+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:util="http://www.springframework.org/schema/util"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd">
-
-<!--
-
-Configuration du Bean de representation des utilisateurs / Roles
-
--->
-
-<bean id="userService" class="com.pentila.evalcomp.ldap.MyUserDetailsService">
-<property name="ldapDAO"><ref bean="ldapTarget" /></property>
-<property name="entityManager"><ref bean="entityManager" /></property>
-</bean>
-
-<!--
-
-Bean de configuration systeme de securité Spring
-
-* property 'service' : http://server:port/EvalComp/j_spring_cas_security_check
-
--->
-
-<bean id="serviceProperties" class="org.springframework.security.ui.cas.ServiceProperties">
- <property name="service"><value>http://tice-a85.univ-savoie.fr:8080/EvalComp/j_spring_cas_security_check</value></property>
- <property name="sendRenew"><value>false</value></property>
-</bean>
-
-<!--
-
-Provider d'authentifiation 1 (etablissement)
-
--->
-
-<bean id="casAuthenticationProvider1" class="org.springframework.security.providers.cas.CasAuthenticationProvider">
- <property name="userDetailsService"><ref bean="userService"/></property>
-
- <property name="serviceProperties" ref="serviceProperties" />
- <property name="ticketValidator">
- <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
-
- <!-- URL du serveur CAS 1 -->
-
- <constructor-arg index="0" value="https://tice-a85.univ-savoie.fr:8443/cas" />
- <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
-
- <!--
- * property 'proxyCallbackUrl' : https://server:port/EvalComp/receptor
- -->
-
- <property name="proxyCallbackUrl" value="https://tice-a85.univ-savoie.fr:8443/EvalComp/receptor" />
- </bean>
- </property>
-
- <property name="key"><value>my_password_for_this_auth_provider_only</value></property>
-</bean>
-
-<bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
-
-<!-- END 1 -->
-
-
-<!--
-
-Provider d'authentifiation 2 ( CAS EmaEval )
-
--->
-
-<bean id="casAuthenticationProvider2" class="org.springframework.security.providers.cas.CasAuthenticationProvider">
- <property name="userDetailsService"><ref bean="userService"/></property>
-
- <property name="serviceProperties" ref="serviceProperties" />
- <property name="ticketValidator">
- <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
-
- <!-- URL du serveur CAS 1 -->
-
- <constructor-arg index="0" value="https://tice-a85.univ-savoie.fr:8443/cas2" />
- <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
-
- <!--
- * property 'proxyCallbackUrl' : https://server:port/EvalComp/receptor
- -->
-
- <property name="proxyCallbackUrl" value="https://tice-a85.univ-savoie.fr:8443/EvalComp/receptor" />
- </bean>
- </property>
- <property name="key"><value>my_password_for_this_auth_provider_only</value></property>
-</bean>
-
-<!-- END 2 -->
-
-
- <!--
-
- ======================== FILTER CHAIN =======================
-
- -->
- <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
- <property name="filterInvocationDefinitionSource">
- <value>
- CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
- PATTERN_TYPE_APACHE_ANT
- /**=httpSessionContextIntegrationFilter,casProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
- </value>
- </property>
- </bean>
-
-
-<!-- Bean CasProcessingFilter -->
-
-<bean id="casProcessingFilter" class="org.springframework.security.ui.cas.CasProcessingFilter">
- <property name="authenticationManager"><ref bean="authenticationManager"/></property>
- <property name="authenticationFailureUrl"><value>/casfailed.jsp</value></property>
- <property name="defaultTargetUrl"><value>/</value></property>
- <property name="filterProcessesUrl"><value>/j_spring_cas_security_check</value></property>
-</bean>
-
- <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
- <property name="providers">
- <list>
-
- <!-- Ajout des Providers (dans l'ordre) -->
