboard"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/projectboard/*"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/dashboard"
access="hasAnyRole('ROLE_USER')" />
<!--
<intercept-url pattern="/crt/projectInfo"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/crt/projectInfo"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/projectlist"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/feature"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/submittedproposal"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/crt/tasks"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/NewMember/{teamtoken:.+}/{mailtoken:.+}"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/teamboard"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/crt/projectdetail"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/crt/taskdetail"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/crt/projectrole"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/dashboard"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/projectboard"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/messages"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/userdetail"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/proposal"
access="hasAnyRole('ROLE_MEMBER', 'ROLE_OWNER')" />
<intercept-url pattern="/other/**" access="isAuthenticated()" />
-->
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user1" password="12345" authorities="ROLE_USER"
/>
<user name="admin1" password="12345"
authorities="ROLE_USER, ROLE_ADMIN" />
</user-service>
</authentication-provider>
<authentication-provider>
<password-encoder ref="encoder" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select username,password,enabled
from user where username=?"
authorities-by-username-query="Select username,
'ROLE_MEMBER' user_role from user u
inner
join member m where u.user_id = m.user_id and u.username =?" />
</authentication-provider>
<authentication-provider>
<password-encoder ref="encoder" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select username,password,enabled
from user where username=?"
authorities-by-username-query="Select username, 'ROLE_USER'
user_role from user_roles u
where
u.username =?" />
</authentication-provider>
</authentication-manager>
<beans:bean id="encoder"
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
<beans:constructor-arg name="strength" value="10" />
</beans:bean>
</beans:beans>