Re:[cas-user] CAS + SpringSecurity Config

Fri, 15 May 2009 11:15:25 -0700 

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans";
    xmlns:sec="http://www.springframework.org/schema/security";
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
    xmlns:p="http://www.springframework.org/schema/p";    
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
                        http://www.springframework.org/schema/security 
http://www.springframework.org/schema/security/spring-security-2.0.1.xsd";>
                        

        <sec:http access-denied-page="/accessDenied.jsf" 
entry-point-ref="casProcessingFilterEntryPoint">
        <sec:intercept-url pattern="/index.jsf" filters="none" />
        <sec:intercept-url pattern="/menu.jsf" access="ROLE_USER" />
        <sec:intercept-url pattern="/w_area_admin/*" access="ROLE_ADMIN" />   
        <sec:anonymous />
        <sec:http-basic />
        <sec:logout logout-success-url="/index.jsf" />    
        </sec:http>        

    
    <!-- CAS --><!--
    <http entry-point-ref="casProcessingFilterEntryPoint">
        <intercept-url pattern="/menu.jsf" access="ROLE_USER" 
requires-channel="https"/>
        <logout logout-success-url="/cas-logout.jsp"/>
    </http>    
    
    -->
    <sec:authentication-manager alias="authenticationManager"/> 
    
    <!--CAS  -->
    
    <bean id="casProcessingFilterEntryPoint" 
class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">
        <property name="loginUrl" value="https://localhost:8443/cas/login"/>
        <property name="serviceProperties" ref="serviceProperties"/>
    </bean>                   
    
    <bean id="serviceProperties" 
class="org.springframework.security.ui.cas.ServiceProperties">
        <property name="service" 
value="https://localhost:8443/cas/j_spring_cas_security_check"/>
        <property name="sendRenew" value="false"/>
    </bean><!--    
    
        
        <bean id="casProcessingFilter" 
class="org.springframework.security.ui.cas.CasProcessingFilter">
          <sec:custom-filter after="CAS_PROCESSING_FILTER"/>
          <property name="authenticationManager" ref="authenticationManager"/>
          <property name="authenticationFailureUrl" value="/casfailed.jsp"/>
          <property name="defaultTargetUrl" value="/"/>
        </bean>

    -->      

   <bean id="casAuthenticationProvider" 
class="org.springframework.security.providers.cas.CasAuthenticationProvider">
        <sec:custom-authentication-provider />
        <property name="userDetailsService" ref="userService"/>
        <property name="serviceProperties" ref="serviceProperties" />
        <property name="ticketValidator">
            <bean 
class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
                <constructor-arg index="0" value="https://localhost:8443/cas"; />
                <property name="proxyGrantingTicketStorage" 
ref="proxyGrantingTicketStorage" />
                <property name="proxyCallbackUrl" 
value="https://localhost:8443/cas/secure/receptor"; />
            </bean>
        </property>
        <property name="key" value="an_id_for_this_auth_provider_only"/>
    </bean>     
        
    <bean id="casProcessingFilter" 
class="org.springframework.security.ui.cas.CasProcessingFilter">
        <sec:custom-filter after="CAS_PROCESSING_FILTER"/>
        <property name="authenticationManager" ref="authenticationManager"/><!--
        <property name="authenticationFailureHandler">
            <bean 
class="org.springframework.security.ui.SimpleUrlAuthenticationFailureHandler">
                <property name="defaultFailureUrl" value="/casfailed.jsp"/>
            </bean> 
        </property>
        <property name="authenticationSuccessHandler">
            <bean 
class="org.springframework.security.ui.SimpleUrlAuthenticationSuccessHandler">
                <property name="defaultTargetUrl" value="/"/>
            </bean>
        </property>-->
                <property name="authenticationFailureUrl" 
value="http://localhost:8081/spsec_cas/casfailed.jsf"/>
        <property name="defaultTargetUrl" value="/"/>
                <property name="proxyGrantingTicketStorage" 
ref="proxyGrantingTicketStorage" />
        <property name="proxyReceptorUrl" value="/secure/receptor" />
    </bean>     
        
        
        <bean id="proxyGrantingTicketStorage" 
class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
        
        <sec:authentication-provider user-service-ref="userService" />
        
        <bean id="userService" 
class="org.springframework.security.userdetails.jdbc.JdbcDaoImpl">
            <property name="dataSource" ref="seguridadDataSource" />
                <property name="enableGroups" value="true" />
                <property name="enableAuthorities" value="false" />
        </bean> 
   
        <bean id="securityDataSource" 
class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close"
                p:driverClassName="com.mysql.jdbc.Driver" 
p:url="jdbc:mysql://localhost:3306/security_schema?autoReconnect=true"
            p:username="root" p:password="1234"/>
            
</beans>    
-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to