|
|
@ -10,11 +10,32 @@ |
|
|
|
|
|
|
|
|
|
|
|
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true"/> |
|
|
|
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true"/> |
|
|
|
|
|
|
|
|
|
|
|
<security:http use-expressions="true"> |
|
|
|
<security:http use-expressions="true" auto-config="true"> |
|
|
|
<!-- <security:intercept-url pattern="/oauth/user/**" access="hasRole('ROLE_USER')"/> --> |
|
|
|
<!-- <security:intercept-url pattern="/oauth/user/**" access="hasRole('ROLE_USER')"/> --> |
|
|
|
<security:openid-login login-page="/j_spring_openid_security_check?openid_identifier=OPENID_IDENTIFIER" /> |
|
|
|
<security:intercept-url pattern="/*" access="permitAll"/> |
|
|
|
|
|
|
|
|
|
|
|
</security:http> |
|
|
|
</security:http> |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<!-- Authorization Code Service, used by TokenGranter --> |
|
|
|
|
|
|
|
<bean id="jdbcAuthCodeServices" class="org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices"> |
|
|
|
|
|
|
|
<constructor-arg> |
|
|
|
|
|
|
|
<bean class="org.apache.commons.dbcp.BasicDataSource"/> |
|
|
|
|
|
|
|
</constructor-arg> |
|
|
|
|
|
|
|
</bean> |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<bean id="clientCredentialsChecker" class="org.springframework.security.oauth2.provider.ClientCredentialsChecker"> |
|
|
|
|
|
|
|
<constructor-arg> |
|
|
|
|
|
|
|
<bean class="org.mitre.oauth2.service.impl.DefaultOAuth2ClientDetailsEntityService"/> |
|
|
|
|
|
|
|
</constructor-arg> |
|
|
|
|
|
|
|
</bean> |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<!-- SECOAUTH Authorization Server, with our custom token granter plugged in --> |
|
|
|
|
|
|
|
<oauth2:authorization-server client-details-service-ref="defaultOAuth2ClientDetailsEntityService" |
|
|
|
|
|
|
|
token-services-ref="defaultOAuth2ProviderTokenService" token-granter-ref="connectAuthCodeTokenGranter" |
|
|
|
|
|
|
|
authorization-endpoint-url="/openidconnect/auth*"> |
|
|
|
|
|
|
|
<oauth2:authorization-code /> |
|
|
|
|
|
|
|
</oauth2:authorization-server> |
|
|
|
|
|
|
|
|
|
|
|
<security:authentication-manager> |
|
|
|
<security:authentication-manager> |
|
|
|
<security:authentication-provider> |
|
|
|
<security:authentication-provider> |
|
|
|
<security:user-service id="userDetailsService"> |
|
|
|
<security:user-service id="userDetailsService"> |
|
|
|