36 lines
1.7 KiB
XML
36 lines
1.7 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xmlns:beans="http://www.springframework.org/schema/beans"
|
|
xsi:schemaLocation="
|
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
|
|
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
|
|
|
|
<http access-denied-page="/access-denied.html" use-expressions="true">
|
|
<intercept-url pattern="/access-denied*" access="hasAnyRole('ROLE_LOCATION_WRITE','ROLE_POLYGON_WRITE')" />
|
|
<intercept-url pattern="/admin/**" access="hasAnyRole('ROLE_ADMIN')" />
|
|
<intercept-url pattern="/organization/**" access="hasAnyRole('ROLE_ORGANIZATION')" />
|
|
<intercept-url pattern="/location/edit*" access="hasAnyRole('ROLE_LOCATION_WRITE')" />
|
|
<intercept-url pattern="/location/view*" access="permitAll" />
|
|
|
|
<intercept-url pattern="/login*" access="isAnonymous()" />
|
|
<intercept-url pattern="/register*" access="isAnonymous()" />
|
|
<intercept-url pattern="/login-denied/**" access="isAnonymous()" />
|
|
|
|
<intercept-url pattern="/**" access="permitAll" />
|
|
|
|
<form-login login-page='/login.html' default-target-url="/" always-use-default-target="false" authentication-failure-url="/login.html?error=true" />
|
|
|
|
<logout />
|
|
|
|
<anonymous />
|
|
|
|
<session-management invalid-session-url="/">
|
|
<concurrency-control max-sessions="1" />
|
|
</session-management>
|
|
</http>
|
|
|
|
<authentication-manager alias="authenticationManager" erase-credentials="false">
|
|
<authentication-provider ref="restAuthenticationProvider" />
|
|
</authentication-manager>
|
|
|
|
</beans:beans> |