--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:sec="http://www.springframework.org/schema/security"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
+
+
+<bean id="placeholderConfig4"
+ class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
+ <property name="locations">
+ <list>
+ <value>WEB-INF/cas.properties</value>
+ <value>WEB-INF/context-ldap.properties</value>
+ </list>
+ </property>
+ <property name="ignoreUnresolvablePlaceholders" value="true"/>
+ </bean>
+
+<sec:http entry-point-ref="casProcessingFilterEntryPoint">
+ <!--<sec:intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR" requires-channel="https"/>-->
+ <sec:intercept-url pattern="/repository/**" access="ROLE_MEMBER" />
+ <sec:logout logout-success-url="/cas-logout.jsp"/>
+ <sec:custom-filter ref="casProcessingFilter" after="CAS_FILTER"/>
+ </sec:http>
+
+ <sec:authentication-manager alias="authenticationManager">
+ <sec:authentication-provider ref="casAuthenticationProvider" />
+ </sec:authentication-manager>
+
+ <bean id="casProcessingFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
+ <property name="authenticationManager" ref="authenticationManager"/>
+
+ <!--<property name="authenticationFailureUrl" value="/casfailed.jsp"/>
+ <property name="defaultTargetUrl" value="/"/>
+ --><!--<property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
+ <property name="proxyReceptorUrl" value="/${WEBAPP_CONTAINER}/receptor" />
+-->
+ </bean>
+
+ <bean id="casProcessingFilterEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
+ <property name="loginUrl" value="https://${CAS_HOST}/cas/login"/>
+ <property name="serviceProperties" ref="serviceProperties"/>
+
+ </bean>
+
+ <bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
+ <property name="userDetailsService" ref="userService"/>
+ <property name="serviceProperties" ref="serviceProperties" />
+ <property name="ticketValidator">
+ <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
+ <constructor-arg index="0" value="https://${CAS_HOST}/cas" />
+ <!--<property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
+ <property name="proxyCallbackUrl" value="https://${SERVICE_HOST}/${WEBAPP_CONTAINER}/receptor" /> -->
+
+</bean>
+ </property>
+
+ <property name="key" value="an_id_for_this_auth_provider_only"/>
+ </bean>
+
+ <bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
+
+ <bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
+ <property name="service" value="https://${SERVICE_HOST}/${WEBAPP_CONTAINER}/j_spring_cas_security_check"/>
+ <property name="sendRenew" value="false"/>
+ </bean>
+
+
+
+<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource" >
+ <description>ContextSource of the LDAP server and common connexion.</description>
+ <property name="urls" value="${urls}" />
+ <property name="userDn" value="${rootDN}" />
+ <property name="password" value="${password}" />
+ <property name="base" value="${base}" />
+ <property name="dirObjectFactory" value="org.springframework.ldap.core.support.DefaultDirObjectFactory" />
+ </bean>
+
+ <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
+ <description>LDAPTemplate spring bean.</description>
+ <constructor-arg ref="contextSource" />
+ </bean>
+
+
+
+<bean id="ldapDAO" class="com.pentila.jackrabbit.auth.LdapDAO">
+<property name="ldapTemplate"><ref local="ldapTemplate" /></property>
+<property name="attrLogin" value="${attrLogin}" />
+<property name="attrId" value="${attrId}" />
+<property name="branchPeople" value="${userbase}" />
+<property name="additionalFilter" value="${additionalFilter}"/>
+</bean>
+
+
+<bean id="userService" class="com.pentila.jackrabbit.auth.CasAuth">
+<constructor-arg index="0" value="ROLE_MEMBER" />
+
+<property name="ldapDAO"><ref local="ldapDAO" /></property>
+
+</bean>
+
+<!--
+ <sec:ldap-server id="ok_ldap" url="ldap://193.48.120.93:389/" manager-dn="cn=Manager,dc=portfolio,dc=org" manager-password="superuser" />
+
+ <sec:ldap-user-service id="userService" server-ref="ok_ldap"
+ user-search-filter="uid={0}"
+ user-search-base="ou=people, dc=portfolio, dc=org"
+ group-search-filter="uniquemember={0}"
+ group-search-base="ou=groupes, dc=portfolio, dc=org"
+ role-prefix="ROLE_" />
+-->
+
+<!--
+<sec:user-service id="userService">
+<sec:user name="stagiaire1" password="vlad" authorities="system" />
+</sec:user-service>
+-->
+
+
+</beans>
+