-
- <ref bean="casAuthenticationProvider1" />
- <ref bean="casAuthenticationProvider2"/>
-
- <ref local="anonymousAuthenticationProvider"/>
-
- </list>
- </property>
- </bean>
-
-<!-- Bean anonymousProcessingFilter -->
-
- <bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter">
- <property name="key"><value>foobar</value></property>
- <property name="userAttribute"><value>anonymousUser,ROLE_ANONYMOUS</value></property>
- </bean>
-
- <bean id="anonymousAuthenticationProvider" class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
- <property name="key"><value>foobar</value></property>
- </bean>
-
-
-<!-- Bean casProcessingFilterEntryPoint
-
-Point d'entrée du systeme d'authentification MultiCas
-
-* property 'loginUrl' : URL de la page de login pour le système MultiCas : http://server:port/EvalComp/login.jsp
-* property 'responseUrl' : URL de la page de reponse pour le système MultiCas : http://server:port/EvalComp/response.jsp
-* property 'loginUrls' : Urls des pages de login des differents serveurs CAS
-* property 'logoutUrls' : Urls des pages de logout des differents serveurs CAS
-* property 'loginFormUrl' : Url de la page de presentation des Serveurs CAS pour le système MultiCas
-
--->
-
-<bean id="casProcessingFilterEntryPoint" class="org.springframework.security.ui.cas.util.MultiCasProcessingFilterEntryPoint">
- <property name="loginUrl"><value>http://tice-a85.univ-savoie.fr:8080/EvalComp/login.jsp</value></property>
- <property name="responseUrl"><value>http://tice-a85.univ-savoie.fr:8080/EvalComp/response.jsp</value></property>
- <property name="loginUrls">
- <list>
- <value>https://tice-a85.univ-savoie.fr:8443/cas/login</value>
- <value>https://tice-a85.univ-savoie.fr:8443/cas2/login</value>
- </list>
- </property>
- <property name="logoutUrls">
- <list>
- <value>https://tice-a85.univ-savoie.fr:8443/cas/logout</value>
- <value>https://tice-a85.univ-savoie.fr:8443/cas2/logout</value>
- </list>
- </property>
- <property name="loginFormUrl"><value>http://tice-a85.univ-savoie.fr:8080/EvalComp/loginFormPage.jsp</value></property>
- <property name="serviceProperties"><ref bean="serviceProperties"/></property>
-
-</bean>
-
-
-<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
- <property name="authenticationEntryPoint"><ref bean="casProcessingFilterEntryPoint"/></property>
- </bean>
-
-
-<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>
-
-<bean id="runAsManager" class="org.springframework.security.runas.RunAsManagerImpl">
- <property name="key"><value>my_run_as_password</value></property>
- </bean>
-
- <bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"/>
-
- <bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
- <property name="allowIfAllAbstainDecisions"><value>false</value></property>
- <property name="decisionVoters">
- <list>
- <ref bean="roleVoter"/>
- <bean class="org.springframework.security.vote.AuthenticatedVoter"/>
- </list>
- </property>
- </bean>
-
-<!--
-
-Définition des règles de securité selon les roles
-
--->
-
-<bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
- <property name="authenticationManager"><ref bean="authenticationManager"/></property>
- <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
- <property name="runAsManager"><ref bean="runAsManager"/></property>
- <property name="objectDefinitionSource">
- <value>
- PATTERN_TYPE_APACHE_ANT
- /EvalCompInst.jsp=ROLE_MANAGER
- /EvalCompPeda.jsp=ROLE_PEDA
- /EvalCompTech.jsp=ROLE_TECH
- /EvalComp.jsp=ROLE_USER
- /Preferences.jsp=ROLE_USER
- /exportvalidation.jsp=ROLE_SCO
- /Ressource.jsp=ROLE_USER
- /hibernate4gwt/**=ROLE_USER
- /uploadWSFile/**=ROLE_USER
- /logout.jsp=ROLE_USER
- /response.jsp=ROLE_USER
- /loginFormPage.jsp=ROLE_ANONYMOUS
- /login.jsp=ROLE_ANONYMOUS
- /logoutMultiCas.jsp=ROLE_ANONYMOUS,ROLE_USER
- /**=ROLE_MANAGER
- </value>
- </property>
- </bean>
-
-
-
-</beans>