moonorongo
1/29/2015 - 5:09 PM

Spring security

Spring security

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
 

<!-- configuramos los permisos para los distintos ruteos 
     y login y logout page
-->     	 
    <http auto-config="true" use-expressions="true">
        <intercept-url pattern="/*" access="isAuthenticated()" />
        <intercept-url pattern="/login*" access="permitAll" />
        <form-login login-page="/" 
            default-target-url="/login?method=redirectHandler" authentication-failure-url="/" /> 
        <logout logout-success-url="/jsp/logout.jsp" />        
    </http>

<!-- definimos que la autenticacion sea a traves de DB 
con dos querys, una retorna el usuario y la otra los permisos
-->
    <authentication-manager alias="authenticationManager">
        <authentication-provider>
            <jdbc-user-service data-source-ref="dataSource"
               users-by-username-query="select REPLACE(NRODOC,'.','') as username,CLAVE as password, 1 AS enabled from ALUMNOS where REPLACE(NRODOC,'.','') = ?" 
               authorities-by-username-query="SELECT REPLACE(NRODOC,'.','') as username, 'ROLE_USER' as authority FROM ALUMNOS WHERE REPLACE(NRODOC,'.','') = ?"
            />    	
        </authentication-provider>
    </authentication-manager>

</beans:beans>